ISO 9001 — Quality Management System

1. Quality Management System Commitment

TOV «Sinaptic AI» (“Sinaptic”) is committed to delivering AI-powered products and services of consistently high quality that meet and exceed the expectations of our clients. Our Quality Management System (QMS) is aligned with the principles and requirements of ISO 9001:2015 and provides the framework through which we plan, execute, monitor, and improve all aspects of product and service delivery.

Quality is not merely a function within Sinaptic — it is a foundational principle that permeates every aspect of our organization, from product design and engineering to customer support and strategic planning. Our leadership team is actively engaged in establishing quality objectives, allocating resources, and reviewing QMS performance.

This commitment extends to all Sinaptic products (Browser DLP, Sinaptic AI Intent Firewall®, Sinaptic® DROID+), consulting and integration services, and the internal processes that support their delivery.

2. Quality Policy

Sinaptic’s Quality Policy is founded on the following commitments:

• We will understand and meet the requirements of our clients, applicable regulations, and industry standards.
• We will deliver products and services that are reliable, performant, secure, and fit for their intended purpose.
• We will foster a culture where every team member understands their contribution to quality and is empowered to identify and resolve quality issues.
• We will measure quality performance through defined metrics and continuously improve our processes and outcomes.
• We will maintain transparency with our clients regarding product capabilities, limitations, and known issues.
• We will comply with all applicable statutory and regulatory requirements related to product quality and safety.

3. Scope

The scope of Sinaptic’s QMS encompasses:

• Product Development: Design, development, testing, and release of Browser DLP, Sinaptic AI Intent Firewall®, Sinaptic® DROID+, and associated APIs and integrations.
• Service Delivery: Deployment, configuration, onboarding, training, and ongoing technical support provided to enterprise clients.
• Customer Operations: Sales, account management, billing, and customer success activities.
• Internal Operations: Human resources, procurement, infrastructure management, and corporate governance processes that support product and service delivery.

4. Customer Focus

Customer satisfaction is the primary measure of our quality performance. Sinaptic demonstrates its customer focus through:

4.1 Understanding Customer Requirements

We invest significant effort in understanding the needs, expectations, and operating environments of our clients. This includes structured discovery processes during pre-sales, regular business reviews with active clients, and systematic collection and analysis of customer feedback. Requirements are documented, validated with stakeholders, and tracked throughout the delivery lifecycle.

4.2 Measuring Customer Satisfaction

We measure customer satisfaction through multiple channels:

• Quarterly Net Promoter Score (NPS) surveys distributed to all active enterprise clients.
• Post-deployment satisfaction assessments conducted within 30 days of go-live.
• Ongoing monitoring of support ticket resolution times, escalation rates, and first-contact resolution rates.
• Analysis of customer retention, expansion, and churn metrics.

4.3 Acting on Feedback

Customer feedback is systematically reviewed by product and leadership teams. High-priority feedback is incorporated into product roadmaps. All customer complaints are logged, investigated, resolved, and followed up within defined timeframes. Trends in customer feedback are analyzed quarterly and inform strategic quality improvement initiatives.

5. Process Approach

Sinaptic adopts a process-based approach to quality management, recognizing that consistent outcomes are achieved more effectively when activities and related resources are managed as interrelated processes within a coherent system.

5.1 Core Processes

Our QMS identifies and manages the following core processes:

1. Product Development Process: From requirements gathering through design, implementation, testing, and release. Each stage has defined entry and exit criteria, quality gates, and review points.
2. Deployment and Onboarding Process: Standardized procedures for deploying products into client environments, including environment assessment, configuration, integration testing, user training, and handover to support.
3. Customer Support Process: Tiered support model with defined severity levels, response times, escalation procedures, and resolution tracking.
4. Change Management Process: Controlled process for evaluating, approving, implementing, and reviewing changes to products, infrastructure, and processes.
5. Release Management Process: Structured approach to planning, scheduling, and controlling the movement of releases into production environments.

5.2 Process Measurement

Each core process has defined performance indicators that are measured, reported, and reviewed. These indicators include cycle times, defect rates, first-pass yields, customer satisfaction scores, and compliance rates. Process owners are accountable for the performance of their processes and for driving improvements.

6. Risk-Based Thinking

Risk-based thinking is embedded throughout our QMS. We systematically identify risks and opportunities associated with our products, processes, and external context:

• Product Risks: Technical risks, performance risks, compatibility risks, and security risks are assessed during design reviews and managed through our development and testing processes.
• Operational Risks: Risks to service delivery, including resource availability, supplier dependencies, and infrastructure reliability, are identified and managed through operational planning.
• Regulatory Risks: Changes in regulatory requirements (particularly the EU AI Act and GDPR) are monitored and assessed for their impact on product compliance and quality requirements.
• Opportunity Identification: We actively identify opportunities to improve quality, enhance customer value, and optimize processes.

7. Continuous Improvement

Continuous improvement is a fundamental principle of Sinaptic’s QMS. We pursue improvement through:

• Quality Objectives: Measurable quality objectives are established annually, aligned with strategic priorities, and cascaded through the organization. Progress toward objectives is reviewed quarterly.
• Internal Audits: A planned program of internal audits assesses QMS conformity and effectiveness. Audit findings drive corrective actions and process improvements.
• Management Reviews: Top management conducts formal QMS reviews at least twice annually, evaluating performance data, audit results, customer feedback, risk assessments, and improvement opportunities.
• Corrective Action Process: Nonconformities are investigated for root causes, and corrective actions are implemented, verified, and documented. Systemic issues are addressed through process changes rather than individual fixes.
• Lessons Learned: Knowledge gained from incidents, projects, and audits is captured and shared across the organization to prevent recurrence and promote best practices.
• Engineering Practices: We continuously invest in engineering excellence, including automated testing, continuous integration and delivery (CI/CD), code quality standards, and peer review practices.

8. Competence and Awareness

Sinaptic ensures that all personnel whose work affects product and service quality are competent on the basis of appropriate education, training, skills, and experience:

• Competence requirements are defined for all roles that impact quality.
• Training needs are assessed annually and training plans are developed accordingly.
• New employees undergo quality-focused onboarding, including introduction to the QMS, quality policy, and relevant procedures.
• All personnel are made aware of the quality policy, relevant quality objectives, their contribution to QMS effectiveness, and the implications of not conforming to QMS requirements.

9. Documented Information

Sinaptic maintains documented information required by ISO 9001 and determined by the organization as necessary for QMS effectiveness. This includes the quality policy, quality objectives, quality manual, process descriptions, procedures, work instructions, records, and evidence of competence. Document control procedures ensure that documents are reviewed, approved, current, and available to authorized personnel. Obsolete documents are appropriately identified and prevented from unintended use.