Information Security Policy
Usizy's information security and privacy policy establishes:
- The commitment to provide and maintain the highest levels of service quality, generating the maximum possible information security guarantees.
- The purpose is to be an organisation oriented towards process management and risk analysis, to ensure the control and improvement of these, the integration of our staff in their development and the fulfilment of our commitment to quality and information security, in order to seek the maximum satisfaction of our clients.
- As well as being a benchmark for the sectors and activities.
Information Security and Privacy Management Systems necessary to provide the services:
- Software platform for eCommerce
- Set of e-commerce technology solutions through the products: Size Adviser for size recommendation, Smart Stock for stock predictions, Smart Pricing for price optimisation predictions, Smart Logistics for logistics predictions and Usizy Worky for applying Size Adviser in work environments and workwear.
According to the current statement of applicability.
All based on the development of people, the sense of belonging to the organisation and their personal fulfilment, the best adaptation and optimisation of resources, management by processes and risk analysis, as essential elements to achieve continuous improvement.
Aware of the need for internationally recognised standardised systems, the organisation has aligned its Information Security Management System with the ISO 27001 and ISO 27701 standards.
Therefore, the Management is committed to leading and maintaining an Information Security and Privacy Management System in the organisation based on continuous improvement and the following guidelines:
- A serious commitment to understanding the needs and expectations of our customers and other interested parties, in order to achieve their satisfaction, and to continuous improvement, establishing and verifying compliance with the objectives established on a regular basis.
- Commitment to compliance with applicable legislation and regulations, as well as with the requirements subscribed to.
- Ensuring the security and privacy of our own and our clients' information. Our activity involves the processing of a variety of information as a way of executing the basic processes inherent to its activity. Knowing that the information systems, applications, communications infrastructures, files and databases are an important asset of the company, the management prioritises the confidentiality, integrity and availability of the information when defining and delimiting the objectives and responsibilities for the various technical and organisational actions and monitors compliance with the legal framework, specific directives and policies and the defined procedures.
- Commitment to the ongoing review of competencies and continuous improvement, in order to ensure the quality of services and their ability to meet the growing challenges posed by our customers.
All our personnel accept the commitment to improve the services, the auxiliary processes of the company and to develop a responsible conduct in information security, within the different work positions.