37
2013
Annual Report
PERSONAL DATA PROTECTION
Euskaltel has an Information Security Management System in place pursuant to the ISO 27001 standard certified
externally since 2012 and the relevant renewal audit was conducted in 2013. The Euskaltel Information Security
Management System envisages the Data Protection policy which sets out the specific procedures to ensure the
successful implementation of this policy.
The management and maintenance of the personal data following the data quality principle established in the
relevant legislation, the exercising of the rights of the customers in this regard (access, rectification, cancellation
and challenging of the data) pursuant to the principle of the consent of the interested party, along with the access
to the customer personal data to provide third-party services that allow the mandatory control of their use are
covered by the aforementioned procedures. The application of the following security measures is an essential part
of this policy:
•
Reducing the risk of breach of the legislation in this regard and, therefore, of penalties by the Personal Data
Protection Agency.
•
Ensuring the optimum quality of the data.
•
Improving the management of customer support regarding data protection requests and claims.
•
Fulfilling a legal obligation established in Article 89.2 of the Enactment Regulations of the Spanish Data Protection
Act.
•
Training workers in order to guarantee that they know their obligations, along with their secrecy and security duty
regarding the personal data to which they have access in the performance of their duties.
