In response to a new technological environment where the convergence of computing and communications is facilitating a new productivity paradigm companies, BIGLE is highly committed to maintaining the promotion of research, technological development and innovation projects, in an environment of quality, where the development of good practices in Information Security is essential to achieve the objectives of confidentiality, integrity, availability and legality of all the information managed. As a consequence of the above, BIGLE defines the following application principles to be taken into account within the framework of the Information Security Management System (ISMS).
BIGLE Management understands its duty to ensure information security as an essential element for the proper performance of the organization's services, and essential element for the correct performance of the organization's services, and, therefore supports the following objectives and principles:
Implement the value of Information Security throughout the organization.
To contribute, each and every person at BIGLE, to the protection of Information Security.
Preserving the confidentiality, integrity, availability and resilience of information, in order to information, with the objective of ensuring that legal, regulatory and customer requirements relating to information security are met, regulatory requirements, and those of our clients, relating to the security of the information; and specifically with regard to personal data:
Data shall be processed lawfully, fairly and transparently in relation to the data subject (lawfulness, fairness and transparency).
They shall be collected for specified, explicit and legitimate purposes and shall not be further processed in a way incompatible with those purposes. (Purpose limitation).
Data shall be adequate, relevant and limited to what is necessary for the purposes for which they are processed (data minimisation).
The data must be accurate and, if necessary, updated; all reasonable steps shall be taken to ensure that they are removed or rectified without delay any personal data which are inaccurate with respect to the purposes for which they are processed (Accuracy).
Maintained in such a way as to allow identification of data subjects for no longer than is necessary for the purposes of the processing of the personal data personal data may be kept for longer periods provided they are processed exclusively for archival purposes in the public interest, scientific or historical research purposes or statistical purposes (limitation of the retention period).
Processed in such a way as to ensure adequate security of personal data, and personal data, including protection against unauthorized or unlawful processing unauthorized or unlawful processing and against loss, accidental destruction or damage, through the implementation of appropriate technical or organizational measures. (Integrity and confidentiality).
To protect BIGLE's information assets from threats, whether internal or external, deliberate or accidental, with the aim of or external, with the objective of guaranteeing the continuity of service to our customers and the security of information.
Establish an Information Security Plan which integrates the activities of prevention and minimisation of the risk of security incidents on the basis of the risk management criteria established by BIGLE.
Provide the necessary means to be able to carry out the relevant actions to manage the identified risks.
Assume responsibility for information security awareness and training as a means of ensuring compliance.
Extend our commitment to information security to our staff and suppliers.
Continuously improve security by establishing and regularly monitoring information security objectives.
This policy shall be maintained, updated and fit for purpose by the Organization, aligned with the risk management context of the Organization. For this purpose it shall be reviewed at planned intervals or whenever significant changes occur, in order to ensure that their suitability, adequacy and effectiveness are maintained.
Similarly, in order to manage the risks faced by BIGLE, a formally defined risk formally defined risk assessment procedure. All policies and procedures included in the policies and procedures included in the ISMS will be reviewed, approved and driven by the Executive Management of BIGLE.
Incidents related to this policy may be communicated by email to email@example.com.
Responsible: BIGLE IBERIA, S.L. (Bigle Legal)
Purpose: To subscribe to our newsletter.
Rights: Access, rectification, suppression, portability, limitation of treatment and opposition, by sending an email to: firstname.lastname@example.org