1.2. Data Security
Data security and cyber protection is important to us. We apply the right solutions so that we can continue to ensure the security of all the customer data we manage.
Explaining the impact
The effects of improper data security management can result in the loss or theft of personal or commercial data. This impacts the company through financial losses due to sanctions from authorities as well as damage to brand image. The positive side of managing these risks will be found in the automation of internal processes and therefore improved customer relations.
The impact that the theft of personal data can have will be felt by our customers and employees. Potential vulnerabilities to cyber-attacks can also harm our customers through potential financial losses.
Environmental data management is essential for the company. Losing them can lead to compliance problems on environmental issues but in the chain can lead to poor monitoring of our subcontractors on environmental issues.
Managing the impact
Autonom has a Data Protection Policy which is available to all interested parties. It includes relevant information on the sensitive or other types of data that the organisation protects and the related control and monitoring processes.
Our decision to offer high-level services to our customers implies a strong awareness for data security. We are putting the right solutions in place to ensure the continued security of all the customer data we manage. The scope of our business involves the use of a wide range of equipment, machinery and technology facilities and we implement dedicated systems to ensure a degree of protection against cyber-attacks, such as firewalls, antivirus and protection software.
Autonom has implemented and maintains appropriate organisational and technical policies and procedures to protect the confidentiality of data against unauthorised access and against unlawful processing or disclosure, as well as accidental loss, alteration or destruction. Technical and organisational measures for data protection are part of corporate information security management and are continuously adapted to technical developments and organisational changes. In 2022, 53 employees were trained through cybersecurity courses.
In 2022 we had no personal data leakage incidents or complaints, no security breaches or malware contamination.
Some of the current operational processes are digitised and this trend will continue.
At the organisational level, we comply with the European requirements on the protection of personal data (GDPR). Autonom is committed to strictly respecting the confidentiality of the data of its customers or users of its communication channels and undertakes not to transmit this data to third parties.
Effectiveness of actions taken
At Autonom there were no complaints in 2022 about violations of the rules on personal data management, justified complaints received about breaches of customer confidentiality, complaints received from external parties, complaints from regulatory bodies.
There were also no identified leaks, thefts or losses of customer data. No substantiated complaints were identified in this regard at the data and complaints monitoring level.
The personal data processing policy is public and can be consulted by accessing the following link.