Security Policy
All the information regarding our Security Policy
EVERYDAY SOFTWARE SL, hereinafter FACTORIAL, as a company dedicated to the development, implementation, maintenance and commercialization of IT solutions, aware that the security of information relating to our customers is a critical resource, has established an Information Security Management System according to the requirements of ISO/IEC 27001 to ensure the continuity of information systems, minimize damage risks and ensure compliance with the objectives set.
The objective of the Security Policy is to establish the framework for action necessary to protect information resources from threats, internal or external, deliberate or accidental, in order to ensure compliance with the confidentiality, integrity and availability of information.
The effectiveness and implementation of the Information Security Management System is a direct responsibility of the Information Security Committee, which is responsible for the adoption, dissemination and compliance with this Security Policy. On his behalf and representation, a Responsible for the Information Security Management System has been appointed, who has sufficient authority to play an active role in the Information Security Management System, overseeing its implementation, development and maintenance.
The Information Security Committee will develop and approve the risk analysis methodology used in the Information Security Management System.
Any person whose activity may, directly or indirectly, be affected by the requirements of the Information Security Management System, is obliged to comply strictly with the Security Policy.
FACTORIAL will implement all necessary measures to comply with the applicable regulations on security in general and computer security, relating to computer policy, the security of buildings and facilities and the behaviour of employees and third parties associated with FACTORIALÂ in the use of computer systems. The measures necessary to ensure the security of information through the application of rules, procedures and controls shall ensure the confidentiality, integrity, availability of information, essential for:
- Comply with current legislation on information systems.
- Ensure the confidentiality of data managed by FACTORIAL
- Ensure the availability of information systems, both in the services offered to customers and in internal management.
- Ensure emergency responsiveness, restoring the operation of critical services in the shortest possible time.
- Avoid undue alterations in information.
- Promote awareness and training in information security.
- Establish objectives and targets focused on the evaluation of information security performance, as well as the continuous improvement in our activities, regulated in the Management System that develops this policy.
Signed: General Management
February 7th, 2023