Information Security Politics
The management of Graia AI Kft. is committed to providing its services using state-of-the-art technologies, at a high standard, securely and continuously. The protection of IT resources, which are extremely important for the company name and the operations of its customers, and the data processed and stored by them is in the fundamental interest and duty of all employees and contracted partners. Our goal is to ensure the confidentiality, integrity, and availability of data, information, and information processing by developing control processes, integrating them into business processes, and regularly reviewing these controls.
The tasks related to the design, implementation, operation, and control of the information and communication, IT, and information systems operated by Graia AI Kft. must be performed in such a way that the protection of the systems complies with legal requirements and the cost of protection is proportionate to the potential damage.
To this end:
- We have designed, implemented and continuously develop our Information Security Management System in accordance with the requirements of the MSZ ISO/IEC 27001:2023 standard.
- We ensure that the probability of information security incidents and disruptions and the damage they cause are minimized, and we investigate incidents in a documented manner.
- We ensure that users are aware of information security threats and have the knowledge necessary to consciously comply with the organization's security policy.
- We protect information and information processing equipment from unauthorized access, modification, and theft.
- We ensure the accurate and secure operation of information processing equipment by complying with and enforcing documented operating procedures and by planning and controlling changes.
- Due to the nature of the Organization's operations, we pay special attention to the handling and storage of personal data to ensure compliance with EU General Data Protection Regulation 2016/679 and the relevant Hungarian legal requirements.
- We purchase new information systems and develop existing systems with full consideration of information security aspects.
- We set information security objectives at regular intervals with the aim of maintaining and improving the quality of the IBIR system.
Budapest, January 6, 2026. | Viktor Gajódi | Managing Director

.png)