At Onestic, we understand information security as an essential value that is transversal to all our activities. Our goal is to protect the data, systems, and services we use, as well as the information entrusted to us by our clients, employees, and partners, at all times guaranteeing its confidentiality, integrity, and availability.
We have an Information Security Policy approved by Management, which defines the principles and commitments that guide our actions and apply to all staff, collaborators, and suppliers involved in our processes.
Through our Information Security Management System (ISMS), aligned with the international standard ISO/IEC 27001, Onestic commits to:
- Protect information against unauthorised access, loss, alteration, or improper disclosure.
- Comply with applicable legislation and regulations, including the General Data Protection Regulation (GDPR) and any applicable contractual, regulatory, and sector-specific requirements.
- Foster a security culture, promoting training, awareness, and individual responsibility among all members of the organisation.
- Respond effectively to security incidents, minimising their impact and applying lessons learned to strengthen the system.
- Continuously review and improve controls, processes, and security measures, adapting them to technological, regulatory, and business changes.
Furthermore, information security is fully integrated with Onestic's strategic and sustainable objectives, serving as a key enabler for:
- Ensuring the availability and confidentiality of services, as pillars of digital trust.
- Offering the highest level of security to our clients, ensuring the continuity and reputation of their operations.
- Driving sustainable value creation, combining innovation, efficiency, and information protection.
- Maintaining technological convertibility and agility, ensuring that security acts as a business enabler.
- Optimising OPEX and CAPEX resources, aligning security investments with real risks and corporate priorities.
- Strengthening the sales funnel, building client and partner trust through operational excellence and regulatory compliance.
- Respecting and protecting the environment, promoting sustainable practices in the use of technological resources, energy management, and the responsible disposal of equipment and storage media, in line with the principles of ISO 14001.
Onestic Management assumes responsibility for driving this policy, ensuring the resources necessary for its compliance, and promoting the continuous improvement of the ISMS, in harmony with the organisation's environmental and social commitments.
This policy is reviewed periodically and is available to all interested parties.
The full version may be requested by email at: legal@onestic.com