Information Security Policy

The senior management of Lendismart SL (“LENDISMART”) establishes, approves, disseminates at all levels of the organization, implements, monitors, and reviews the Information Security Policy that it considers most appropriate for the organization to achieve its Information Security objectives.

To accomplish this, the senior management of LENDISMART ensures that the aforementioned policy:

  • Is appropriate to realize the organization’s purpose.
  • Provides the appropriate framework for establishing and reviewing Information Security objectives, with a view to achieving them under pre-established conditions.
  • Includes a commitment to meeting the requirements of Confidentiality, Availability, and Integrity within the scope of the organization’s ISMS, to continuously improve the effectiveness of the ISMS itself, and to ensure the protection of personal data in accordance with applicable legislation.
  • Once the Information Security Policy is approved, it is published through the various means available to the organization for the knowledge of all personnel.
  • Is communicated to the entire organization, ensuring that it is correctly understood at the different organizational levels, followed by its implementation throughout the organization.
  • The Information Security Policy of LENDISMART is reviewed annually to ensure its continued alignment with the organization’s purpose, the nature of its activities, and in commitment to meeting customer requirements and applicable legal or regulatory requirements.

Information Security in service delivery is the objective upon which LENDISMART’s activities are founded.

To fulfill its objectives, LENDISMART is committed to:

  • Providing services in an optimal and efficient manner, satisfying the needs and expectations of customers and interested parties.
  • Ensuring that the legal and regulatory requirements applicable to the services provided by LENDISMART are met.
  • Continuously improving through the establishment and fulfillment of objectives that guarantee such improvement.
  • Allocating part of its resources to research, development, and innovation (R&D&I) projects to achieve the objectives and priorities of our company’s research, development, and technological innovation policy.
  • Allocating the necessary resources to achieve the Information Security Management objectives defined by LENDISMART.
  • Permanently analyzing information gathered during the conduct of activities, as well as information provided by customers, in order to correct and prevent failures and improve processes and services.
  • Training all LENDISMART employees to help us continuously evolve through the establishment of new objectives.
  • Establishing a documented system that ensures compliance with the guidelines assumed herein.

All LENDISMART personnel must know, understand, and apply this Policy, and therefore the organization takes the appropriate measures to ensure this occurs.

To achieve these goals, LENDISMART maintains an Information Security Management System based on the requirements of ISO 27001 standard, aimed at carrying out its activities with excellence.

Approved by General Management: 10/9/2024

Top