Innovation Sprint SRL uses servers on cloud to store, process and share information, in the context of its business operations. The protection of information and information processing facilities is of strategic significance for the Company’s short- and long-term objectives. The high Information Security performance of the provided services is aspired to stand as one of Innovation Sprint’s competitive advantages.

The Management, acknowledging the criticality of information and information systems for the execution of the Company’s business processes, supports and promotes actions that safeguard the systems’ normal operation. For this purpose, the Company has established an Information Security Policy aiming to:

  • Ensure the confidentiality, availability and integrity of the information it processes;
  • Protect the data subjects’ rights within the scope of its business operations;
  • Comply with the applicable legislative and regulatory requirements;
  • Promptly address incidents that may violate the Information Security;

 

At the same time, it adheres to procedures in the context of which the following are defined:

  • Organizational structures that are required for monitoring issues related to Information Security;
  • Technical measures for controlling and restricting access to information and information systems;
  • A classification method for information based on its importance, criticality and value;
  • The necessary protection actions during the phases of information processing, storage and transfer;
  • Handling actions to be implemented in case of Information Security incidents;
  • Methods for ensuring the Company’s business continuity in cases of information systems’ failures or physical disasters.

 

The Company conducts Information Security risk assessments on a regular basis and implements the required risk treatment measures. The effectiveness of Information Security procedures is evaluated at planned intervals or if significant changes occur, by defining performance indicators, describing their measurement methods and periodically reporting to the Company’s Management for review, with the aim to further improve the Management System and ensure their continuing suitability, adequacy and effectiveness.

The Information Security Officer is responsible for controlling and monitoring the Information Security policies and procedures as well as for undertaking the necessary initiatives to eliminate any factor that may jeopardize the availability, integrity and confidentiality of the Company’s information.

The Company’s employees and partners with access to information and information processing systems are responsible for conforming to the rules of the applicable Corporate Information Security Policy.

The Company’s Management and employees are committed to the continuous improvement of the Integrated Management System.

Last update of this policy: September 2024.