Information security

HOW WE ENSURE THE CONFIDENTIALITY OF OUR LANGUAGE AND COMMUNICATION SERVICES

SMG processes, stores and saves acquired information by means of a system of technologies and procedures (certified ISO 9001:15 and ISO 27001:22) developed to reduce the risk of information loss and leaks in various risk scenarios, including: backups, controlled access to offices and disaster recovery procedures.

The PM in charge of your service oversees the processing of information, to ensure it complies with the following provisions:

  • Regulation (EU) No 2016/679 on the processing of personal data and privacy, adopted on 27 April 2016, known as the General Data Protection Regulation, or GDPR.
  • National regulations on information security, applied by both SMG countries and client countries.
  • Corporate protocol ‘Confidentiality, Business Continuity and Operational Contingency Plan’.
  • Client supplementary clauses, as listed in the specifications.
  • Provisions on the management of classified information (confidential, highly confidential, secret and top secret), such as specific Security Clearances and Industrial Security Clearances.
  • Confidentiality clauses in staff contracts.

The system has three levels of information and process management, as set out below, to be agreed with the client according to their specific requirements.

Ordinary security procedure

  • Material and all documentation provided by clients containing classified information can only be accessed by the personnel responsible, who have been properly trained and informed about data handling and the risks involved.
  • Paper files are stored inside a special fireproof safe, housed in a safety deposit room;
  • Digital material is handled by means of computer systems which are accessible only to persons with the corresponding access credentials;
  • Protection on the Internet through the use of firewalls and anti-virus software;
  • Three backup systems: on special internal servers, on external physical media and on remote servers. The company also has Disaster Recovery procedures.

Security Clearance Procedures

SMG Languages provides language, translation, and interpreting services, backed by systems and procedures that ensure the proper handling of information classified as Restricted, Confidential, Secret or Top Secret, or according to NATO classification (NATO Restricted, NATO Confidential, NATO Secret and Cosmic Top SecretNR, NC, NS, CTS) or other corresponding security classification systems.

The security system is thoroughly detailed in the “Confidentiality, Business Continuity and Operational Contingency Plan“, which can be provided to the client upon request.

For the handling of information classified as Top Secret, the client may request the services of translators, interpreters and staff holding a Security Clearance, as well as the provision of a language management service holding an Industrial Security Clearance.

Extraordinary Security Procedure

This procedure applies to translation and interpreting services for which the client requires extraordinary measures and is aware that such measures involve longer implementation times and higher costs.

We recommend the implementation of the PSS where the service requires, for example, the handling of classified information at the levels of Confidential, Strictly Confidential, Secret and Top Secret, or other special confidentiality measures.