The English version of legal agreements and policies is considered as the only current and valid version of this document. Any translated version is provided for your convenience only, to facilitate reading and understanding of the English version. Any translated versions are not legally binding and cannot replace the English versions. In the event of disagreement or conflict, the English language legal agreements and policies shall prevail.
Last Revised: 2024-03-18 15:47:35
Information Security Policy
The Information Security Policy (“IS Policy”) is dedicated to the information managed by HOSTINGER operations, UAB (“Hostinger”).
Focus of the IS Policy:
The IS Policy is focused on the insurance of accessibility, authenticity, integrity and confidentiality of information according to the requirements of the applicable legislation and standard ISO/IEC 27001:2017 “Information technology – Security techniques – Information security management systems – Requirements” in the context of the Hostinger activities.
Implementation of the IS Policy:
The implementation of the IS Policy is based on the risk assessment in terms of threats and vulnerabilities that could impact the security of information managed by Hostinger and the improvement of the information security management system for the reduction of the identified risks to the acceptable level.
Goals of the IS Policy:
- Priority is given to the protection of confidential information and personal data against unauthorised disclosure or use.
- Information has to be timely accessible to the persons authorised to process it and used as authorised.
- Information has to be relevant and sufficient to identify its source, the person who has created and/or processed it.
- Information cannot be illegally changed, destroyed or lost.
- Information cannot be intentionally or accidentally revealed to the persons who are not authorised to access it.
- The internal users have to be periodically trained and instructed on the issues of information security.
The IS Policy is implemented simultaneously with the cyber security and the business continuity policies according to the principles of complexity, procedural approach, separation of functions, informal enforcement, resistance to social engineering methods, avoidance of security fatigue, need-to-know, proportionality, balance and efficiency.