Version 0 - 04/09/2024
The purpose of this Information Security Policy is to protect the confidentiality, integrity, and availability of Pickatale’s information assets while supporting its mission of inspiring a love of reading and empowering young learners through innovative digital content. This policy aligns with ISO/IEC 27001:2022 standards and ensures effective information security management across the organization, while also integrating environmental considerations into our security strategy.
This policy applies to all Pickatale employees, contractors, third-party providers, and any other relevant stakeholders who interact with Pickatale’s information systems or data, whether hosted internally or through cloud platforms. It encompasses all digital and physical assets, including customer data, employee information, and business operations.
Pickatale is a leading educational technology company, specializing in developing interactive reading and learning experiences for children. Our mission is to inspire a love of reading and empower young learners by providing innovative, engaging digital content and tools that foster growth and development. We dream, create, and embrace new challenges to support children in their learning journey.
Our goal is to help children thrive by offering them immersive, educational experiences through our advanced technology and creative storytelling. We are dedicated to making reading accessible, enjoyable, and impactful for every child.
The primary objectives of Pickatale’s Information Security Management System (ISMS) are:
To achieve these objectives, Pickatale is committed to the following principles:
5.1 Risk Prevention and Management
All information security risks will be proactively managed. This includes performing regular risk assessments to identify vulnerabilities and implementing necessary measures to mitigate or eliminate risks, with the goal of eliminating or minimizing them wherever possible.
5.2 Legal and Regulatory Compliance
Pickatale will comply with all relevant laws and regulations regarding data protection and information security, including the General Data Protection Regulation (GDPR) and other applicable standards. Legal requirements are considered as the baseline minimum for compliance.
5.3 Environmental Protection
Pickatale is committed to reducing and preventing the environmental impacts generated by our activities, products, or services as part of our information security management practices.
5.4 Training and Awareness
Employees and contractors will receive continuous training on information security best practices. Regular workshops and updates will ensure that all staff are knowledgeable about their responsibilities and are encouraged to participate actively in the improvement of the system.
5.5 Incident Response and Management
All information security incidents, breaches, or potential threats must be reported immediately. A structured incident response plan will be followed to ensure timely identification, containment, and resolution of any issues, with measures in place to prevent recurrence.
5.5 Monitoring and Auditing
All information security incidents, breaches, or potential threats must be reported immediately. A structured incident response plan will be followed to ensure timely identification, containment, and resolution of any issues, with measures in place to prevent recurrence.
5.6 Confidentiality of Customer Data
Information systems and processes will be continuously monitored to detect unauthorized access or anomalies. Indicators at all levels will be established to make evidence-based decisions. Regular audits will be conducted to ensure compliance with internal security controls and to identify opportunities for improvement. Objectives and goals will be periodically reviewed to provide a framework for continuous improvement.
5.7 Secure Development and Maintenance
Protecting the personal data of our users, especially children, is paramount. Pickatale ensures that all sensitive data is encrypted both in transit and at rest, with strict access controls in place.
Pickatale will maintain a dynamic risk management process to continuously assess and address threats to its information assets. This includes:
Pickatale is committed to protecting the privacy of its users, particularly children, by implementing:
Pickatale will maintain a Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) to ensure the resilience of its information systems. Key systems will be backed up regularly, and recovery processes will be tested annually to ensure they can be effectively executed in the event of a disruption.
This Information Security Policy will be reviewed annually or whenever significant changes occur within Pickatale's operations or IT infrastructure. Updates will be made to ensure the policy remains relevant and effective in addressing evolving security threats.
Pickatale är utvecklat för barn, och allt innehåll är kvalitetssäkrat för barn. När du prenumererar på något av våra abonnemang tillkommer inga extra kostnader, och inga extraprodukter kommer att läggas till i abonnemanget.
Pickatale använder cookies på webbplatsen. Läs mer om hur vi behandlar personuppgifter här.