Security Policy
In Barcelona, 27th March 2023
Proximity, quality of service and orientation to results are our hallmarks, so, aware of the importance of information security, and in line with the path that marks our own identity, from ACELLERA, the establishment of an Information Security Management System has been promoted according to ISO27001 requirements in order to identify, evaluate and minimize the risks to which your information and that of your customers is exposed as well as guarantee compliance with the established objectives.
The main objective of this Security Policy is to establish a model of action that allows us to develop a company culture, a way of working and making decisions in ACELLERA, as well as to ensure that information security and respect for personal data are a constant:
- Preserving the confidentiality of our customers' information, preventing its disclosure and access by unauthorized persons.
- Maintaining the integrity of our customers' information, ensuring its accuracy and avoiding its deterioration.
- Ensuring the availability of our customers' information, in all media and whenever necessary.
The Management, for its part, especially values and establishes as the main criterion for the estimation of its risks the assessment of the availability and confidentiality of its information and even more that of its clients. Thus, it is committed to developing, implementing, maintaining and continuously improving its Information Security Management System (ISMS) with the aim of continuous improvement in the way we provide our services and in the way we treat our customers' information. Therefore, it is ACELLERA's policy that:
- Objectives are established annually in relation to Information Security.
- Legal, contractual and business requirements are met.
- Training and awareness activities on Information Security processes are carried out for all personnel.
- Develop a process of analysis, management and treatment of risk on information assets.
- Control objectives and corresponding controls are established to mitigate the risks identified.
- The responsibility of employees is established in relation to the reporting of security breaches and to comply with the policies and procedures inherent to the Information Security Management System.
The person in charge of Security will be directly responsible for the maintenance of this policy, providing advice and guidance for its implementation and corrections in the event of deviations in compliance.
This information security policy will always be aligned with the general policies of the company and with those that serve as a framework for other internal management systems, such as quality and environmental policies.