Information Security Policy

Due to our activity as an agency specialized in Social Networks' users information analysis, in XEERPA we understand that information is a high valued asset for both our Clients and our organization, and therefore it requires adequate protection and management in order to provide a steady business line and minimize the potential risks related to the integrity, availability and confidentiality of the information.

For these reasons, XEERPA acquires the following commitments:

- The permanent will of XEERPA in terms of Information Security Management will be tangible through awareness and formation programs which will promote the participative management related to those ambits, allowing the personnel skills to be seized for the improvement of the production process.

- In order to guarantee the development of activities within the regulated applicable normative, the legislation and other Clients' requisites, including Information Security references, will be fully complied by XEERPA.

- Fulfill the requisites and continuously improve the efficiency of the Information Security Management System through the integration of systems to measure and track the Information Security objectives and the solutions and developments performed for our Clients.

- Guarantee the steadiness of the business developing continuity plans based on recognized methodologies.

- Perform and periodically review risk analysis based on recognized methodologies which will allow us to stablish the Information Security level and minimize the risks through the development of specific policies, technical solutions and contractual agreements with specialized organizations.

- The personnel of XEERPA will work with the intention of matching the stablished objectives and always within the legal requisites.

The Management of XEERPA, based on their analysis methodology and risks management policy, declares to be aware of and consequently accept the totality of risks which have been balanced in an acceptable and defined level in the appropriate process, after all the control systems related to their Information Security Management system have been integrated.