Policy Statements

Introduction

Malagris is committed to achieving excellence in quality, environmental sustainability,
and health and safety. We recognize our responsibility to our employees, clients, the
community, and the environment. Our goal is to ensure all construction activities are
carried out in a manner that meets or exceeds applicable legal and regulatory
requirements in Sweden, industry standards, and stakeholder expectations.

Quality Policy

We are dedicated to delivering high-quality construction projects that meet client
specifications and standards. Our quality objectives include:
• Ensuring all projects are completed on time, within budget, and to the highest
standards of quality.
• Continuously improving our processes, services, and performance through
regular reviews and feedback.
• Providing ongoing training and development for our employees to enhance their
skills and knowledge.
• Implementing a robust quality management system (QMS) in accordance with
ISO 9001 standards.

Environmental Policy

Malagris is committed to minimizing the environmental impact of our construction
activities. Our environmental objectives include:
• Complying with all relevant environmental legislation and regulations in Sweden.
• Reducing waste generation and promoting recycling and reuse of materials.
• Conserving natural resources by using sustainable materials and energy-efficient
practices.
• Preventing pollution and minimizing emissions to air, water, and soil.
• Implementing an environmental management system (EMS) in accordance with
ISO 14001 standards.

Health and Safety Policy

The health and safety of our employees, subcontractors, clients, and the public are of
paramount importance. Our health and safety objectives include:
• Complying with Swedish health and safety regulations and industry best
practices.
• Identifying, assessing, and managing risks associated with our construction
activities.
• Providing a safe and healthy working environment through effective risk
management and hazard control.
• Ensuring all employees receive appropriate health and safety training and are
aware of their responsibilities.
• Promoting a culture of safety where all employees are encouraged to report
hazards and participate in safety initiatives.
• Implementing an occupational health and safety management system (OHSMS)
in accordance with ISO 45001 standards.

Responsibilities

• Management: Ensure the QEHS policy is communicated, understood, and
implemented at all levels of the organization. Provide necessary resources and
support for the effective implementation of the QEHS management systems.
• Employees: Adhere to the QEHS policy and procedures, participate in training,
and contribute to a safe, healthy, and environmentally responsible workplace.
• Subcontractors and Suppliers: Comply with our QEHS standards and
requirements, and ensure their activities align with our policy.
Monitoring and Review
Malagris will regularly monitor and review our QEHS performance to ensure continuous
improvement. This includes:
• Conducting internal audits and inspections.
• Reviewing incidents, near misses, and non-conformities to identify root causes
and implement corrective actions.
• Setting and reviewing QEHS objectives and targets.
• Engaging with stakeholders to obtain feedback and improve our QEHS practices.
Commitment
Malagris is committed to the ongoing improvement of our QEHS performance. We
believe that by integrating quality, environmental, and health and safety considerations
into all aspects of our operations, we can achieve sustainable success and create value
for our stakeholders.

Information Security Policy

At Malagris, we recognize the critical importance of protecting information assets,
including data, systems, and networks, to maintain the trust of our clients, employees,
and partners. This Information Security Policy outlines our commitment to safeguarding
these assets against unauthorized access, disclosure, alteration, and destruction. All
employees, contractors, and partners must adhere to this policy to ensure the security
and integrity of our information resources.
1. Scope
This policy applies to all employees, contractors, and partners of Malagris who have
access to company information and systems. It covers all information assets, including
physical and digital data, hardware, software, and network resources.
2. Information Security Objectives
• Confidentiality: Ensure that sensitive information is accessible only to those authorized
to access it.
• Integrity: Protect information from unauthorized modification to ensure its accuracy and
reliability.
• Availability: Ensure that information and critical services are available to authorized
users when needed.
3. Roles and Responsibilities
• Management: Provide leadership and resources for the implementation and
enforcement of this policy. Ensure compliance with applicable laws and regulations.
• Information Security Officer (ISO): Develop, implement, and maintain the information
security program. Conduct regular risk assessments and audits.
• Employees and Contractors: Comply with the information security policies and
procedures. Report any security incidents or vulnerabilities to the ISO.
4. Access Control
• Authorization: Grant access to information and systems based on the principle of least
privilege, ensuring users only have access necessary for their job functions.
• Authentication: Use strong authentication methods, including passwords, biometrics,
and multi-factor authentication, to verify user identities.
• User Management: Regularly review and update user access rights. Immediately revoke
access for terminated employees or contractors.
5. Data Protection
• Data Classification: Classify data according to its sensitivity and apply appropriate
security controls.
• Encryption: Use encryption to protect sensitive data both in transit and at rest.
• Data Handling: Establish procedures for the secure handling, storage, transmission, and
disposal of sensitive information.
6. Network Security
• Firewalls and Intrusion Detection: Implement firewalls and intrusion
detection/prevention systems to protect against unauthorized access and cyber threats.
• Network Segmentation: Segment networks to limit the impact of potential security
breaches and restrict access to sensitive systems.
• Remote Access: Secure remote access through virtual private networks (VPNs) and
enforce strict access controls for remote users.
7. Physical Security
• Secure Facilities: Ensure physical security of facilities housing critical information
assets. Use access controls, surveillance, and security personnel to protect against
unauthorized access.
• Equipment Security: Secure computers, servers, and other hardware to prevent theft,
tampering, and unauthorized access.
8. Incident Response
• Incident Reporting: Establish a clear process for reporting security incidents. Encourage
prompt reporting and ensure protection against retaliation.
• Incident Management: Develop and maintain an incident response plan. Conduct regular
drills and reviews to ensure readiness.
• Investigation and Recovery: Investigate security incidents promptly and take corrective
actions to prevent recurrence. Recover affected systems and data to restore normal
operations.
9. Training and Awareness
• Employee Training: Provide regular training on information security policies, procedures,
and best practices. Ensure employees understand their responsibilities and the
importance of information security.
• Awareness Programs: Conduct ongoing awareness programs to keep information
security top of mind for all employees and contractors.
10. Compliance and Monitoring
• Regulatory Compliance: Comply with all applicable information security laws and
regulations in Sweden, including the General Data Protection Regulation (GDPR) and
other relevant standards.
• Audits and Assessments: Conduct regular security audits and risk assessments to
identify vulnerabilities and ensure compliance with this policy.
• Continuous Improvement: Regularly review and update the information security policy
and procedures to address evolving threats and changing business needs.

Acknowledgment

All employees, contractors, and partners are required to read, understand, and comply
with this Information Security Policy. By doing so, we uphold the values and principles
that protect our information assets and ensure our long-term success and reputation.

Social Policy

At Malagris, we are committed to conducting our business in a socially responsible
manner. This Social Policy outlines our dedication to ethical practices, respect for
human rights, community engagement, and environmental stewardship. All employees,
contractors, and partners must adhere to this policy to foster a positive impact on
society and the environment while performing construction work in Sweden.
1. Human Rights and Labor Practices
• Respect for Human Rights: Uphold and respect the human rights of all individuals as
outlined in the Universal Declaration of Human Rights. Ensure that all operations are free
from human rights abuses.
• Fair Labor Practices: Adhere to fair labor practices, including fair wages, reasonable
working hours, and the prohibition of forced labor, child labor, and discrimination.
• Non-Discrimination: Promote a diverse and inclusive workplace. Ensure equal
opportunity and prohibit discrimination based on race, gender, age, religion, disability,
sexual orientation, or any other protected characteristic.
2. Health and Safety
• Workplace Safety: Provide a safe and healthy working environment for all employees
and contractors. Comply with all relevant health and safety regulations and standards.
• Training and Resources: Offer ongoing health and safety training and provide necessary
resources to prevent workplace accidents and injuries.
• Incident Reporting: Encourage prompt reporting of health and safety incidents.
Investigate and address any issues to prevent recurrence.
3. Community Engagement and Development
• Local Communities: Respect the rights and interests of local communities affected by
our operations. Engage with community members to address their concerns and
incorporate their feedback into our project planning and execution.
• Community Support: Contribute to the social and economic development of the
communities in which we operate. Support local initiatives, such as education,
healthcare, and infrastructure development.
• Employment Opportunities: Promote local hiring and provide job opportunities to
community members wherever possible.
4. Environmental Stewardship
• Sustainable Practices: Commit to sustainable construction practices that minimize
environmental impact. Use resources efficiently and responsibly.
• Pollution Prevention: Take proactive measures to prevent pollution and manage waste
responsibly. Recycle and reuse materials whenever feasible.
• Regulatory Compliance: Comply with all environmental laws and regulations in Sweden.
Monitor and report environmental performance.
5. Ethical Business Conduct
• Integrity and Transparency: Conduct all business activities with integrity and
transparency. Ensure that all transactions are honest and fair.
• Anti-Corruption: Maintain a zero-tolerance policy towards bribery and corruption.
Comply with all anti-corruption laws and regulations.
• Conflict of Interest: Avoid situations where personal interests could conflict with the
interests of the company. Disclose any potential conflicts of interest.
6. Stakeholder Engagement
• Open Communication: Foster open and transparent communication with all
stakeholders, including employees, clients, suppliers, and community members.
• Feedback Mechanisms: Implement mechanisms for stakeholders to provide feedback
and raise concerns. Address feedback and concerns promptly and constructively.
7. Training and Awareness
• Employee Training: Provide regular training on social responsibility, ethical conduct, and
community engagement. Ensure employees understand their responsibilities and the
importance of social sustainability.
• Awareness Programs: Conduct ongoing awareness programs to promote a culture of
social responsibility within the company.
8. Monitoring and Reporting
• Performance Monitoring: Regularly monitor and evaluate our social performance
against established objectives and targets. Use this information to drive continuous
improvement.
• Reporting: Provide regular reports on our social responsibility initiatives and
performance to stakeholders. Ensure transparency in reporting practices.

Acknowledgment

All employees, contractors, and partners are required to read, understand, and comply
with this Social Policy. By doing so, we uphold the values and principles that contribute
to the well-being of society and the environment, ensuring our long-term success and
positive reputation.

Selection	Description
	Functionality (necessary) cookies These cookies are essential to the functioning of the website and they cannot be disabled. They do not store any personally identifiable information and are deleted once you leave the website.
	Performance Cookies These cookies are used to measure the use of the website and traffic sources in order to gain information required to improve the functioning of the website. These cookies help us to determine which pages are the most popular and to learn about the users’ browsing habits. To this end we use the Google Analytics statistical engine. We do not disclose any information we have collected. All information gathered is completely anonymous and cannot identify you personally.
	Marketing cookies These third-party cookies are used to display ads personalized to your needs. We use cookies that help us to collect information on your web surfing behaviour and allow us to learn about your interests so that we could display only those ads that are relevant to you. Leave this box unchecked if you do not want us to show you any advertising.