Governing Policies
Information Security Management System (ISMS) Policy
Afenoid maintains an information security management system in accordance with the ISO27001 standard, ensuring the confidentiality, integrity, and availability of its information and information assets, considering the risks being faced by the organization.
Personal Information Management System (PIMS) Policy
Afenoid collects, stores, and processes personal email addresses. Other Personally Identifiable Information (PII) such as full name, phone number, birth date, etc., is collected only after obtaining consent from the PII principals. Once collected, the following rules apply to all circumstances with no exceptions.
PII shall be:
- Precise and consistently updated.
- Collected legitimately and with a clearly stated purpose.
- Processed following legal and ethical bindings.
- Protected from any unauthorized or illegal access.
PII shall not be:
- Communicated informally.
- Stored for longer than the determined retention period.
- Transferred to organizations, states, or countries that do not provide proper protection of PII.
- Shared with other parties, unless approved by the PII principal.
Disclosure: Under specific circumstances and when required, Afenoid can disclose PII to law enforcement agencies without obtaining consent from the PII principal. However, Afenoid will ensure the request is legitimate by seeking assistance from legal advisors, when necessary.