The Management team, conscious of the importance of guaranteeing the security of the information systems with personal data, has decided to carry out the guidelines for the implementation in the Organization of an effective and adequate Personal Data Protection System, in order to guarantee the levels of security required by current legislation on the Protection of Personal Data.
The concept of Information Security is promoted, establishing objectives and responsibilities, to guarantee the security, integrity and quality of the procedures, treatments, manipulation, communications, consultations, interconnections or transfers of personal data.
The aim of this Management team is to raise awareness among all the members of the company about the need to guarantee Information Security and to turn this need into a collective task, in which all company personnel must be involved.
The general guidelines that are established are the following:
The effectiveness and application of the Safety Standard is responsibility of the Management team. In his name and representation a Safety Manager has been appointed who will supervise the implementation, development, follow-up and maintenance of the same, evaluating its adequacy and correct application. The Security Manager has sufficient authority to intervene in the company and to play an active role in the implementation of the Security Standard, identifying problems, verifying their effectiveness and coordinating the activities that may be affected.
Any person of the Organization whose activity may directly or indirectly be affected by the requirements described in this Security Policy is obliged to comply with it
The Management team undertakes to develop the guidelines of the Security Standard set forth in the Security Document, as well as the periodic review of the contents of the Security Policy.
To ensure that all personnel know, understand and apply this Security Policy, it is disseminated in conjunction with the Security Document.
José Ramón Jiménez Iglesias