+34 925 394 003  –  olibrok@olibrok.com

Home|Philosophy|About us|Services|Contact

INFORMATION SECURITY POLICY

INFORMATION SECURITY POLICY
ACEITES DE OLIVA BROKERS S.L.

  1. Introduction

ACEITES DE OLIVA BROKERS S.L. is committed to protecting the information and personal data of its customers, employees, suppliers, and collaborators, **in full compliance with current data protection and information security regulations.** This policy establishes the necessary measures to prevent unauthorized access, ensure legal compliance, and protect the privacy of those who interact with the company.

  1. Objective

The objective of this policy is to define the principles and measures that govern information security at ACEITES DE OLIVA BROKERS S.L.. It seeks to guarantee the confidentiality, integrity, and availability of stored and processed information, offering confidence and transparency to customers.

  1. Scope

This policy applies to all information systems, physical documents, personal data, and any other type of information related to the management of the company’s activities. It includes:

    1. Personal, identification, and banking data of customers.
    2. Administrative and financial information (invoices, payments, taxes).
    3. Data from suppliers and external collaborators.

 

  1. Security Principles
    • Confidentiality: Information will only be accessible **to authorized personnel.**
    • Integrity: Controls will be implemented to prevent unauthorized alterations to data.
    • Availability: Access to information will be guaranteed in a secure and reliable manner when necessary.
    • Legality: Strict compliance with the General Data Protection Regulation (GDPR) and the Spanish Organic Law on Data Protection and Digital Rights (LOPDGDD).
  2. Protection Measures
    • Digital: Secure passwords, updated antivirus, encrypted backups, and restricted access.
    • Physical: Secure storage, **secure document destruction**, and limited access to sensitive areas.
    • Organizational: Confidentiality agreements with suppliers, and established protocols for security incidents.
  3. Incident Management

In the event of any threat, the impact will be assessed, corrective measures will be taken and, if necessary, authorities and affected parties will be notified.

  1. Review and Update

The policy will be reviewed periodically to improve its effectiveness and adapt to regulatory and technological changes. **(Last reviewed: July 4, 2025)**