1. Purpose, Objective and Scope
1.1. Purpose The following document details the necessary security features that must be taken into account for the proper management of cookie information.
1.2. Scope This policy includes the proper use of the information that is downloaded by the user client from the Protexa web portals. This document includes statements about: • Types of Cookies. • Cookies authorized for use on Protexa’s websites. • Administration of Cookies.
1.3. objective Establish rules and criteria that must be applied for the proper use of information, as well as the management and maintenance where information is stored and retrieved about the browsing habits of a user or their team and improve the service offered.
2. Document reference
3.1. IT team
Adopt responsibility for the security practices established in this Guide for the administration of cookies. • Validate infrastructure requirements for application support.
3.2. Business process owners
Determine business and infrastructure requirements for applications.
3.3. Application Owners •
Implementation and support of commercial applications.
3.4. IT Infrastructure and Cybersecurity Manager
3.5. Employees / staff •
All Protexa personnel are responsible for the correct use of the information. • Use only previously identified or approved software and versions for use, and when an approved solution does not meet requirements, work with IT to identify an acceptable solution
3.6. Service Providers
• Comply with and periodically verify compliance with this Policy.
4. Description of the Policy
4.1. Cookies Management Policy
2. The types of cookies are: to. According to the entity, which manages the domain from which the cookies are sent and treats the data obtained, two types can be distinguished: own cookies and third-party cookies. b. Depending on the period of time, they remain stored in the client’s browser, and may be session cookies or persistent cookies. c. Depending on the purpose, for which the data obtained is processed: technical cookies, personalization cookies, analysis cookies, advertising cookies and behavioral advertising cookies.
3. Special exceptions can be made to this Policy for Web portals where the administration of cookies is not required to improve the user or customer experience. Exceptions are handled on a case-by-case basis by the IT Infrastructure and Cybersecurity Manager or his / her designee and documented.
4. All business critical functions must be compatible with standard business applications.
5. Open source applications are not allowed in Protexa.
4.2. Cookies log
1. In all cases, the IT Infrastructure and Cybersecurity department is required to have an up-to-date list of the software used to manage cookies, which is why the permitted ones on Protexa’s web portals are detailed below. .
2. The software must be registered in the name of Protexa and the department in which it will be used.
3. The IT team maintains a record of all Protexa software and will maintain a library of software cookies. The record must contain: o The title and the publisher of the cookie. o The date and source of the acquisition of the cookie. o The location of each facility, website, URL. o The existence and location of backup copies. o Details and duration of support arrangements for software updates. o Owner of the cookie. o Owner of the business process. o Benefits that the cookie provides for the business.
4.3. Cookie requirement 1. At the time of the acquisition of cookies, the foundations of future support and the expected useful life of the product will be established. It can be important to be confident that manufacturers will provide updates to correct any serious security vulnerabilities that are discovered in the future. 2. Access and storage controls must be taken into account for the adequate custody of the information.
4.4. Acceptance of Cookies 3. Protexa shows information about its Cookies Administration Policy and asks for the consent of its use. Given this information, it is possible to carry out the following actions: to. Accept cookies. This notice will not be displayed again when accessing any page of the portal during this session. b. Close. The notice is hidden on this page. c. Modify your settings. Modify your browser settings.
4.5. Cookie standardization
2. On the Protexa web portals there are 5 types of cookies authorized for their administration.
B. SwitchConcepts – Works with Google Analytics and LeadLander to serve ads. They keep track of which pages a user visits and monitor which countries they come from. Cookies are used in these processes. Both methods of data collection are of a non-personal nature. The data they collect is anonymous. More information in your privacy and cookies policy.
E. Chatbot: 4.6. Maintenance and Elimination of Browser Cookies 1. Clients who visit Protexa’s web portals have the functionality of restricting, blocking or deleting Protexa’s cookies or any other web page, using their browser. In each browser the operation is different, the ‘Help’ function will show you how to do it. to. Internet explorer b. FireFox c. Chrome d. Safari In addition, you can also manage the cookie store in your browser through tools such as the following: and. Ghostery F. Cookies Manager
5.1. Disciplinary actions Non-compliance with policies can potentially lead to operational and security incidents that can destroy the integrity of Protexa’s IT systems and resources, damage company operations and reputation, or adversely affect company productivity. The prevention of such incidents is essential for the safety of the organization and of all people. Protexa personnel who do not comply with this Guide may be subject to disciplinary measures, up to and including termination of employment.
5.2. Exceptions All exceptions to security policies and controls must be formally documented and evaluated by the Security Risk Committee and approved by the Protexa CIO.
5.3. Definitions Description of Terms Cookies: Cookies are files that can be downloaded to the computer through web pages. They are tools that have an essential role for the provision of numerous services of the information society. Authorized Software: Software that is operated under the terms and conditions of the license duly acquired and in accordance with the purposes and objectives of Protexa. License: The right to use the software granted by the licensor to the licensee under the terms of the agreement. Open Source Software – Copyrighted software that meets the definition of open source (OSD), distributed with its source code in a readable format, developed openly and collaboratively by groups of developers. http://www.opensource.org/docs/osd
5.4. Audit and Control The audits should be planned and arranged with the parties involved to minimize the disruption of the IT operation at Protexa’s facilities. 5.5. Validity This document is valid from the date of approval and / or publication of the document on the Protexa ISMS portal. The owner of this document is the IT Security Manager, who must verify and, if necessary, update the document at least once a year.