Remove
ISO27001 - Information Security
RGPD
ISO22301 - Business Continuity
Security Consulting
This is where the text for the front of your card should go. It's best to keep it short and sweet.
Vulnerability Analysis and Intrusion Testing
Forensic Analysis
Phishing Simulations
Integration
Remove
Data Recovery
Safely Erase
Device Destruction
Remove
Training in person
e-Learning
CLIENTS
The information managed by DRC, as well as the systems, applications and infrastructure are valuable assets for the organization. Because it understands that the loss of confidentiality, integrity or availability may have a negative impact on the credibility of CKD and its stakeholders, information security should be applied in a systematic manner in all phases of the information life cycle.
The CBS contributes in a sustained and systematic way to Information Security, in its fundamental pillars, Confidentiality, Integrity and Availability, as a facilitating and differentiating factor, for all the organization's activity.
Policy Principles:
Ensure compliance with legislation or regulations in force related to Information Security;
Protect information and its means of storage and transmission, whether information produced internally or received from third parties, or existing and transmitted in digital or physical form;
Implement adequate procedures to minimise and monitor security incidents and implement accountability processes for breaches of the ISMS internal policies and procedures;
Preserve, at all times, the confidentiality, integrity and availability of supporting information related to the activity of the CBS and received from relevant stakeholders;
Protect CKD information from malicious agents, whether internal or external, through effective and timely management of existing vulnerabilities, taking into account their degree of risk;
Monitor the threats existing in the market, in order to adapt the necessary protection and mitigation measures according to the perceived risk;
Manage information in accordance with the assumptions and objectives of this policy, through information security management based on appropriate risk management, both in its analysis and treatment;
Promote the awareness and training of all employees in the field of Information Security;
Promote the continuous improvement of the ISMS.
Compliance with the General Data Protection Regulations
1. Objective, scope and users
DRC - Data Risk and Consulting, Lda, is committed to protecting the privacy of personal data. Personal data is collected and processed in accordance with Personal Data Protection legislation, namely Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 and other applicable laws.
The CRD complies with best practices in the areas of security, respect for privacy and protection of personal data.
The definitions and terms used in this document have been taken from Article 4 of Regulation (EU) 2016/679.
Users of this document are all employees, permanent or temporary, and all entities that collaborate with the DRC in which the scope of collaboration involves some form of processing of personal data.
2. Reference documents
3. What is personal data?
It is data which permits the identification of a natural person, or makes it identifiable, directly or indirectly, such as name, address, e-mail, age, marital status, identification number, location data, electronic identifiers, specific elements of the physical, genetic, economic, cultural or social identity of that natural person.
4. Who is responsible for data processing?
The DRC is responsible for the processing of personal data collected and may be contacted at its headquarters, located at Rua Quinta do Pinheiro, Edifício Tejo, Nº16 2ºE 2790-143 Carnaxide, through the telephone number 214 146 810 or through the email, privacidade@drc.pt.
5. For what purpose does the DRC handle personal data?
| Purpose | Data processing |
| Data recovery | Collection, recording and use of data necessary for the provision of the service |
| Management of applications | Spontaneous applications may be filed and used for recruitment processes that take place within a maximum of 1 year from the date of entry. |
| Human Resources Management | Collection, recording and use of data required for human resources processes |
6. How does DRC treat and store your personal data?
Translated with www.DeepL.com/Translator (free version)
COOKIE DOUBLECLICK DART
Google, as a third party vendor, uses cookies to display ads on our website;
With the DART cookie, Google may serve ads based on visits the reader has made to other websites on the Internet;
Users can disable the DART cookie by visiting the Google Content and Ads Network Privacy Policy.
COOCKIES E WEB BEACONS
