Information Security Policy

Reliable. Compliant. Resilient.

January 2025

This policy applies to all companies of the BARBE Group of Companies, including:

  • Hans W. Barbe Chemische Erzeugnisse GmbH
  • Barbe (Thailand) Ltd.
  • Barbe America, Inc.

We, the BARBE Group of Companies, are providers of integrated process solutions for the surface coating of polymers. We offer our customers surface-active process aids and automation equipment for their processing. The chemical products we offer are produced in our plants in Germany, the USA, and Thailand.

As a signatory of the UN Global Compact, we are firmly committed to its ten principles, which include the protection of human rights, compli-ance with labor standards, environmental pro-tection, and the fight against corruption. We acknowledge and accept our responsibility to society and the environment.

In this context, we consider information security to be a fundamental basis of our responsibility and business success. The protection of sensitive information, the assurance of our data integrity, and the availability of our systems are central elements of our corporate policy. This information security policy defines the necessary measures and principles to safeguard our values and fulfill our commitments to customers, partners, and employees.

Certification according to ISO/IEC 27001 is being pursued.

Objectives

Our information security objectives are:

  • Protection of Confidentiality
    Ensuring that sensitive information is accessible only to authorized personnel.
  • Guarantee of Integrity
    Preventing unauthorized alterations or deletions of data.
  • Ensuring Availability
    Providing information and systems as needed.
  • Regulatory Compliance
    Adhering to legal and regulatory requirements, including the General Data Protection Regulation (GDPR).

Responsibility and Organization

The management is responsible for defining and monitoring information security.

An Information Security Management System (ISMS) will be established to systematically and structurally plan, implement, monitor, and continuously improve information security at BARBE.

An Information Security Officer (ISO) will be trained and appointed to oversee the implementation and compliance with the security policies.

All employees are obligated to adhere to the guidelines of the information security policy.

Information Security Measures

Our measures to achieve information security are designed to proactively minimize risks and detect threats at an early stage.

  • Training
    Regular awareness training sessions for employees.
  • Access Control
    Implementation of mechanisms to ensure that only authorized individuals can access data.
  • Encryption
    Protection of sensitive information through encryption.
  • Emergency Management
    Development and regular review of a contingency plan for IT outages and data loss.
  • Monitoring and Auditing
    Regular system monitoring and conducting internal and external audits.

Violations of Information Security

It is of utmost importance that all employees strictly adhere to the established security guidelines to sustainably protect the integrity and security of our information. Violations of the information security policy are consistently investigated and may result in disciplinary actions – up to and including termination of employment or legal action.

Validity and Review

This information security policy takes effect immediately and will be reviewed at least once a year and updated if necessary.

This environmental policy was originally written in German and has been translated into English.