genesis slider
Genesis Pharma SA is certified with the International Standard ISO/IEC 27001:2013 "Information Security Management" and is engaged to the implementation of its activities according to the applicable Legal and Regulatory framework and its other contractual obligations, in a way that information data and especially personal data are protected from intentional or unintentional theft, destruction or breach of Laws and Regulations.

The scope of information security, through this policy, is to ensure the business continuity of the company and to minimize the risks that threaten the data, preventing security incidents and reducing the impact that these incidents may have.

The specific objectives of the company regarding Information Security are:
• The Information Data is protected from any unauthorized access.
• Ensure the confidentiality, integrity, availability and retention of Information Data, as legally provided.
• To comply with the principles of legality, objectivity and transparency in the processing of Information Data.
• The Information Data should be collected only for defined, explicit and legal purposes and not to be further processed in a way incompatible with these purposes.
• The Information Data must be appropriate, relevant and limited to what is necessary for the purposes for which it is processed.
• Ensure compliance with regulatory requirements.
• Provide training on Data Security for all employees.
• All factual or suspected security incidents should be reported to the DPO and thoroughly investigated.

In order to achieve the above objectives, individual Technical Measures, Security Policies and Procedures have been developed and implemented, which describe all the relevant responsibilities of the employees and which ensure and prove that the management of information data is carried out in accordance with the Regulatory Framework.
All employees and external partners (when required) have to implement the Security Policies that govern the operation of the company and fall within the scope of their activities.
The Management is committed to provide all the necessary resources and means for the implementation of the specific Security Policies.