In Nexiona Connectocrats S.L., Hereafter NEXIONA, we dedicate in a passionate way to the creation of products that bring solutions to the IoT professional market, offering a software composer for Systems Integrators, and customized solutions for manufacturers. The proximity, quality service and the orientation toward results are our distinguishing signals,. Consequently, being conscious about the importance of the information and in accordance with the path that marks our own identity, it has been promoted from NEXIONA the establishment of an Information Security Managing System (ISMS) in accordance to the requirements of the ISO/IEC 27001:2013 standards in order to identify, evaluate and minimize the risks which your information is exposed, and also that one of your customers, and to guarantee the fulfillment of the established objectives as well. The main objective of this Security Policy is to establish an action model that allows us to develop a business culture, a way of working and making decisions in NEXIONA, as well as to achieve that the information security and the respect for the personal data be a constant by:
- Preserving the information confidentiality of our customers, preventing its disclosure and access to non authorized people.
- Keeping our customers information integrity, guaranteeing its accuracy and avoiding its spoilage.
- Ensuring our customers the information availability in all the supports and whenever it is required.
- Goals regarding to the Information Security are set annually.
- Legal and contractual requirements of the Business are fulfilled.
- Training and awareness activities with regard to the information security processes are done for all employees.
- An analysis process, managing and risk treatment over the information assets is developed.
- Control Objectives are established and also the corresponding controls to mitigate the identified risks.
- Establish the responsibility of all employees regarding to:
- Report security violations.
- Preserve the confidentiality, integrity and availability of the information assets in accordance with the current policy.
- Comply with the policies and procedures inherent to the Security of Information Managing System.