Syslifters Handbook

English

Deutsch

English

Deutsch

Appearance

📝 Information Security and Privacy Policy ​

Purpose ​

This Information Security Policy establishes the principles and responsibilities for protecting the confidentiality, integrity, and availability of information assets, including personal information, handled by Syslifters GmbH. It ensures compliance with applicable data protection and privacy laws and supports the organization’s commitment to maintaining the trust of customers, employees, and partners.

Scope ​

This policy applies to all employees, contractors, and third parties who access or manage Syslifters’s information systems, networks, or data—whether stored digitally or physically.

Information Protection Principles ​

  • Confidentiality – Personal and sensitive data must be protected from unauthorized access, disclosure, or misuse.
  • Integrity – Information must be accurate, complete, and protected from unauthorized modification or destruction.
  • Availability – Information and systems must be accessible to authorized users as needed for business operations.

Personal Information Protection ​

  • Personal data shall be collected, stored, processed, and transmitted only for legitimate business purposes and in accordance with applicable privacy regulations (e.g., GDPR, CCPA).
  • Technical and organizational safeguards—including encryption, access controls, secure authentication, and audit logging—must be implemented to protect personal information against loss, theft, or unauthorized disclosure.
  • Data minimization and retention principles shall be applied to ensure personal information is not kept longer than necessary.
  • Any suspected or confirmed security or privacy incident involving personal data must be reported immediately to the company's directors and managed according to the organization’s incident response procedures.

Responsibilities ​

All staff are required to adhere to this policy and to complete periodic information security and privacy training. The management is responsible for overseeing compliance, monitoring controls, and updating the policy as needed.

Policy Review ​

This policy will be reviewed annually or following significant organizational or regulatory changes.

Last reviewed: 13/04/2026