Maritime Terminals
CSP Iberian Bilbao Terminal
CSP Iberian Valencia Terminal
Intermodal Terminals
Conterail
CSP Iberian Zaragoza Rail Terminal
Intermodal Solutions
CSP Iberian Rail Services
CSP Logitren
Customer area

Valencia

Bilbao

Information security

Purpose

COSCO SHIPPING Ports (Spain) Terminals, S.L.U. has adopted the following Information Security Policy (“Policy”) as a measure to protect the confidentiality, integrity and availability of corporate information, as well as any information that is stored, processed or transmitted.

Scope

This policy applies to all employees and subcontracted personnel of COSCO SHIPPING Ports (Spain) Terminals, S.L.U. or a subsidiary of COSCO SHIPPING Ports (Spain) Terminals, S.L.U., who access, process or store corporate data.

Policy

Commitment of COSCO SHIPPING Ports (Spain) Terminals, S.L.U.

CSP Spain is aware of the importance of information security for the company in order to protect assets, ensure business continuity, achieve regulatory compliance, and maintain an optimal level of competitiveness in today’s market.

Therefore, CSP Spain has developed this Information Security Policy and the corresponding standards and guidelines that guarantee the confidentiality, integrity and availability of information.

The management of CSP Spain has sought to define the most appropriate policy and procedures for CSP Spain to undertake a process of improving Information Security, with the conviction that it will result in greater efficiency and guarantee of its business processes.

This information security policy is included in the Information Security Management System implemented at CSP Spain, which represents a commitment by CSP Spain’s management to a continuous improvement process that ensures the organization’s proper development in the field of information security, as well as compliance with applicable requirements in this context.

The ultimate goal of this document, which we present here, is to offer the best service to our clients, protect sensitive and personal information, be aligned with the group’s policies, and improve our processes.

Therefore, the Management of CSP Spain wishes to expressly acknowledge and approve the policies developed in this document, so that all staff must be aware of them and accept them as part of their job duties.

To make this possible, the necessary resources and tools will be allocated for the proper development of what is established here, both at the beginning and in its future maintenance.

Information Security Policy

Throughout its lifecycle, all corporate information will be protected in the manner that CSP Spain deems reasonable and appropriate, according to its level of sensitivity, value, and criticality. This policy is based on the new Information Classification policy, which specifies and defines in detail the levels to be applied according to the nature and content of the information, serving as a reference or guideline.

Policy application

Any employee who has violated this policy may be subject to disciplinary action.

Definitions

Confidentiality

Ensure that information is accessible only to those who are authorized to have access.

Corporate data

It is defined as any data or information that can be derived from data, and which is owned by CSP Spain.

Availability

Ensure that authorized users have access to information and associated assets when required.

Integrity

Safeguard the accuracy and completeness of information and data processing methods.

Information Systems

Any electronic system that stores, processes, or transmits information.