Security Policy

Home Security Policy

Information Security Policy

Target

The purpose of this Policy is to establish the Information Security guidelines applicable to the classification of information. This policy applies exclusively to information owned by DOCUTEN TECH, S.L. directly or indirectly related to the provision of its services, regardless of the format and support in which it is found (written, electronic, video, voice, etc.).

Content

In order to improve productivity, DOCUTEN TECH, S.L. promotes the responsible use of information whether in electronic, paper or communicated format (by telephone, e-mail, etc.).
Regardless of the level of classification of the information, the information must always be accessible by DOCUTEN TECH, S.L.’s management.
The classification assigned to the information must be periodically reviewed by its owners.
The rules established by DOCUTEN TECH, S.L. regarding the classification, marking and treatment of information will be followed.
The security measures implemented will take into account the classification criteria and the security requirements established for each criterion.
The criteria and levels of classification of the information assets owned by DOCUTEN TECH, S.L. will be established according to their importance for the activity of DOCUTEN TECH, S.L.
The information will be classified according to the following criteria:
- Confidentiality.
- Integrity.
- Availability.
The Directors of each Area or Department, or those persons to whom they formally delegate this responsibility, are designated as owners of the information.
A manager has been designated for each information asset.
The owners of the information are responsible for classifying it according to the defined criteria, as well as for defining the different accesses to it.
The owners of the assets are responsible for authorizing the use of these assets, establishing the measures they consider appropriate for their protection.

General classification of information

Información TLP:WHITE

(Unrestricted disclosure. Public Information)

Information that does not require protection due to the express wish of DOCUTEN TECH, S.L. to publish it, the requirement of publication by the regulations in force or because its disclosure, whether intentional or accidental, will not entail any type of risk for DOCUTEN TECH, S.L. The information classified as public will be accessible by persons belonging to DOCUTEN TECH, S.L. or external to it. E.g.: Information about services offered by DOCUTEN TECH, S.L.

When to use it	How to share it
TLP:WHITE should be used when the information does not pose any risk of misuse, within the rules and procedures established for its public dissemination.	TLP:WHITE information may be distributed without restriction, subject to copyright controls.

TLP:GREEN Information

(Limited disclosure. Information Restricted to a Community).

When to use it	How to share it
TLP:GREEN should be used when the information is useful to all participating organizations, as well as to third parties in the community or industry.	Recipients may share information listed as TLP:GREEN with affiliated organizations or members of the same industry, but never through public channels.

TLP:AMBER Information

(Limited disclosure. Information Restricted to Participant Organizations).

Information necessary for the correct performance of the functions and business of DOCUTEN TECH, S.L. which, although requiring protection, will not be classified as TLP:RED and whose disclosure, whether intentional or accidental, may cause small or medium economic losses to DOCUTEN TECH, S.L., will not significantly deteriorate the corporate image, will not infringe on the rights of individuals. Classified information will be accessible by personnel authorized by DOCUTEN TECH, S.L. and may not be transmitted or communicated to anyone outside the group without prior authorization from the owner. E.g.: Telephone directory, company organization chart.

When to use it	How to share it
TLP:AMBER should be used when information requires limited distribution, but poses a risk to privacy, reputation or operations if shared outside the organization.	Recipients may share information flagged as TLP:AMBER only with members of their own organization on a need to know basis, and with customers, suppliers or associates who need such information to protect themselves or avoid harm. The issuer may specify additional restrictions for sharing this information.

TLP:RED Information (Limited Disclosure. Confidential Information).

Information whose disclosure, alteration or loss may involve a serious economic loss for DOCUTEN TECH, S.L., a significant deterioration of its public image, directly infringe the right to privacy of individuals or may significantly affect its position in the market or non-compliance with current regulations. Confidential information assets may not, in any case, be publicly accessible and there may be cases in which some users have only temporary access. Permanent or temporary access to confidential information assets must be fully justified and approved. Confidential classified information shall be accessible by a limited and defined group of persons. Exceptional transfer to third parties without prior authorization from the owner of the information is not allowed. E.g.: Strategic plans, economic information.

In addition, information that should be known only to the owner of the information, such as user passwords, cryptographic keys, etc., may not be shared or disclosed. Such secret classified information will not be allowed to be shared or disclosed. Protection measures will be maximized in their generation and subsequent distribution to owners by means of encryption and mechanisms that will make it possible to discover whether they have been tampered with(tamper proof). Extreme security will be maintained in its storage (irreversible encryption of passwords, separation into parts and allocation of key rings for master keys…).

When to use it	How to share it
TLP:RED should be used when the information is limited to specific individuals, and could impact privacy, reputation or operations if misused.	Recipients must not share information designated as TLP:RED with any third party outside of the area where it was originally exposed, except for

Ownership	Cookie	Purpose	Period
clarity.ms	CLID	Cookie necessary for using the options and services of the website	in a year
digital.docuten.com	mautic_device_id	Cookie necessary for using the options and services of the website	in a year
digital.docuten.com	mautic_referer_id	Cookie necessary for using the options and services of the website	Session
digital.docuten.com	mtc_id	Cookie necessary for using the options and services of the website	Session
digital.docuten.com	mtc_sid	Cookie necessary for using the options and services of the website	Session
docuten.com	_clck	Cookie necessary for using the options and services of the website	in a year
docuten.com	_clsk	Cookie necessary for using the options and services of the website	in 22 hours
docuten.com	_ga_X38ZENH3DV	Cookie necessary for using the options and services of the website	in a year
docuten.com	_uetsid	Cookie necessary for using the options and services of the website	in 22 hours
docuten.com	_uetvid	Cookie necessary for using the options and services of the website	in a year
docuten.com	hc-rgpd-acceptance	Cookie necessary for using the options and services of the website	in a year
docuten.com	ln_or	Cookie necessary for using the options and services of the website	in 22 hours
docuten.com	mautic_device_id	Cookie necessary for using the options and services of the website	Session
docuten.com	mautic_device_id	Cookie necessary for using the options and services of the website	Session
docuten.com	mautic_focus_9	Cookie necessary for using the options and services of the website	in a year
docuten.com	mtc_id	Cookie necessary for using the options and services of the website	Session
docuten.com	mtc_sid	Cookie necessary for using the options and services of the website	Session
google.com	__Secure-1PAPISID	Cookie necessary for using the options and services of the website	in 6 months
google.com	__Secure-1PSID	Cookie necessary for using the options and services of the website	in 6 months
google.com	__Secure-1PSIDCC	Cookie necessary for using the options and services of the website	in a year
google.com	__Secure-3PSIDCC	Cookie necessary for using the options and services of the website	in a year
google.com	_GRECAPTCHA	Cookie necessary for using the options and services of the website	in 6 months
google.com	CONSENT	Google cookie consent tracker.	in 8 months
google.com	__Secure-1PAPISID	Cookie necessary for using the options and services of the website	in 6 months
google.com	__Secure-1PSID	Cookie necessary for using the options and services of the website	in 6 months
google.com	CONSENT	Google cookie consent tracker.	in 8 months
google.com	__Secure-1PAPISID	Cookie necessary for using the options and services of the website	in 6 months
google.com	__Secure-1PSID	Cookie necessary for using the options and services of the website	in 6 months
google.com	CONSENT	Google cookie consent tracker.	in 8 months
linkedin.com	li_gc	Cookie required for the use of the options and services of the website	in a month
youtube.com	CONSENT	Google cookie consent tracker.	in 8 months
youtube.com	VISITOR_PRIVACY_METADATA	Cookie required for the use of the options and services of the website	in 6 months
youtube.com	YSC	Records a unique ID to keep statistics on which YouTube videos the user has watched.	Session

Ownership	Cookie	Purpose	Period
docuten.com	_ga	ID used to identify users	in 1 year
google.com	__Secure-3PAPISID	These cookies are used to show advertisements more relevant to you and your interests	in 6 months
google.com	__Secure-3PSID	These cookies are used to show advertisements more relevant to you and your interests	in 6 months
google.es	__Secure-3PAPISID	These cookies are used to show advertisements more relevant to you and your interests	in 6 months
google.es	__Secure-3PSID	These cookies are used to show advertisements more relevant to you and your interests	in 6 months
youtube.com	__Secure-3PAPISID	These cookies are used to show advertisements more relevant to you and your interests	in 6 months
youtube.com	__Secure-3PSID	These cookies are used to show advertisements more relevant to you and your interests	in 6 months

Ownership	Cookie	Purpose	Period
bing.com	MUID	Identifies the unique web browsers that visit Microsoft sites. These cookies are used for advertising, site analysis, and other operational purposes.	in a year
clarity.ms	MUID	Identifies the unique web browsers that visit Microsoft sites. These cookies are used for advertising, site analysis, and other operational purposes.	in a year
google.com	APISID	Downloads certain tools from Google and saves certain preferences, for example, the number of search results per sheet or the activation of the SafeSearch filter. Adjusts the ads that appear in Google search.	in 6 months
google.com	HSID	Downloads certain tools from Google and saves certain preferences, for example, the number of search results per sheet or the activation of the SafeSearch filter. Adjusts the ads that appear in Google search.	in 6 months
google.com	NID	These cookies are used to collect website statistics and track conversion rates and Google ad personalisation.	in 6 months
google.com	SAPISID	Downloads certain tools from Google and saves certain preferences, for example, the number of search results per sheet or the activation of the SafeSearch filter. Adjusts the ads that appear in Google search.	in 6 months
google.com	SID	Downloads certain tools from Google and saves certain preferences, for example, the number of search results per sheet or the activation of the SafeSearch filter. Adjusts the ads that appear in Google search.	in 6 months
google.com	SIDCC	Downloads certain tools from Google and saves certain preferences, for example, the number of search results per sheet or the activation of the SafeSearch filter. Adjusts the ads that appear in Google search.	in a year
google.com	SSID	Downloads certain tools from Google and saves certain preferences, for example, the number of search results per sheet or the activation of the SafeSearch filter. Adjusts the ads that appear in Google search.	in 6 months
google.es	APISID	Downloads certain tools from Google and saves certain preferences, for example, the number of search results per sheet or the activation of the SafeSearch filter. Adjusts the ads that appear in Google search.	in 6 months
google.es	HSID	Downloads certain tools from Google and saves certain preferences, for example, the number of search results per sheet or the activation of the SafeSearch filter. Adjusts the ads that appear in Google search.	in 6 months
google.es	SAPISID	Downloads certain tools from Google and saves certain preferences, for example, the number of search results per sheet or the activation of the SafeSearch filter. Adjusts the ads that appear in Google search.	in 6 months
google.es	SID	Downloads certain tools from Google and saves certain preferences, for example, the number of search results per sheet or the activation of the SafeSearch filter. Adjusts the ads that appear in Google search.	in 6 months
google.es	SSID	Downloads certain tools from Google and saves certain preferences, for example, the number of search results per page or the activation of the SafeSearch filter. Adjusts the ads that appear in Google Search.	in 6 months
linkedin.com	bcookie	Used by LinkedIn to track the use of integrated services	in a year
linkedin.com	lidc	Used by the social networking service, LinkedIn, for tracking the use of integrated services.	in 22 hours
youtube.com	VISITOR_INFO1_LIVE	Tries to estimate the bandwidth of users on YouTube pages with embedded videos.	in 4 months