The management of Datacruit s.r.o., whose main business is providing and developing SW for recruitment management, is committed to further developing the organization, continually improving the level and quality of service to satisfy all the expected and anticipated needs of customers and meeting legal requirements.
This policy aims to inform customers and partners of the company and the public about the continued interest in protecting all information assets and assets used to process them against external and internal threats, misuse, disclosure or destruction.
The basic purpose of the information security system is to ensure the continuous integrity, availability and confidentiality of data and other assets. The Company's management is aware of the responsibility to continually increase the certainty of our own assets as well as the assets of our clients and other partners and products provided to existing and new customers of the company with the aim of maximally satisfying the needs of our customers. Therefore, it was decided to implement a documented information security management system according to the process-oriented system model ČSN ISO / IEC 27001: 2014.
As part of the ISMS improvement process, management will pay constant attention to the following areas:
- Ensure compliance of our ISMS with the business requirements of our customers and partners as well as with laws, decrees and all relevant regulations. Avoid breaching any legal, statutory, regulatory or contractual obligations and any safety requirements. In particular, observe the principles based on the GDPR General Data Protection Regulation.
- Manage the development of information security within the company and on interfaces with our customers and partners.
- Achieve, maintain and improve adequate protection of the assets of the Company and our customers and partners. Therefore, the situation is examined and evaluated in terms of risk (refer to analysis of security risks), where management decides to divide into acceptable and unacceptable and subsequently introduces measures for them.
- Permanently ensure that security and compatibility are integral parts of our information products.
This policy is incorporated in the company's working practices and rules on the liability of the employees.
The intention of the management of Datacruit is to promote the objectives and principles of the information security.
The validity of our certificate for compliance with EN ISO/IEC 27001: 2017 can be verified with the certification authority here.