Information security policy
The Information Security Policy (“IS Policy”) is dedicated to protecting the information managed by One Click Actions. The company is located at Friesengasse 29, Frankfurt am Main 60487, Germany.

Focus of IS policy:

The IS policy focuses on ensuring the availability, authenticity, integrity and confidentiality of information in accordance with the requirements of applicable legislation and the ISO/IEC 27001:2017 standard “Information technology – Security procedures – Information security management systems – Requirements” in the context of One Click Actions‘ activities.

Implementation of the IS policy:

The implementation of the IS policy is based on a risk assessment of threats and vulnerabilities that could affect the security of the information managed by One Click Actions. The aim is to continuously improve the information security management system to reduce identified risks to an acceptable level.

Goals of IS policy:

• Priority is given to protecting confidential information and personal data from unauthorized disclosure or use.
• Information must be accessible to authorized persons in good time and be usable in an authorized manner.
• Information must be relevant and sufficient to identify its source and the person who created and/or processed it.
• Information must not be illegally altered, destroyed or lost.
• Information must not be intentionally or inadvertently disclosed to unauthorized persons.
• Internal users must be regularly trained and instructed in information security issues.

The IS policy is implemented simultaneously with the cybersecurity and business continuity policies in accordance with the principles of complexity, procedural approach, separation of functions, informal enforcement, resistance to social engineering methods, prevention of security fatigue, needs assessment, proportionality, balance and efficiency.