Legal Policy links:

Privacy Policy: Details how the company collects, uses, and protects personal information obtained from users or customers. It outlines data processing practices, user rights, and contact information for privacy-related inquiries.

Information Security Policy: Establishes guidelines for protecting the confidentiality, integrity, and availability of sensitive information and IT systems. It outlines security controls, access management procedures, and incident response protocols to mitigate cybersecurity risks.

IT Security Policy: Defines the organization’s approach to IT security, including measures to protect against unauthorized access, data breaches, and cyber threats. It outlines security controls, risk management practices, and employee responsibilities for safeguarding information assets.

Data Privacy Policy: Outlines procedures and safeguards for protecting the privacy and confidentiality of sensitive data collected, processed, or stored by the organization. It includes data handling practices, consent mechanisms, and rights of data subjects.

Data Breach Response Plan: Outlines the steps to be taken in the event of a data breach or security incident. It includes procedures for identifying, containing, and mitigating the impact of the breach, as well as notification requirements for affected individuals and regulatory authorities.

Incident Response Policy: Outlines procedures for responding to security incidents, such as malware infections, unauthorized access attempts, or system vulnerabilities. It includes protocols for incident reporting, assessment, containment, and resolution.

Disaster Recovery and Business Continuity Plan: Outlines procedures for restoring IT systems and operations in the event of a disaster or disruption. It includes strategies for data backup and recovery, alternative work arrangements, and resumption of critical business functions.

Documents’ Retention/Storage and Deletion Policy: Establishes guidelines for the retention, storage, and deletion of company documents and records. It outlines procedures for managing document lifecycle, storage locations, and disposal methods to ensure compliance with legal and regulatory requirements.

Acceptable Use Policy (AUP): This policy outlines the acceptable use of company IT resources, including computers, networks, and internet access. It defines acceptable and prohibited activities, as well as the consequences of policy violations.

Vendor Management Policy: Establishes guidelines for evaluating, selecting, and managing third-party vendors and service providers. It outlines criteria for vendor assessment, contractual requirements, and ongoing monitoring to ensure compliance with security and privacy standards.

Software Licensing and Compliance Policy: Establishes guidelines for acquiring, managing, and using software licenses to ensure compliance with copyright laws and licensing agreements. It outlines procedures for software procurement, deployment, and license tracking.

Remote Work Policy: Defines the guidelines and requirements for employees working remotely, including remote access to company resources, security measures for remote devices, and expectations for productivity and communication.

Training and Awareness Programs: Provide employees with training on IT security best practices, data protection policies, and compliance requirements. They raise awareness about cybersecurity risks and empower employees to recognize and respond to potential threats effectively.

Employee Code of Conduct: Outlines the ethical standards and expected behaviour of employees, including their responsibilities regarding data protection, confidentiality, and professional conduct. It emphasizes compliance with company policies and legal obligations.


Anti-Corruption Policy: Our Anti-Corruption Policy is designed to uphold the highest standards of integrity and ethical behaviour in all business activities conducted by Balanita. We are committed to preventing bribery, corruption, and unethical practices in our operations and interactions with external parties.