Information Security Policy
Business Adapter, a company that offers consulting services and data protection audit RGPD, LOPD-GDD and web regulations LSSICE, Data Protection Officer services, DPO/DPD, training services, backup and confidential destruction of information. Our main objective is the satisfaction of our clients, based on the values of efficiency, seriousness, professionalism and the execution of quality work with security guarantees, both of the information and documentation with which we work, as well as the data.
This means that both Business Adapter ‘s Management and its personnel must apply the established security measures and establish control and follow-up mechanisms. For this purpose, a set of measures, controls, procedures and actions have been implemented to protect all assets, including information and the processes that support it, as well as systems and networks. It is important that the principles of the Security Policy are part of the organizational culture. To this end, a clear commitment of those responsible for each area must be ensured for the dissemination, consolidation and compliance with this Policy.
In order to guarantee information security, the Management has developed and implemented an information security management system, the main pillars and objectives of which are as follows:
- To know our customers’ needs and satisfy them.
- Comply with all legal provisions in force and applicable regulations, applying legal compliance to the activities that the company develops and the requirements required by our customers, even beyond the legal minimums that are economically and technologically feasible.
- Establish a system of continuous improvement to optimize and increase the quality of our service.
- The Information Security Management System is not a matter of one person, but is the result of the joint work of all the members of the company, who are provided with constant and adequate training.
- To protect the Company’s information resources and the technology used to process them against internal or external, deliberate or accidental threats.
- Establish methods of notification, management and registration of incidents related to the Information Security Management Systems (ISMS), and carry out a continuous review of these controls to ensure compliance with security requirements, and thus contribute to continuous improvement.
- Define a strict policy for copying and storing information relevant to the company.
- Ensure proper management of access to our systems through the implementation of an identification and authentication system. This not only restricts access to third parties but also facilitates the work of our employees in a completely secure environment.
- Define performance standards that ensure an adequate balance between the needs of users, safety requirements and respect for the laws in force.
All Business Adapter personnel shall comply with the guidelines, rules and procedures, and as a consequence shall assume the duty to cooperate with this organization in the interest of ensuring that there are no alterations or violations of
these rules.
All persons who provide their services in Business Adapter must know and assume the obligations regarding the correct use of computer resources. Failure to comply with these obligations by personnel may give rise to disciplinary liability, and the exercise of legal procedures by the company for its enforcement.
Consequently, the Management extends this commitment to all employees, as well as to those who act on behalf of Business Adapter to comply with the guidelines of this policy, which will be periodically reviewed to ensure that they are always appropriate to the activities of the organization.
ensure that they are always appropriate to the organization’s activities.
Management extends this commitment to all interested parties to comply with the guidelines of this policy, which will be reviewed periodically to ensure that they are always appropriate to the activities of the organization.
The Address,
December 5, 2019