BLINK as a company dedicated to development, maintenance, and support of the BLINK platform  openly expresses its intention to offer competitive services to all its customers; for this reason, it has implemented a information security system within the organization, whose main objective is to achieve the expected satisfaction of customers, through processes established and based on a process of continuous improvement, ensuring the continuity of information systems,  minimizing the risks of damage and ensuring compliance with the objectives set, to ensure at all times the confidentiality, integrity and availability of information.

 

To this end, it assumes its commitment to the safety of information according to the reference standard ISO /IEC 27001:2017, so senior management establishes the following principles:

 

1. Competence and leadership by senior management as a commitment to develop the Quality Management and Information Security system.

2. Determine internal and external stakeholders that are relevant to the quality management system and meet its requirements.

3. Understand the context of the organization and determine the opportunities and risks  of the organization as the basis for planning actions to address, assume or treat them.

4. To ensure the satisfaction of our customers, including stakeholders in the results of the company, in everything related to the realization of our activities and their impact on society.

5. Establish objectives and targets focused on quality performance assessment, as well as continuous improvement in our activities, regulated in the Management System that develops this policy.

6. Compliance with the requirements of the applicable and regulatory legislation to our activity, the commitments made with customers and interested parties and all those internal rules or guidelines of action to which the company is subject.

7. Ensure the confidentiality of the data managed by the company  and the  availability  of information systems, both in the services offered to customers and in the internal management, avoiding undue alterations in the information.

8. Ensure emergency responsiveness, restoring the operation of critical services in the shortest possible time.

9. Establish appropriate measures for the treatment of risks arising from the identification and evaluation of assets.

10. Motivate and train all personnel working in the organization, both for the correct performance of their work and to act according to the requirements imposed by the Reference Standard, providing an adequate environment for the operation of processes.

11. Maintenance of fluid communication both internally, between the different states of the company, as well as with customers.

12. Evaluate and ensure the technical competence of the staff for the performance of their functions, as well as ensure the proper motivation of the staff for their participation in the continuous improvement of our processes.

13. Ensure the correct condition of the facilities and the appropriate equipment, so that they are in correspondence with the activity, objectives, and goals of the company.

14. Ensure a continuous analysis of all relevant processes, establishing the relevant improvements in each case, depending on the results obtained and the objectives established.

 

These principles are assumed by the Senior Management, who provides the necessary means and provides its employees with sufficient resources for their compliance, specifying them and making them public through this Information Security Policy.