The top management of Lendismart SL (“LENDISMART”) establishes, approves, disseminates at all levels of the organization, implements, monitors, and reviews the Information Security Policy that it deems most appropriate for the organization to achieve its Information Security objectives.

To accomplish this, LENDISMART’s top management ensures that the stated policy:

  • Is appropriate to fulfill the organization’s purpose.
  • Provides the proper framework for establishing and reviewing Information Security objectives to achieve them under the predefined conditions.
  • Includes a commitment to meeting the needs of Confidentiality, Availability, and Integrity within the scope of the organization’s ISMS and to continuously improving the effectiveness of the ISMS itself.

Once the Information Security Policy is approved, it is published through the organization’s various available channels to ensure awareness among all personnel.

It is communicated throughout the organization, ensuring that it is correctly understood at all levels before proceeding with its implementation across the organization.

LENDISMART’s Information Security Policy is reviewed annually to ensure its continued alignment with the organization’s purpose, the nature of its activities, and its commitment to meeting customer requirements as well as applicable legal or regulatory requirements.

Information Security in service delivery is the fundamental objective on which LENDISMART’s activities are based.

To achieve these objectives, LENDISMART commits to:

  • Providing services in an optimal and efficient manner, meeting the needs and expectations of clients and stakeholders.
  • Ensuring compliance with the legal and regulatory requirements applicable to the services provided by LENDISMART.
  • Continuously improving through the establishment and fulfillment of objectives that guarantee this improvement.
  • Allocating part of its resources to R&D&I projects to achieve the objectives and priorities of the company’s research, development, and technological innovation policy.
  • Assigning the necessary resources to achieve the Information Security Management objectives defined by LENDISMART.
  • Continuously analyzing the information gathered during activities, as well as the feedback from clients, to correct and prevent failures and improve processes and services.
  • Training all LENDISMART employees so they can help us continuously evolve by setting new objectives.
  • Establishing a documented system that ensures compliance with the guidelines set forth in this policy.

All LENDISMART personnel must be aware of, understand, and apply this policy. Therefore, the organization takes the necessary measures to ensure its implementation.

To achieve these goals, LENDISMART maintains an Information Security Management System based on the requirements of the ISO 27001 standard, aimed at carrying out its activities with excellence.