INFORMATION SECURITY POLICY (US)
EFFECTIVE DATE: 15 NOVEMBER, 2023

The Management of Touchless ID, S.L. (“Touchless ID”), within the framework of its powers to establish the organization's policies and strategies, has approved this Information Security Policy (hereinafter, the “Policy”).

The objective of this Policy, aimed at all interest groups, is to define and establish the principles, criteria and improvement objectives that govern actions regarding information security.

1. PURPOSE

Touchless ID assumes the security of the information associated with its services as one of the key factors in carrying out its activities in order to guarantee confidentiality, integrity and availability, protecting personal data, the privacy of information and information systems. against improper access and unauthorized modifications.

The implementation and development of an Information Security Management System based on the identification, protection, detection, response and recovery of information systems is part of the Touchless ID strategic policy, with the company's Management providing the resources necessary for its achievement.

Touchless ID, aware of the need to integrate all the tools and means necessary to provide its services with efficiency, quality and in a secure information management environment, will influence all those measures and actions that manage to reduce, minimize, transfer or avoid Risks and allow you to take advantage of the Opportunities of the Management System.

To this end, Touchless ID Management is committed to continually improving the Information Security Management System implemented, in the periodic reviews it maintains annually and by establishing objectives and improvement actions.

2. GENERAL PRINCIPLES

Through this Policy, Touchless ID assumes and promotes the following general principles that must guide all its activities:

  • Direct our efforts to the prevention of errors, as well as their correction, control and management.
  • Encourage everyone's participation to achieve the objectives established by Touchless ID, which will benefit our employees, customers and other interested parties.
  • Take continuous training and awareness as one of the main pillars on which information security is supported.
  • Ensure that the company complies with all the requirements of clients, the different administrations and public bodies, as well as all applicable legal and regulatory requirements, placing special emphasis on those established by legislation on information security.
  • Establish the procedures that are necessary for the control, monitoring and prevention of incidents.
  • Provide Touchless ID with tools and procedures that allow it to adapt quickly to changing environmental conditions.
  • Guarantee the confidentiality, integrity, availability, as well as due protection and privacy of data and information systems against improper access, cyber attacks and unauthorized modifications.
  • Guarantee business continuity, in terms of information security, protecting critical processes against significant failures or disasters.
  • Carry out an adequate evaluation, management and treatment of information security risk to achieve a high level of maturity and minimize risk, prioritizing the measures and controls to be implemented in accordance with the identified risks and business objectives.
  • Act appropriately and jointly to prevent, detect and respond to cyber incidents that could affect information security.
  • Improve the efficiency of the security controls implemented to adapt to the evolution of risks and new technological environments.
  • Review and evaluate the security of the information periodically, taking the necessary measures to correct any deviations that may be detected.



This Information Security Policy was approved on November 15, 2023 by the Touchless ID Management.

This website uses cookies to ensure you get the best experience on our website. Learn more

Got it!