INFORMATION SECURITY POLICY OF CREDITREFORM BULGARIA EOOD

In connection with the aims of Creditreform Bulgaria EOOD for a constant improvement of the procedures and the measures concerning information protection, the Company approves the present Information Security Policy. Its implementation aims to ensure control over the information risks and effective management of the storage of information of the Company and information provided by outside sources. The Policy is presented and elucidated to all employees who have access to the information and the information systems of Creditreform Bulgaria EOOD in order to be aware of the potential risks and problems of the information security. The Policy establishes the Company’s approach to managing the information security. The Policy of the Company is to provide security of the company’s and customer’s personal data and data systems when performing services of: credit reports, collection of overdue receivables (of the company and of customers), acquisition of receivables and provision of public information about legal entities.

Creditreform Bulgaria EOOD establishes the management of information security on the basis of prevention and protection against potential adverse impacts and events, through systematic analysis of the environment, types of information, legal provisions and requirements of the stakeholders, the risks concerning the security and also applies a set of technical and organizational risk management measures.

The present Policy indicates the framework for a system of measures concerning:

The treatment of specific information related to: the Company, to clients and to natural persons – data subjects - as confidential; applying approved access regulations and disclosure restrictions of such information;

Ensuring the integrity of information by protection against unauthorized changes, loss or destruction of information;

Providing accessibility of information by ensuring reliable and timely access;

Achieve information accountability by implementing access control on information systems and data bases.

 

The objectives of the present Policy are:

Ensuring business continuity;

Minimizing the risks related to the information security of possible losses or damages to Creditreform Bulgaria EOOD, clients, partners and stakeholders;

Minimizing the risks of possible losses or damages caused by breaches in the information security;

Informing employees about their responsibilities and obligations concerning the information security;

Ensuring compliance with regulatory and contractual requirements;

Protection and privacy of personal data;

Compliance with commercial confidentiality, copyrights and other intellectual property rights;

Periodic evaluation, updating and developing appropriate practices, measures and procedures in connection with information security.

The Policy is disseminated to third parties and stakeholders.

The Information Security Policy is regularly reviewed on the basis of an established process within the Management Review.

The Information Security Policy is revised and adopted in compliance with the current legal regulations and requirements.

The employees of Creditreform Bulgaria EOOD undertake to comply with all rules regarding the information security, described in procedures, instructions and other acts and documents – part of The Management System.

Creditreform Bulgaria EOOD validates the current Policy and actively participates in the processes of development, maintenance and improvement of the Management System.

 

This Policy is valid as at: 26.03.2018

Contact us

online-kontakt

Contact
*All fields not marked with an asterisk (*) are optional, but you can provide us this information as well.

Contact