INFORMATION SECURITY POLICY
Information security is the basis for the success of our company!
As a customer service provider for a range of industries, in particular for banks and insurance companies, with several affiliated customer contact centers, we work with a large amount of sensitive information on a daily basis and are the interface between end customers and business partners. The secure exchange of information with all relevant groups and the associated processes are crucial to the success of hello.de.
In the course of advancing digitalization in our field of activity, many opportunities arise, but so do new threats. Our aim is to offer the highest possible level of information security while also being an innovation driver in the industry. Our business customers also reflect this aspiration in their requirements. An information security management system (ISMS) is therefore indispensable for the growth of hello.de. For these reasons, we have chosen a certified ISMS according to the international standard ISO 27001.
Overall responsibility
The overall responsibility for the ISMS is assumed by the management, which provides the necessary resources and promotes the necessary processes and structures. It is committed to raising and maintaining awareness of information security among employees.
Scope of the ISMS
The scope of the ISMS includes all processes and services at hello.de that are directly or indirectly related to the provision of customer service.
ISMS objectives
- The constant availability, confidentiality and integrity of information and data.
- We comply with legal, internal and contractual regulations at all times in the area of information and data processing.
- Acquiring new customers and maintaining existing ones with high information security requirements.
- Communication of the security policy to all relevant parties, both internal and external.
- Clear and comprehensible regulation of responsibilities with regard to the protection of all areas relevant to information security.
- Up-to-date documentation of all incidents and events related to information security.
- The ongoing maintenance and improvement of the ISMS.