ISO 27001 Certified
Our certification is a testament to our commitment to protecting your data. This globally-recognized standard outlines the best practices for information security management systems, we are proud to have achieved this certification, and guarantee the highest standards of security for your data.
By choosing us, you can be confident that your data is secure. We thank you for entrusting us with your data security.
In DataX Intelligence we highly worry about the security and confidentiality of company data, the privacy of its customers and the safety of its employees. We have developed a Information Security Management System (ISMS) that aims to protect against any unauthorized access, use, disclosure, or destruction of data and to maintain the integrity of its systems. We strive to maintain the highest standards of security and data protection, and to comply with applicable laws and regulations. We are committed to providing a secure environment for our customers, employees, and partners.
Information Security Policy
CONTENT
1. PURPOSE
2. SCOPE
3. CORPORATE ISMS POLICY
4. APPLICABILITY
5. RESPONSABILITY
6. ENFORCEMENT
7. OWNERSHIP AND REVISION
1. PURPOSE
The purpose of Information Security Management System (ISMS) in DATAX INTELLIGENCE S.L. is to ensure the continuity and protection of the business processes and information assets which are considered within the ISMS scope (stated in ISMS scope document). The information security needs and objectives are stated in this document to minimize the impact of security incidents on the operations of the company.
2. SCOPE
The primary audiences for Information Security Policy are Management, System and Information Owners, Business and Functional Managers, Chief Information Security Officer (CISO), and IT Security Practitioners of the organization.
3. CORPORATE ISMS POLICY
The Information Security Management System of DATAX INTELLIGENCE S.L. intends to ensure:
Integrity of all business processes, information assets, and supporting IT assets and processes, through protection from unauthorized modification, guarding against improper information modification or destruction, and includes ensuring information non-repudiation and authenticity. The unauthorized modification or destruction of information could have severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals;
Availability of all business processes, information assets, and supporting IT assets and processes to authorized users when needed, ensuring timely and reliable access to and use of information. The disruption of access to, or use of, information or an information system could have serious adverse effect on organizational operations, organizational assets, or individuals;
Confidentiality of all information assets (information is not disclosed to unauthorized persons through deliberate or careless action). Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information. The unauthorized disclosure of information could have limited adverse effect on organizational operations, organizational assets, or individuals.
All IT-enabled processes and stakeholders shall follow the rules and regulations, or circulars published in the organization;
All operational and system changes shall be monitored closely; these shall adhere to the change management process;
DATAX INTELLIGENCE S.L. complies with the laws, regulations and contractual obligations which are applicable to the organization in general and in particular to its ISMS;
All applicable information security requirements are satisfied;
Continual improvement of the information security management system.
4. APPLICABILITY
This policy applies to all Manager and staff of DATAX INTELLIGENCE S.L., contractors, and third-party employees under contract, who have any access to, or involvement with, the business processes, information assets, supporting IT assets and processes covered under the scope of ISMS.
5. RESPONSIBILITY
DATAX INTELLIGENCE S.L. shall ensure that all activities required to implement, maintain, and review this policy are performed. All personnel, regarded as included in the ISMS scope, must comply with this policy statement and its related security responsibilities defined in the information security policies and procedures that support the corporate information security policy. All personnel, even if not included in the ISMS scope, have a responsibility for reporting security incidents and identified weaknesses, and to contribute to the protection of business processes, information assets, and resources of DATAX INTELLIGENCE S.L.
6. ENFORCEMENT
DATAX INTELLIGENCE S.L. holds the right to monitor the compliance of its personnel to this policy. Manager and staff of DATAX INTELLIGENCE S.L., contractors, and third-party employees, who fail to comply with this policy, may be subjected to appropriate disciplinary actions.
7. OWNERSHIP AND REVISION
This policy statement is owned by IT Department. This policy shall be revised once every year by the CISO and every time that the Management Team of DATAX INTELLIGENCE S.L., decides to do so.
