CECO S.A:

Regulations on System Use and Data Confidentiality

Regulations on System Use and Data Confidentiality

At CECO S.A. we are committed to ensuring the security of information and the protection of personal data for employees, customers, and partners, in accordance with current legislation on data protection and digital security.

Principles and Scope

  • Confidentiality: All employees must maintain the confidentiality of the information they access, both during and after their employment relationship.
  • Data Protection: Personal data are managed in compliance with the GDPR and Organic Law 3/2018, with appropriate security measures and access controls.
  • Legal Obligations: Data may be communicated to public bodies, mutual societies, banks, and partner companies only when necessary for compliance with legal and employment obligations.

Use of Technological Resources

  • Technological resources (computers, mobile phones, applications, etc.) must be used exclusively for professional purposes.
  • The use of unauthorised software, installation of illegal programmes and the connection of external devices without permission are prohibited.
  • CECO S.A. reserves the right to monitor the use of systems and devices to ensure their proper use and the security of information.

Email and Messaging

  • Email and messaging applications are company property and their use must be strictly professional.
  • The sending of chain letters, subscriptions to external forums or use for personal or illicit purposes is not permitted.

Internet Access

  • Internet access must be related to professional activity.
  • The use of P2P networks, unauthorised downloads, and access to content unrelated to the company is prohibited.

Incidents and Security

  • Any incident affecting system security must be reported immediately to the Security Officer.
  • It is forbidden to share login credentials and secure, up-to-date passwords are required.

End of Employment Relationship

  • Upon termination of employment, the employee must return all resources and delete any company information stored on personal devices.

Consequences of Non-Compliance

Failure to comply with these regulations may lead to administrative, employment, civil, and criminal sanctions, depending on the seriousness of the infringement.

View Information Security Policy.

At CECO, S.A., we are committed to ensuring information security and the protection of the personal data of employees, clients, and collaborators, in compliance with current legislation on data protection and digital security.

CECO, S.A. holds the ISO 27001:2022 Information Security Management System certification.

Contact Form