AMD TELECOM SA, responding to the requirements of the modern business ecosystem, aiming to the protection of its information systems and striving for the seamless and exemplary provision of services to its Customers, decided to design and install an Information Security Management System under the requirements of the International Standard ISO 27001:2013.

The Company’s Information Security Management System comprises:

Procurement of Telecommunication Services:

  • Clearing and Data Management Services, Financial Clearance and Claims Settlement Services, Voice Services Hub, SMS Text Messaging Hub, Creating and Programming of SMS Managing Platform (Web to SMS/Voice Server), Routing Services (Roaming Steering), Roaming Hub, Short Message Service Center Software (SMSc), SMPP Proxy Server Routing Engine (SMPP) Management Center and Routing Engine, Revenue Assurance Services, Fraud protection services.
  • Use of internet platform for sending SMS text messages, Text messaging service via the HTTP protocol, Provision of an electronic platform with OTT client logo for resale of SMS text messaging services (Web2SMS White label), Analytical messaging, delivery and aggregate reporting services, SMPP protocol for interconnection services, Location analysis and mobile number confirmation services, Mobile applications for banks, ticketing, and parking. All are designed according to the needs and aspirations of the Company and the Legal Greek and European Regulatory Legislation.

The fundamental principles, as expressed within the Information Security Management System procedures of the company, are:

  • the creation of a foundation for the constant improvement of the efficiency of the company’s processes, having in mind the continuous and utmost satisfaction of the customers’ needs and expectations.
  • minimizing the impact and the number of incidents that may affect the normal progression of the company’s business processes.
  • secure handling of exceptionally important information for the company’s operations and market status -regardless of how this information is stored or circulated, through electronic and non-electronic systems- to protect them in terms of confidentiality, integrity, and availability.
  • the compliance with the laws and regulations to which the company is subject.
  • the continuous improvement of the system.

The Management’s goal regarding the protection of personal data is to comply with the following principles:

  • Lawful processing of personal data
  • Preservation of personal data for clearly defined purposes.
  • Limiting personal data to what is absolutely necessary to achieve the above-mentioned goals.
  • Protection of personal data through adequate security measures.
  • Preservation of personal data for a certain period (depending on the purposes).

The System’s fundamental principles are reviewed at regular intervals by the company’s Management to adapt to the new needs and developments of the market, the legal requirements, but also to achieve the company‚Äôs information security goals. Information Security Objectives are also reviewed on an annual basis and adjusted as required.

The Management is committed to the disposal of the infrastructure and equipment deemed necessary for the implementation and availability of its operations. Every employee is responsible to respond, assimilate and implement the procedures required by the Information Security Management System through his/her daily activities. For this reason, all employees, depending on their responsibilities, are informed about the System and act in a proven manner under the established rules of security and confidentiality.

The Information Security Policy is communicated, understood, and applicable by all the company’s human resources. The ultimate goal of this policy is the continuous and steady growth of the company’s operations, alongside the unwavering commitment to the company’s principles and constant provision of high-quality products and services to its customers. The policy is reviewed at regular intervals to secure its continuous harmonization with market conditions, technological developments, and current legislation.

Procedures, flows, and actions that do not guarantee the fulfillment of the set goals, are immediately suspended by those in charge to assess the situation and define the necessary reform measures.

Management

Rokos Dimitrios

Thessaloniki, 03/09/2020

(Version: 2)