Information Security Policy

Last updated: Oct 6, 2025

1. Purpose

The purpose of this policy is to describe how Fusebox OÜ protects the information entrusted to us. It sets out our commitment to keeping data secure and managing information security risks in a systematic way.

Fusebox operates an Information Security Management System (ISMS) in accordance with the ISO/IEC 27001:2022 standard. Our ISMS supports our business objectives, legal obligations, and the trust of our customers, partners, and employees.

2. Scope

This policy applies to all information processed or stored by Fusebox, including:

data related to our Virtual Power Plant (VPP) and Energy Management System (EMS) platforms;
personal data of clients, partners, and employees; and
internal business information and systems used to manage and deliver our services.

It covers Fusebox employees, contractors, and third-party partners, regardless of their location or working arrangement.