Information Security

The Management of the Trade Fairs and Congress Center of Málaga (FYCMA) would like to express their commitment to Information Security in relation to the processes involving the marketing, planning and preparation of the events held at their facilities, both with regard to the information in the Organisation’s systems and the information belonging to the users of the services provided within the scope of trade fairs and congresses.

As a means of guaranteeing the aforementioned security and promoting continuous improvement, FYCMA has implemented an Information Security Management System, (ISMS), defined as a series of standards, procedures and practices designed to regulate the protection of information against loss of confidentiality, integrity and availability. FYCMA thereby demonstrates its concern for security, transparency and privacy, while the management of FYCMA undertakes to implement this system and to allocate the technical and human resources required to guarantee the efficacy of the same in accordance with the following goals:

 
  • To comply with the legislation applicable to the protection of data, intellectual property and the provision of services through electronic media, respecting contractual requirements with clients, suppliers, employees and associates at all times.
  • To contribute to the achievement of the goals and guidelines established by Malaga City Council in relation to Information Security.
  • To implement the monitoring measures required to ensure compliance with the security requirements and the protection of the resources involved in the processing of FYCMA’s information through monitoring and auditing review systems.
  • To guarantee access, confidentiality, integrity and availability of the information and the continued provision of the services, taking preventive action and responding in a timely manner with regard to potential incidents.
  • To provide all employees and associates with training in information security, raising their awareness in relation to their responsibility to protect the Organisation’s information assets and to comply with the respective security regulations and privacy policy.
  • To provide clients and users with reliable solutions that meet the minimum security and service level requirements, managing relationships with suppliers, as a means of ensuring information security is not jeopardised.
  • To facilitate contact with those affected, with regard to privacy, through the person of the Data Protection Officer.