Cybersecurity Risk Management and Strategy Disclosure |
12 Months Ended | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Dec. 31, 2025 | |||||||||||||||||||||||||||||||
| Cybersecurity Risk Management, Strategy, and Governance [Line Items] | |||||||||||||||||||||||||||||||
| Cybersecurity Risk Management Processes for Assessing, Identifying, and Managing Threats [Text Block] | Risk Management and Strategy We maintain a comprehensive process for assessing, identifying and managing material risks from cybersecurity threats, including risks relating to disruption of business operations or financial reporting systems, intellectual property theft, fraud, extortion, harm to employees or customers, violation of privacy laws and other litigation and legal risks, and reputational risks, as part of our overall risk management processes. As of the date of this Annual Report, our cybersecurity risk management processes include the following:
Additionally, in connection with our cybersecurity risk management processes, we:
Our business strategy, results of operations and financial condition have not been materially affected, including as a result of previous cybersecurity incidents, but we cannot guarantee that they will not be materially affected in the future by any major incident. On October 18, 2024, we detected a cybersecurity breach in our systems. Our investigation determined that ransomware had encrypted some of our files and systems, and that certain information had been exfiltrated. In response, we promptly implemented additional security and contingency protocols, restored our systems using backups, adopted mitigation measures, and notified the relevant authorities. The information identified as compromised related to certain of our business customers, suppliers, and employees. Following a thorough investigation into the specifics of the breach we have taken measures to mitigate any potential impact and prevent future incidents. This incident has not had any material adverse effects on our operations, results or financial condition. However, we are currently strengthening our security response protocols, policies and procedures as well as our ability to detect and prevent suspected or future attacks and security breaches. To prevent future cybersecurity incidents, we are constantly updating our infrastructure with the latest security technologies, and we conduct vulnerability analysis and penetration testing periodically. Our information systems contain backup systems. In addition, we protect our systems with antivirus software, end-point protection software and last generation firewalls, including firewalls to filter traffic from the Internet. Although actions are taken regularly to improve and monitor our information technology systems, there can be no assurances that these preventive actions to mitigate cybersecurity risks and incidents will be successful in avoiding future cyber-attacks. Any further incidents could materially impact our operations, financial condition and liquidity and compromise information of our business, clients, suppliers and employees. Any such incidents may also lead to regulatory investigations, litigation, damage our reputation, and require us to incur additional expenses. |
||||||||||||||||||||||||||||||
| Cybersecurity Risk Management Processes Integrated [Flag] | true | ||||||||||||||||||||||||||||||
| Cybersecurity Risk Management Processes Integrated [Text Block] | We maintain a comprehensive process for assessing, identifying and managing material risks from cybersecurity threats, including risks relating to disruption of business operations or financial reporting systems, intellectual property theft, fraud, extortion, harm to employees or customers, violation of privacy laws and other litigation and legal risks, and reputational risks, as part of our overall risk management processes. |
||||||||||||||||||||||||||||||
| Cybersecurity Risk Management Third Party Engaged [Flag] | true | ||||||||||||||||||||||||||||||
| Cybersecurity Risk Third Party Oversight and Identification Processes [Flag] | true | ||||||||||||||||||||||||||||||
| Cybersecurity Risk Materially Affected or Reasonably Likely to Materially Affect Registrant [Flag] | false | ||||||||||||||||||||||||||||||
| Cybersecurity Risk Board of Directors Oversight [Text Block] | Governance Management Cybersecurity risk management processes are managed and monitored by our Information Security Officer, who reports directly to our IT manager (the “IT Manager”). In turn, the IT Manager reports these matters to the Chief Financial Officer. Our Information Security Officer has a degree in information technology and over 10 years of experience within the cybersecurity field and holds several certifications, including Cisco Certified Specialist – Security Core, Cisco Certified Network Associate, and Fortinet Network Security Expert Levels 1 and 2. Committee The Company’s cybersecurity committee is comprised of the Chief Executive Officer, Chief Financial Officer, IT Manager and Chief Technical Officer. The Committee meets every time there is a cybersecurity incident that impacts the Company and reviews the status of the implementations of cybersecurity projects. Board of Directors Management reports material cybersecurity incidents and the status of its remediation to the Audit Committee of the Board of Directors, which is primarily responsible for the oversight of risks, including cybersecurity threats.
|
||||||||||||||||||||||||||||||
| Cybersecurity Risk Board Committee or Subcommittee Responsible for Oversight [Text Block] | Audit Committee | ||||||||||||||||||||||||||||||
| Cybersecurity Risk Process for Informing Board Committee or Subcommittee Responsible for Oversight [Text Block] | The Company’s cybersecurity committee is comprised of the Chief Executive Officer, Chief Financial Officer, IT Manager and Chief Technical Officer. The Committee meets every time there is a cybersecurity incident that impacts the Company and reviews the status of the implementations of cybersecurity projects. |
||||||||||||||||||||||||||||||
| Cybersecurity Risk Role of Management [Text Block] | Cybersecurity risk management processes are managed and monitored by our Information Security Officer, who reports directly to our IT manager (the “IT Manager”). In turn, the IT Manager reports these matters to the Chief Financial Officer. Our Information Security Officer has a degree in information technology and over 10 years of experience within the cybersecurity field and holds several certifications, including Cisco Certified Specialist – Security Core, Cisco Certified Network Associate, and Fortinet Network Security Expert Levels 1 and 2. |
||||||||||||||||||||||||||||||
| Cybersecurity Risk Management Positions or Committees Responsible [Flag] | true | ||||||||||||||||||||||||||||||
| Cybersecurity Risk Management Positions or Committees Responsible [Text Block] | Information Security Officer | ||||||||||||||||||||||||||||||
| Cybersecurity Risk Management Expertise of Management Responsible [Text Block] | Our Information Security Officer has a degree in information technology and over 10 years of experience within the cybersecurity field and holds several certifications, including Cisco Certified Specialist – Security Core, Cisco Certified Network Associate, and Fortinet Network Security Expert Levels 1 and 2. | ||||||||||||||||||||||||||||||
| Cybersecurity Risk Process for Informing Management or Committees Responsible [Text Block] | Cybersecurity risk management processes are managed and monitored by our Information Security Officer, who reports directly to our IT manager (the “IT Manager”). In turn, the IT Manager reports these matters to the Chief Financial Officer. | ||||||||||||||||||||||||||||||
| Cybersecurity Risk Management Positions or Committees Responsible Report to Board [Flag] | true |