Information Security Policy

BNEO is committed to protecting the information of its clients and partners through rigorous controls and a culture of continuous security.

Our Commitment

At BNEO, information security is a strategic priority led by management and integrated into all our operations. We maintain an Information Security Management System (ISMS) in accordance with ISO/IEC 27001:2022, aimed at ensuring the protection of our clients' information, the continuity of our services, and compliance with applicable regulations.

Security Principles

All our security activities are governed by three fundamental principles:

How we protect information

These are the specific commitments we make:

1. Ongoing training for all staff in information security best practices.
2. Access control based on least privilege and multi-factor authentication on all systems.
3. Incident management with defined procedures to detect, respond to, and learn from any event.
4. Vendor management ensuring that third parties with access to our information meet equivalent security requirements.
5. Business continuity service through backups, redundancy, and incident recovery plans.
6. Continuous improvement through periodic audits, risk reviews, and control updates.

The User can freely access the Website and, as a general rule, free of charge. The use of some of the Website Content or Services may require prior subscription or registration by the User.

Regulatory Framework

This policy is framed within compliance with the regulations applicable to our activity. The policy is reviewed annually by BNEO's management and updated in response to relevant changes in the organization or the regulatory environment.

ISO/IEC 27001:2022

GDPR

LOPDGDD

Security Contact

For inquiries, incident reports, or any communication related to information security, please contact our Security Officer: seguridad@epigram.es.