In addition to classic advertising, Schneifel Media also offers its customers additional services in the field of advertising, for example the development of brand strategies and concepts for digital platforms such as websites, apps, social media and much more. Many customers are already fully supported in terms of communication.
This guideline on information security addresses this requirement with regard to the security of information and data processing within Schneifel Media.
Requirements, Risks and Goals
The trust of our customers and ultimately our business success is based on the fact that we in particular
- comply with the legal requirements – and not least the data protection laws – (compliance),
- protect our trade secrets,
- maintain the confidentiality of our customers’ data,
- complete our projects and services in the planned or guaranteed time,
- deliver and archive our services securely.
Based on this background, we depend on us recognizing existing risks for the stated goals, avoiding or at least reducing them by taking suitable measures, and treating remaining risks appropriately.
Risks include incomplete or inaccurate compliance with legal requirements, the unauthorized and possibly unnoticed disclosure of trade secrets, the violation of our customers’ requirements due to system failure, data loss or unauthorized disclosure of information.
Against the background of external and internal requirements, but above all the security requirements of our customers, information security must be an indispensable part of our company. Every employee must be aware of the need for information security and the fundamental effects of risks on business success.
Information security requirements
This guideline and the entire information and data security concept must comply with the legal and statutory requirements as well as the contractual obligations that are relevant in the area of information security.
Information security measures
The process for the selection of measures is defined in the methodology for risk assessment and risk treatment. The selected measures and their implementation status are listed in the corresponding document.
Each of our customers receives an individually developed contract for order processing as well as the processing of personal data for signature, in which all measures of our guideline, the duration and the content of the scope of the order are set out. It is also clear which data is processed and how and what happens to this data after the end of the contract
This document is valid from December 1st, 2021.