ISMS policy

1. Timely detection and minimization of the impact of security related incidents: The reporting of security breaches by our employees is essential for the timely detection of such incidents. We therefore rely on regular and detailed training of all employees to correctly identify and report security risks. Such reports enable the timely detection of incidents and the immediate initiation of appropriate measures to minimize the impact on our systems and data
   We also attach great importance to implementing all available technical measures to detect possible security issues.
2. Compliance: Compliance with legal, regulatory and contractual requirements is of crucial importance to us. Our ISMS policy ensures that all internal processes comply with the applicable regulations, such as the General Data Protection Regulation (GDPR) as well as industry-specific standards. This also includes the regular performance of security audits.
3. High level of security awareness among employees: A high level of security knowledge among all employees is a key aspect of our ISMS policy. Regular training and awarenessraising measures promote an understanding of security risks and the secure handling of information in everyday work life.
4. Availability of web services: The availability of our web services is ensured by redundancy, data backup and outage concepts as well as monitoring using appropriate and up-to-date systems. These measures guarantee that our services are continuously available even in the event of outages or disruptions
5. Protection of data against unauthorized changes: The integrity of our data is protected by appropriate measures such as the principle of least privilege, the need-to-know principle, physical security, and technical and organizational measures. These practices prevent unauthorized changes and verify that only authorized people gain access to sensitive information.

The continuous evaluation and improvement of our security measures is of major importance to us. They are therefore subject to constant monitoring by our experts, which allows us to adapt to current technological developments and new potential threats. Through continuous monitoring, audits and the analysis of incidents, we strive to constantly improve our security standards.

This ISMS policy is a central component of our corporate strategy and helps to protect the confidentiality, integrity and availability of our information. All employees, partner companies and service providers are obliged to comply with the guidelines of this policy and actively contribute to improving information security