Information regarding the General Data Protection Regulation
(GDPR)
On May 25, Regulation 2016/679 of the European Parliament and of the Council, of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and the free movement of such data, came into force.
Axioma has always been guided by respect for the privacy of its customers, building unique and lasting relationships with people who believe in our brand and value the well-being provided by our services.
We understand that the use of personal data requires your trust and, therefore, an Integrated Quality and Information Security Management System was implemented, which culminated in the Company’s Certification by NP EN ISO 9001:2015 and NP ISO/IEC Standards 27001:2022.
We have been subject to the highest standards of quality and privacy in information management since the beginning, which is why we have made solid and continuous improvements to strengthen internal procedures and the security of information systems, with a special focus on the personal data of our Employees and of our Clients’ Employees.
We guarantee the use of personal data solely and exclusively for clearly identified purposes and in accordance with your data protection rights. In this way, Axioma guarantees that:
1. Does not use data from Customers and/or its Employees for purposes other than those associated with the provision of “accounting” and/or “payroll” services;
2. Limits access to confidential data to people strictly necessary to provide services;
3. Draw up confidentiality agreements with all entities that access or may access sensitive data;
4. Defines, implements and reviews technical and administrative conditions to guarantee the confidentiality, integrity and availability of data, such as: access control (physical and logical), antivirus / “malware” protection systems / etc.; system for making backup copies, “disaster recovery” procedure / Continuity Plan;
5. Defines and implements Information Security Policies, namely:
– Mobile Device Use and Teleworking Policy
– Access Control Policy
– Cryptographic Controls Use Policy
– Clean Desk and Clean Screen Policy
– Information Transfer Policy and Procedures
– Supplier Relationship Policy
In relation to the management software used to process personal data, in accordance with the different service levels agreed with all our clients, they are adapted to this new reality, ensuring compliance with all legally required requirements.
More specifically, they are equipped with productivity mechanisms that accelerate the response to new regulations, being able to carry out the following actions, among others:
- Search and extraction of personal data in all solutions;
- Data anonymization;
- Creation of an anonymized database copy;
- Association of certificate with the database copy, thus ensuring additional security;
- Detection of personal data breach incidents;
- Encryption of documents/attachments, limiting access to certain profiles;
- Encryption of documents with personal data.
Axioma makes its Management System policy available at https://dev.axioma.pt/en/axioma-2/, in which you can find additional information about the Information Security Management aspects in our organization.
In addition, we provide our usual contact details for any questions or additional clarifications that may be necessary on this topic.