Security Policy

Proximity, service quality, and results-oriented execution are our core values. Fully aware of the importance of information security, and in alignment with our identity and mission, Emogg Analytics has implemented an Information Security Management System (ISMS) in accordance with ISO 27001 requirements. The aim is to identify, assess, and minimise the risks affecting our own information and that of our clients, while ensuring compliance with the established objectives.

The main purpose of this Security Policy is to establish an operational framework that enables the development of a company-wide culture, a unified way of working and decision-making within Emogg Analytics, and to ensure that information security and personal data protection remain constant priorities:

• Preserving the confidentiality of our clients' information by preventing its disclosure and avoiding unauthorised access.
• Maintaining the integrity of our clients' information, ensuring its accuracy and preventing deterioration.
• Ensuring the availability of our clients' information across all media, whenever required.

Management places particular value on safeguarding the availability and confidentiality of its own information and, even more so, that of its clients. Accordingly, it is committed to developing, implementing, maintaining, and continuously improving its Information Security Management System (ISMS) with the objective of constantly enhancing how we deliver our services and handle our clients’ information. Therefore, it is the policy of Emogg Analytics that:

• Information Security objectives are established on an annual basis.
• All legal, contractual, and business requirements are fulfilled.
• Training and awareness activities on Information Security processes are provided to all personnel.
• A process for analysing, managing, and treating risks associated with information assets is implemented.
• Control objectives and corresponding controls are established to mitigate identified risks.
• Employees are made responsible for reporting security breaches and for complying with all policies and procedures that form part of the Information Security Management System.

The Security Officer is directly responsible for maintaining this policy, providing guidance and recommendations for its implementation, and correcting deviations from compliance.

This Information Security Policy shall remain aligned with the company's general policies and with those that form the framework for other internal management systems, such as quality or environmental policies.