Elliot Cloud is aware of the importance of information security and personal data protection as key factors in achieving organisational excellence, market competitiveness, business sustainability and regulatory compliance.
Accordingly, the group has established processes within the organisation for planning and implementing controls, as well as for monitoring and improvement, in order to ensure the confidentiality, integrity, authenticity, traceability and availability of information and services.
Elliot Cloud's management team is responsible for implementing, updating, improving, accrediting and maintaining an Information Security Management System, in accordance with best practices and international standards, specifically in accordance with the standard UNE-EN ISO/IEC 27001:2017. Information technology. Security techniques. Information Security Management Systems. Requirements. It has established the following objectives:
Elliot Cloud and all its members undertake to carry out their activities in accordance with current national and international data protection legislation, paying particular attention to the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of the European Union.
Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the GDPR); and to Organic Law 3/2018 of 5 December 2018 on the Protection of Personal Data and the Protection of Individuals with regard to the Processing of Personal Data (hereinafter referred to as the GDPR); and to Organic Law 3/2018 of 5 December 2018 on the Protection of Personal Data (hereinafter referred to as the GDPR).
guarantee of digital rights (hereinafter, LOPD).
Elliot Cloud has a Data Protection Officer (DPO) responsible for overseeing data protection compliance.
The actions of the group and all its employees in the processing of personal data are in line with the basic principles set out in Article 5 of the GDPR:
a) Principle of legality, transparency and fairness.
b) Purpose limitation principle. It implies that the data must be processed for specified, explicit and legitimate purposes, and prohibits the data collected from being further processed in a way incompatible with those purposes.
(c) Data minimisation principle. Technical and organisational measures must be implemented to ensure that only data that are strictly necessary ('adequate, relevant and limited') for each purpose are processed.
d) Principle of accuracy. Data must be kept up to date and must be deleted or rectified if inaccurate.
e) Principle of limitation of the storage period. Once the purposes of the processing have been achieved, the data should be erased, blocked or anonymised.
f) Principle of integrity and confidentiality. The processing must ensure the integrity, availability and confidentiality of personal data.
The controller will be responsible for ensuring the performance in accordance with the above principles and demonstrate compliance, in accordance with the principle of proactive responsibility. Elliot Cloud's General Management, consequently, with the above, is committed to the allocation of human and material resources, reasonable and proportional, to achieve the above objectives. The responsibility for the proper functioning of the Information Security Management System lies, therefore, in the General Management, delegating to the Head of Information Security the authority and powers necessary for its effective implementation, accreditation, maintenance and improvement, relying, for this, with the support of the management team and staff and collaborators of Elliot Cloud.
CERTIFICATE OF COMPLIANCE WITH THE NATIONAL SECURITY SCHEME
LGAI Technological Center S.A.(Applus+) certifies that the above mentioned information systems, all of them of category MEDIA, and the related services of ELLIOT CLOUD.
Do you want to know
SPAIN | MEXICO | BRAZIL | UK
SPAIN | MEXICO | BRAZIL | UK