INFORMATION SECURITY POLICY
WAYMORE SINGLE MEMBER LTD responding to the requirements of modern business reality and aiming at the protection of its information systems, always aiming at the uninterrupted and exemplary service of its Customers, decided to design and install an Information Security Management System in accordance with the requirements of International Standard ISO 27001:2013.
The Company’s Information Security Management System covers:
- mobile operators (data clearance services and settlement, financial clearance services and settlement, voice hub, smsc developer, smpp proxy server routing engine, revenue assurance, anti-spam filtering, filtering and fraud protection services).
- Enterprises customer (web based sms platform, http sms services, while label web 2 sms platform, sms tacking, reporting & billing platform, smpp connectivity services, hlr lookup services).
and was designed in accordance with the needs and aspirations of the Company and the Legal and Regulatory Requirements of the applicable Greek and Community Legislation.
The main objectives, as they are expressed in the procedures of the Company’s Information Security Management System, are:
- the creation of a basis for the continuous improvement of the efficiency of its processes, having in mind the continuous satisfaction of the needs and the expectations of its customers as much as possible.
- minimizing the number of incidents that may affect the continuity of business processes, as well as minimizing their impact.
- the handling of information, which is stored and transmitted in any way through its electronic and non-electronic systems and are elements of exceptional importance for its operation and market position, in a way that protects their security in terms of confidentiality, integrity and their availability,
- compliance with the laws and regulations to which the company is subject.
- the continuous improvement of the system.
The goal of the Management regarding the protection of personal data is its compliance with the following principles:
- Processing of personal data in a lawful and lawful manner.
- Retention of personal data for clearly defined purposes.
- Limiting personal data to what is absolutely necessary to achieve these goals.
- Protection of personal data through adequate security measures.
- Retention of personal data for a certain period of time (depending on the purposes).
The company’s system is reviewed at regular intervals by the Management, in order to adapt to new needs and market developments, legal requirements, but also to achieve the goal of information security of the company. Information Security Objectives are also reviewed on an annual basis and adjusted as required.
The Management is committed to the disposal of the infrastructure and equipment that is deemed necessary for the implementation and availability of its work. Each employee is responsible for responding, assimilating and implementing the procedures required by the Information Security Management System through its daily activities. For this reason, all employees, depending on their responsibilities, are informed about the System and act in a proven manner in accordance with the established rules of security and confidentiality.
The Information Security Policy is communicated, understood and applicable by all human resources, with the ultimate goal of continuous, steady growth of its business, with unwavering commitment to its principles and the constant offer to customers of products and services of excellent quality. It is reviewed at regular intervals with the aim of its continuous harmonization with market conditions, technological developments and current legislation.