| Security and Confidentiality |
ISO 27001 – the World’s Best Known Security Standard
Vortal has adopted high levels of protection for its systems through policies and procedures following the strict requirements of ISO 27001, the internationally acknowledged standard for information security. The company is currently in the final preparatory phase for certification in this standard, an innovative and unprecedented undertaking in Portugal which bears witness to its ongoing commitment to enhance security.
Compliance with the ISO 27001 standard guarantees security throughout the entire business cycle, from planning new system features to compliance with laws and regulations, ongoing identification of risks, technological and physical controls, business continuity, disaster recovery, ongoing education for individuals on security issues and many other aspects.
In addition, Vortal is accredited by the ACEP (Portuguese E-commerce Association), thus guaranteeing the integrity of its e-commerce platform by a highly credible specialised organisation.
Hosting Customer Information in a Specialised Data Centre
Customer information and all critical company assets are hosted by one of the country’s largest Data Centres featuring superior levels of protection with redundancy and disaster recovery capabilities. Service levels are maintained at 99.9% during working hours – a guarantee of efficiency in the service provided.
Superior Control of Transmitted Information
Encryption is used to systematically protect transmitted information while accessing and using Vortal’s systems. All transactions are recorded using timestamping methods synchronised with the official time from the Lisbon Astronomical Observatory, thus guaranteeing the non-repudiation of these transactions and completely fulfilling legislation on public purchasing. Documents can also be digitally signed in this way, ensuring their authenticity and legal recognition. The systems’ digital certificates are created and maintained by two highly reputable companies: Multicert and Verisign.
A Tradition of Credibility
Vortal’s services have been used intensively since 2001 by more than 3,300 customers in more than 534,000 transactions with no security incidents.
Data Privacy Policy
Vortal guarantees the confidentiality of customer and employee personal information through the use of technological and physical controls to avoid its disclosure.
Portuguese law, international law and the ISO 27001 standard are observed to properly handle this information, thus ensuring that the use of personal information for activities unrelated to business processes and work activities is prohibited.
Vortal agrees to take all security measures deemed necessary against destruction, loss, modification, and accidental or unauthorised access or disclosure. Vortal may not be held liable for any illegal event that it cannot impede or prevent, namely via periodic tests performed on the security of the system by Vortal or by entities subcontracted for such a purpose.
Personal data is to be used in the contractual bond established with the user and may be ceded to third parties, namely for marketing purposes. However, Vortal shall not share or cede personal data to third party entities without the express consent of those that provided the information.
Vortal guarantees the providers of the data rights of access, rectification, cancellation and opposition. Likewise, system users and employees agree to keep their data updated.
The databases owned by econstroi.com have been legalised by the National Data Protection Commission, in accordance with case no. 4392001. Any information or additional clarification may be obtained via e-mail:
info@vortal.pt
|