Our clients use EASYPROMOS as a cloud-based tool to manage their giveaways and competitions online. This means that they trust us to protect the data of users who participate in their promotions. It is our responsibility, as a business, to respond to their trust with the greatest care and dedication to protecting that data.
With this in mind, the leadership of EASYPROMOS would like the concept of INFORMATION SECURITY to be an inherent part of decisions made by every person, employee, or collaborator connected with the company. For this reason, it has been decided to design and implement an Information Security Management System (ISMS), according to regulations ISO-27001:2013 and ISO-27018:2014.
This security policy aims to raise awareness among:
- Our clients. We continually work on data protection, systematically and continuously analysing threats to our systems in order to apply preventative measures. We will report, communicate, and learn from security incidents, to avoid them in future and improve our systems.
- Our staff and collaborators. We must be conscious of security in all our tasks. To achieve this, the organisation will support continuous training to improve confidentiality, integrity, and availability of all the information which we handle. Working and training in these areas will enable us proactively to identify risks and threats, and define, plan, and execute preventative measures.
- Our providers. We will be strict in demanding high standards of data protection from our providers, just as we do from ourselves.
Therefore, the leadership of the business is responsible for:
- Establishing objectives for Information Security management for all assets, especially in the areas of Availability, Integrity, and Confidentiality.
- Establishing systematic risk analysis to evaluate the impact and threats to each asset of the organisation.
- Applying necessary controls and their corresponding processes.
- Supervising the fulfilment of all the standards and commitments to which EASYPROMOS subscribes, whether legal, regulatory, from clients, or its own contractual security obligations.
- Providing the necessary resources to guarantee the continuing operation of the business.
EASYPROMOS guarantees all clients our full commitment to processing their data, and any data collected in their promotions, in accordance with the fundamental requirements of confidentiality, integrity, and availability.