Complying to privacy, quality, and information security standards
We Cross is aware that customers put a lot of trust in the company with regards to quality of service, information security and privacy. We Cross complies to international standards. Our policy assumptions are as follows:
- Quality and information security are important company risks for We Cross. The board therefore determines the policies, estimates the risks, determines the measures and periodically has these policies and its compliance tested both internally and externally to secure that its management systems function adequately and can be improved when necessary.
- We Cross conforms to the applicable laws, with regards to privacy, information security and quality management.
- We Cross strives to continuously improve its services to customers.
- Trust is very important for We Cross and the reciprocity principle is maintained towards employees, customers, suppliers and other stakeholders. We Cross assumes that aforementioned parties honour existing appointments to safeguard the quality and security of information and personal data.
- HR policies at We Cross are centered around the improvement of quality of services and compliance to information security by its employees. This issue is addressed explicitly during annual reviews.
- Assignments to third parties for the execution of activities are being protected in order to secure that no infringement on the level of quality and information security of We Cross can occur.
- There is a process in place to adequately manage risks of changes, and to activate these in a controlled manner.
- There is a process in place to adequately resolve incidents, including a “lessons learned” evaluation phase.
- When activities are outsourced the board can decide to temporarily deviate from these policies and temporarily accept the resulting risks.
ISO 27001: 2013
We Cross information security policies are based on ISO 27001. This international standard has been chosen as a solid base to determine, implement, execute, control, evaluate, update, and continuously improve the Management System of Information Security.
Quality of Service
ISO 9001: 2015
We Cross has organised its quality management to ISO 9001 standards. This is the international standard for quality management systems. ISO 9001 in short means: ‘say what you do, do what you say, and prove it.’
GPDR, Privacy Guarantee
We Cross is member of the DDMA and holds the necessary Privacy Guarantee certificates. DDMA stands for Data Driven Marketing Association, which is the trade association for organisations in the field of marketing and data. With the Privacy Guarantee organisations can demonstrate their care for personal data of customers and third parties, in all their marketing activities.