Information Security Policy

Policy Statement

Symbio Farma BV is committed to protecting the confidentiality, availability, and integrity of its information assets. We recognize the importance of information security and will comply with all applicable legal, regulatory, and contractual requirements. We will implement and maintain an Information Security Management System (ISMS) based on ISO 27001:2013 framework, to continuously monitor and improve our information security posture. We will ensure that all employees, contractors, and third-party service providers are aware of their roles and responsibilities and receive adequate training to perform them effectively.

The objective of the system is to:
    • Reduce, so far as is reasonably foreseeable, the likelihood of an incident occurring which may affect the security of the information held by Symbio Farma BV.
    • In the event of an incident, ensuring that business & service continuity is maintained, and impact minimized.

This objective will be met by:  
    • The establishment, implementation, monitoring, and maintenance of an information management system that meets the requirements of ISO 27001:2013 as per the General¬† ¬† ¬† ¬† Data Protection Regulation and any other relevant legislation in force from time to time.¬†
    • Ensuring that any changes to the environment, technology employed, threats or legislation are identified and resulting measures reviewed and implemented.¬†
    • Understanding the threats posed to information held by the company, its partners and clients.¬†
    • Evaluating the threats posed to the data held & systems operated and ensuring that appropriate risk treatments are in place to minimize them.¬†
    • Ensuring that all employees understand and fulfil their obligations with respect to information security. ¬†
    • Setting annual ISMS objectives as a platform for ensuring that the ISMS system is compliant with the standard, relevant to the organization and ensures that the system is¬† ¬† ¬† ¬† ¬† ¬†subject to continual improvement.¬†
    • This policy will be reviewed annually to ensure that it remains compliant to the standard and relevant to the company‚Äôs activities.

Additional Information
  1. Breach Notification Information: In the rare event of a security breach and if you become aware of any such potential security vulnerabilities or incidents, please contact our dedicated security team at Your security and privacy are of utmost importance to us.
  2. GPDR Inapplicability: We operate in compliance with applicable data protection regulations. However, please note that the General Data Protection Regulation (GDPR) does not apply to our operations as we exclusively handle company information, not personal data. Your data privacy and security remain fundamental, and we are committed to safeguarding your information.
  3. Financial/Transactional Immunity Statement: We want to reassure our visitors that we do not handle monetary transactions directly on our website. Our focus is on providing secure and efficient services. Rest assured, our measures protect financial and transactional processes during order fulfilment.