Information Security and Privacy Statement
Edita Prima operates in a business environment where trustworthiness and reliability in processing clients´ information are highly business critical success factors. Due to that, information is the most valuable asset for the company’s business.
Information security and privacy are integral parts of the company’s sustainability management, risk management and business continuity management.
The company’s Management Team is committed to continually improve information security and privacy and thus supporting the entire organization in achieving its business objectives. The Chief Information Security Officer (CISO), the Data Protection Officer (DPO) and the Information Security Team support the Management Team in these tasks.
Information security and privacy leadership and management practices in the Edita Prima are thoroughly described in the company's Information Security Management System (ISMS) documentation. Company’s ISMS is based on the international standard ISO/IEC 27001. The Management Team utilizes the ISMS to:
manage the entity of information security and privacy
execute objective setting and planning processes
implement necessary security controls based on risk management results
monitor adequacy and efficiency of implemented security controls
ensure continual improvement of security controls
All information owned or managed by the company is handled according to classification and handling instructions of the information owner. Personal data, however, is processed according to valid EU and national privacy legislation. The company processes personal data in roles of a processor and a controller. Personal data processing is described and informed to relevant parties e.g. to data subjects.
Every Edita Prima employee must be aware of the company's information security and privacy policies and instructions, including special features and needs in her/his own responsibility area, and commit to comply with them.
For further information, please contact Edita Prima’s Information Security Team via e-mail: email@example.com.