INFORMATION SECURITY AND PRIVACY PROTECTION POLICY
Information Security and Privacy Protection is a top priority for our Organization in order to:
- Ensure the full compliance of the Organization with the relevant legal and regulatory requirements.
- Protect the interests of the Organization, of the staff and of those who transact with the Organization and trust him for the use and circulation of their confidential data.
- Ensure the availability, integrity and confidentiality of information produced, received and circulated in the context of security projects.
- Maximize the reliability of the Organization’s information resources.
In order for all the above to be achieved, our Organization implements an Information Security Management System and Privacy Protection according to ISO / IEC 27001:2013 and ISO / IEC 27701:2019 standards which aims to the following:
- Protection of the stored file, computer resources and information circulating in the services of the Organization, from any threat, internal or external, intentional or accidental.
- Systematic assessment and evaluation of the risks related to the security of information and personal data, aiming at their proper and timely management.
- Safe data archiving, prevention of viruses and external intrusions, control of access to systems and security incident management.
- Continuous information updating of the staff on information security issues and privacy protection.
The Information Security Management Responsible controls and monitors the operation of the System, and informs all staff involved in it about possible System changes.
The staff is committed to comply with the policies and procedures of the System.
The Management is fully committed to the faithful implementation of the System, to the provision of the necessary resources required for its continuous improvement and to the observance of the principles in relation to Information Security and Privacy Protection.