Quality Policy

INTEGRATED QUALITY & INFORMATION SECURITY POLICY

Madrid, 7 July 2025, version 1.2

Optima PLC Tracking Tools S.L. (“Optima”) has implemented an Integrated Quality and Information Security Management System based on ISO 9001:2015 and ISO 27001:2022 standards.

OPTIMA’s Management focuses its Integrated Quality and Information Security System on the quality of its products and services, customer satisfaction, and information security. The objectives are to provide quality products and services, preserve the confidentiality, integrity, and availability of information, protect information from threats, minimise damages, and thereby maximise investments, business, and continuous improvement.

OPTIMA’s Quality and Information Security Management System is based on the following principles:

• Quality and information security, and their improvement, are the responsibility of everyone in the company.
• Excellence in quality and information security is achieved by planning, executing, reviewing, and improving the Management System to prevent possible errors.
• Objectives are established and periodically reviewed, together with the commitments assumed in this policy.
• Quality is oriented towards customer satisfaction through the commitment of the entire organisation to meet their needs and requirements, as well as legal, regulatory, and product requirements.
• We are committed to the continuous improvement of both production processes and the effectiveness of the Quality and Information Security Management System to prevent errors.
• OPTIMA is committed to periodically approving and re-evaluating our suppliers, under criteria of certification/accreditation, probation, strategic importance, exclusivity, and history.
• The organisation’s risks are identified, and a preventive system is established.
• Technological evolution and new technologies are considered for improvement.
• The entire organisation is informed of the Policy for knowledge and understanding.
• Personal data and individual privacy are protected.
• The organisation’s records are maintained.
• Intellectual property rights are protected.
• Security responsibilities are assigned.
• Training and qualification in quality and information security are provided.
• Security incidents are recorded.
• Business continuity is managed.
• Changes that may occur in the company, both in quality and security aspects, are managed.

The Management of OPTIMA, through this Quality and Information Security Management System, makes the following commitments:

• Develop products and services in accordance with legal requirements.
• Establish and comply with contractual requirements with interested parties.
• Define training requirements in quality and security, and provide the necessary training in this area to interested parties.
• Prevent and detect viruses and other malicious software by developing specific policies and establishing contractual agreements with specialised organisations.
• Manage business continuity by developing business continuity plans.
• Establish the consequences of security policy violations, which will be reflected in contracts signed with stakeholders, suppliers, and subcontractors.
• Always act with the highest professional ethics.
• This Policy serves as the reference for the continuous improvement of the Integrated Quality and Information Security Management System, as well as for establishing and reviewing the objectives of the Management System, and is communicated to the entire company.