“Sveikuva”, Ltd (hereinafter - Sveikuva) – is a company operating since 2003, which specializes in regulatory, pharmacovigilance and translation services for medicines, medical devices, food supplements and cosmetics from the early stages of the product life cycle, technical, pharmaceutical, and medical documents to global coordination of regulatory projects.

It is important to protect the data and intellectual property of Sveikuva's employees and customers, therefore Sveikuva's management decided to implement an information security management system (ISMS) in accordance with ISO/IEC 27001:2022. ISMS is designed to protect information from loss, unauthorized disclosure or alteration, and other unauthorized actions. ISMS applies to all employees of the company, legal entities who are granted access to Sveikuva data on the basis of contractual relationships.

Protect information from loss, unauthorized disclosure or alteration, and other illegal actions by ensuring accessibility, confidentiality, and availability. Ensure effective management of information security risks to an acceptable level by implementing risk management measures. Minimize damage to Sveikuva in the event of an incident or avoiding it.

• Establish general information security management objectives.
• Comply with information security obligations established in the legal acts of the European Union, the Republic of Lithuania, the General Data Protection Regulation and contracts with clients and employees.
• Identify ISMS improvement tasks, select measures, plan their implementation.
• Ensure necessary resources for ISMS.
• Create conditions for Sveikuva employees to improve their knowledge of information security.

We obliged Sveikuva employees to familiarize themselves with the requirements set out in the ISMS policy and procedures and to comply with them. We use following information security measures (including but not limited to):

• Supplier management
• Acceptable use of information tools
• Malware management
• Business continuity
• Electronic communication
• Computer network security
• Secure transmission of information
• Employee training
• Vulnerability management
• Management of mobile devices
• Remote work procedure

We obliged Sveikuva's suppliers and subcontractors to comply with the information security requirements established by ISMS, by issuing instructions, signing data management agreements, confidentiality agreements, and conducting inspections. We are constantly improving the ISMS by conducting internal audits, identifying nonconformities, and implementing corrective actions, looking for ways to improve. If you want to directly contact the person responsible for data security, for example, if you have questions, to report a vulnerability or other issues, please write to info@sveikuva.lt. If you have questions about the security of personal data, please familiarize yourself with the Privacy Policy at: https://evigrow.com/privacy-policy

This information security policy has been approved and entered into force on 2025-12-12. We publish the information security policy publicly to interested parties. We review the policy regularly, at least once every 1 year.