Cyber and Information Security Policy

Cyber and information security are an essential part of Sound of Data’s core business values. These values guide our actions to deliver products and services that are secure, compliant and fully integrated in Sound of Data’s preferred way of working. Living up to this program is essential to achieve our ambition to deliver red-carpet telephone customer service.

To deliver effective service for our clients it is essential that we at times collect, store, transfer and use data and information entrusted to us by our clients and their customers. Therefore, professional and adequate cyber and information security is of paramount importance to our organization.

We are committed to guarantee the confidentiality, integrity and availability of all data and information in our possession, always operating in accordance with applicable laws and regulations. We continuously challenge ourselves by improving our management systems to achieve the highest possible security. We actively monitor our performance and analyze our results to optimize internal processes and progress on strategic objectives. We are committed to deliver what we promise to our clients and employees. We are committed to earn and maintain our clients’ trust by using data and information in a responsible way, always respecting the sensitivity and confidentiality obligations.

At Sound of Data, everyone uses their power to positively influence the security of data and information by passionately dedicating their time and efforts on protecting our clients, their customers and our employees. Teamwork, engagement, ownership and support by everyone in the organization is of key-importance for achieving our cyber and information security objectives. In this context, we are committed to providing the required leadership, management, governance and resources to ensure our integrated management system is improved continuously, reviewed annually and actively communicated to all employees.

Meeting our commitments

At Sound of Data, we believe that the responsible use of data and information supports business growth and strong relationships between brands and consumers. We are involved in, and dedicated to, achieving the highest cyber and information security standards for our products and services through the application of our Integrated Management System (IMS) for Quality, Information Security and Data Protection.

Our integrated management system, fully aligned with (ISO) standards, is implemented throughout our entire organization and verified by third-party certification bodies. To achieve our commitment;

  • We will use data and information in a secure, lawful and transparent way. We will always ensure that the confidentiality, integrity and availability requirements are met. Effectively preventing unlawful or unauthorized use, access or accidental loss of data and information;
  • We will collect, store, transfer and use data and information as permitted by laws and within the limits set out in our contracts with clients and suppliers and we will only use data and information in line with relevant instructions from either clients or suppliers;
  • We recognize that we are responsible for data and information under our control and have designated individuals to be responsible for compliance with these principles and applicable information security laws.

Right to be removed

As mentioned, we will only use data and information in line with relevant instructions from either clients or supplier. This means we mainly act as data processor and are not the data owner. If you would like to know which of your personal data we have stored, for how long and for which reasons, please send an email to privacy@soundofdata.nl. In case you would like to exercise your right to be removed, we will then direct you to the owner of your data.

Questions

For any other issues regarding cyber and information security as well as privacy; please send an email to governance@soundofdata.nl.