General information security policy

 

KANTOR'S information security policy was established based on the philosophy and basic principles of management and principles of corporate behavior and describes the approach to information security and the company's requirements. Management staff and employees recognize the importance of information security and the exercise of effective information security governance, and build information security into the corporate culture so that the company is a trusted enterprise by all stakeholders. This policy was developed in accordance with the requirements of the ISO 27001:2022 & ISO 27701:2019 standards and is in line with the corresponding ISO 9001:2015 & ISO 14001:2015 policy.

 

The company's security policy confirms that:

 

• All information used by the company's operations are recognized as important assets, and activities involving security information are addressed and managed appropriately. These include customer and personnel information, confidential information related to projects/production/sales and marketing, services, technology, know-how, suppliers and partners and all kinds of IT systems that store and use such information.

 

•The established information security policy recognizes the responsibilities and authorities in the protection and control of information assets.

 

• The risks related to information security are evaluated and managed by demonstrating the continuous improvement of the information security management system and the confidence of the interested parties regarding the business continuity of the company.

 

•Continuous education and training of employees has been integrated into the corporate culture imparting a high level of knowledge and skill to staff.

 

•Systematic legal monitoring ensures compliance with laws, agreements and regulations regarding management information system security.

 

•The system is reviewed, maintained and improved on a continuous basis by management.

 

Privacy policy statement

 

KANTOR seeks to provide the services in accordance with the current legal and regulatory framework and its other contractual obligations, in a way that the information is protected from intentional or unintentional theft, destruction, or use in violation of the laws and regulations. This policy was developed in accordance with the requirements of the ISO 27001:2022 & ISO 27701:2019 standards and is in line with the corresponding IS0 9001:2015 & ISO 14001:2015 policy.

 

The purpose of information security is to ensure the business continuity of KANTOR and minimize the risks that threaten information, avoiding security incidents and reducing the effects that these incidents may have. The security policy is applied by all KANTOR staff and is involved in the performance of the services, including any additional terms of the relevant contracts.

 

The aim of this policy is to protect the information assets of KANTOR and its customers from all internal, external, intentional or unintentional service threats, as well as the equipment used, as well as the facilities it uses.

 

The individual objectives of KANTOR regarding information security are:


• The Information is protected from any unauthorized access
• To ensure the confidentiality of the Information
• The integrity of the Information is not maintained
• To maintain the availability of the Information
• To ensure compliance with legal and regulatory requirements
• Develop, maintain and test Business Continuity Plans
• To provide information security training for all staff
• All actual or suspected security incidents are reported to the information security manager and fully investigated

 

In order to achieve the above objectives, individual security policies and procedures have been developed and implemented, where the directions of the administration, the method of implementation of the policy or procedure and all the relevant responsibilities of the staff are described. All staff and external partners (when required) are obliged to apply the security policies that fall within the scope of their activities. The administration is committed to providing all the necessary resources and means for the implementation of this and the individual security policies.

 

Your Trust, Our Priority

 

At KANTOR, we prioritize the trust you place in us by choosing our services. Our ISO 27001 & ISO 27701 certification is a testament to our dedication to maintaining the highest standards of information security and privacy. For inquiries about our security practices or to request additional information, please contact us.