Information security policy
ZERINTIA considers that it is essential to guarantee the security of information in all its aspects (integrity, confidentiality, availability, etc.) as well as the security of the processes, infrastructures, people and other resources that participate in the provision of the company's services. With the aim of being a benchmark company model in its sector, it must adequately manage corporate security: protecting said elements from possible threats, minimizing their risks and guaranteeing the continuity of their business processes.
In the current context, the protection of corporate information and the elements that treat it are especially relevant. These assets are critical to the organization, so they must be kept reasonably safe from any threat that may pose a risk to them. The security of the information must be guaranteed attending at all times to the corresponding legal, organizational and technical principles.
Therefore, protecting information and maintaining its security becomes a global objective that must be marked as its own by each and every member of the company. In this way, each and every one of us must know and comply with the information security policy, the procedures, regulations, standards and recommendations that implement it.
To this end, the following basic principles of the ZERINTIA Security Policy are established:
- Comply with the legal and contractual requirements applicable to the development of their functions in the organization. In particular, and for the purposes of this policy, in matters related to the protection of personal data and corporate information and the continuity of business processes.
- Restrict the use of both the information itself and the systems that process it and that are owned by ZERINTIA, to those tasks necessary for the proper performance of each employee's work.
- Maintain secrecy regarding the company's information and not disclose it to third parties. As an exception, it will be possible to communicate it in those cases that are essential for business reasons, and always under the relevant security measures.
- Create and maintain an Information Security Management System, which includes the policies, regulations, procedures and guidelines necessary to transfer the security requirements to the different areas of the organization in order to protect the information and ZERINTIA
The Management of ZERINTIA undertakes to adopt the necessary measures to implement, maintain and continuously improve the Information Security Management System, as well as comply with the requirements applicable to information security. To this end, this Security Policy is made public, communicating it internally to the entire organization and making it available to interested parties.
Failure to comply with this security policy, guidelines or applicable legislation in each case, will lead to the adoption of the corresponding legal or disciplinary measures, defined by ZERINTIA.
For further information, please do not hesitate to contact us at firstname.lastname@example.org.