Information Security Policy
AMD TELECOM SA responding to the requirements of the modern business reality, aiming at the protection of its information systems, and always targeting the seamless and exemplary service of its Customers, decided to design and install an Information Security Management System in accordance with the requirements of the International Standard ISO 27001:2013 and ISO 27701:2019.
The Company Information Security Management – Privacy Protection System covers:
Procurement of Telecommunication Services:
- data clearance services and settlement, financial clearance services and settlement, voice hub, SMS hub, Web to SMS/Voice Server, roaming steering, roaming hub, SMSc developer, SMPP proxy server routing engine, revenue assurance, anti-spam filtering, filtering, and fraud protection services
- web based SMS platform, http SMS services, Web2SMS Whitelabel, sms tracking, reporting & billing platform, SMPP connectivity services, hlr lookup services, portals for banks, ticket issuance, parking
and it was designed in accordance with the Company’s needs and aspirations and the Legal and Regulatory Requirements of the current Greek and Community Legislation.
The main objectives, as they are expressed in the procedures of the Company’s Information Security Management – Privacy Protection System, are:
- Τhe creation of a basis for the continuous improvement of the efficiency of its processes, taking into consideration the continuous satisfaction of the needs and the expectations of its customers as much as possible.
- The minimization of the number of incidents that may affect the continuity of business processes, as well as the minimization of their impact as much as possible.
- The information management, which is stored and circulated in any way through its electronic and non-electronic systems and are elements of exceptional importance for its operation and position in the market, in a way that protects their security in terms of confidentiality, integrity and their availability.
- The compliance with the laws and regulations to which the company is subject.
- The continuous improvement of the system.
The goal of the Management regarding the protection of personal data is its compliance with the following principles:
- Processing of personal data in a lawful and legal manner.
- Retention of personal data for clearly defined purposes.
- Limiting personal data to what is absolutely necessary to achieve these goals.
- Protection of personal data through adequate security measures.
- Retention of personal data for a certain period of time (depending on the purposes).
The company’s system is reviewed at regular intervals by the Management, in order to adapt to new needs and market developments, legal requirements, but also to achieve the goal of information security of the company. Information Security Objectives are also reviewed on an annual basis and adjusted as required.
The Management is committed to the disposal of the infrastructure and equipment that is deemed necessary for the implementation and availability of its work. Every employee is responsible to respond, assimilate and implement the procedures required by the Information Security Management – Privacy Protection System through their daily activities. For this reason, all employees, depending on their responsibilities, are informed about the System and act in a proven manner in accordance with the established rules of safety and confidentiality.
The Information Security Policy – Privacy Protection is communicated, understood and applicable by all human resources, with the ultimate goal of continuous, stable development of its business activity, with unwavering commitment to its principles and the constant offer of products and services of excellent quality to customers. It is reviewed at regular intervals with the aim of its continuous harmonization with market conditions, technological developments and current legislation.
Procedures, flows and actions, which do not guarantee the fulfillment of the set goals, are immediately stopped by those responsible, analyses of causes are performed and the necessary measures for improvement are defined.