Information Security Policy
The management of weCan Technology Zrt. is committed to providing its services by using the latest technologies, at a high level, safely and continuously. Protecting the IT resources that are of utmost importance for the operation of Xdroid and its customers as well as the data processed and stored by them is a fundamental interest and obligation of all employees and contracted partners. Our goal is to ensure the confidentiality, integrity and availability of data, information and information processing activities by developing control processes and incorporating them into the business processes as well as by regularly reviewing these controls.
The tasks related to the planning, implementation, operation and control of the infocommunication, IT and information systems processed by weCan technologies Zrt. must be performed in such a manner that the protection of the systems complies with the legal regulations and the cost of protection is proportionate to the potential damage value.
In order to achieve this:
- We designed, built and are continuously developing our Information Security Management system according to the requirements defined in the MSZ ISO/IEC 27001:2014 standard.
- We ensure that the likelihood of information security incidents and disruptions and the damage caused by them are minimised, and incidents are investigated in a documented form.
- We ensure that our users are aware of information security threats and possess the knowledge necessary to consciously comply with the organisation’s security policies.
- Information and information processing devices are protected from access, modification and theft by unauthorised persons.
- We ensure that data processing assets operate correctly and securely by adhering to and enforcing documented operating procedures, as well as planning and controlling the implementation of any changes.
- As a result of the Company’s operation, we pay special attention to the management and storage of personal data in order to comply with the EU’s General Data Protection Regulation No. 2016/679 and the relevant Hungarian legal requirements.
- Procurement of new IT systems and upgrades of existing systems are carried out with full regard to information security.
- We set information security objectives at regular intervals with the aim of maintaining and improving the quality of the IBIR system.
Budapest, 1 June 2022