Information security policy

LANA S.COOP. (hereinafter Lana or the Organisation) is highly committed to offering its services of manufacturing three-layer board, H20 beams and Pellet in a quality environment, where increasing digitalisation makes it essential to implement good security practices in order to achieve the objectives of confidentiality, integrity, availability and legality of all the information managed by the Organisation during the execution of its business processes.

Consequently, the Organisation maintains the following application guidelines to be taken into account within the framework of the Data Protection Management System (SGPD):

  • Confidentiality: The information processed by Lana will only be known by authorised persons, after identification, at the time and by the means provided.
  • Integrity: The information processed by Lana will be complete, accurate and valid, its content being that provided by the data subjects without any kind of manipulation.
  • Availability: The information processed by Lana will be accessible and usable by authorised and identified users at all times, guaranteeing its own persistence in the event of any foreseen eventuality.
  • Legality: Lana guarantees compliance with all applicable legislation. In particular, the regulations in force relating to the processing of personal data.

By means of this policy, the General Management assumes responsibility for supporting and promoting the establishment of the organisational, technical and control measures necessary for compliance with the security guidelines described herein.

Likewise, all policies and procedures included in the SGPD will be reviewed, approved and promoted by the General Management of Lana.

This Security Policy will be maintained, updated and adequate for the organisation’s purposes, aligned with the organisation’s strategic risk management context. To this end, it will be reviewed at planned intervals or whenever significant changes occur to ensure that its suitability, adequacy and effectiveness are maintained. In addition, a formally defined risk assessment procedure is defined to manage the risks faced by Lana.

S.A. Chief Executive Officer