Our Policies

UpcoMinds does not engage in corruption and bribery and has a zero-tolerance policy for corrupt or illegal practices. These practices are illegal and criminal offenses and may undermine UpcoMinds’ reputation and lead to investigations, fines and/or other penalties for the company and / or individuals

For UpcoMinds, our position is clear: the offer, payment, authorization, solicitation and acceptance of bribes and other improper advantages is unacceptable, and it is not tolerated by UpcoMinds.

UpcoMinds is committed to conducting all aspects of its business in accordance with the highest legal and ethical standards and expects all employees and other persons acting on its behalf to uphold this commitment.

This Anti-Corruption and Bribery Policy applies to all our employees and directors, as well as our subcontractors under our direct supervision, working for UpcoMinds, directly or indirectly, and any affiliates, and / or joint ventures.

Our commitment

We do not tolerate bribery of any kind, whether to a public official or a private individual. We never offer, provide, or authorize bribes of any kind, including facilitation payments, either directly or indirectly, to a public official and / or a private individual. We never request or accept bribes of any kind, either directly or indirectly. A bribe may be monetary or non-monetary, tangible, or intangible. A bribe may indicatively take the form of, or be facilitated through:

• payments of money
• gifts or entertainment
• discounts, loans and/or financing given on non-commercial terms
• political contributions
• employment or internships, or information or assistance.
• etc.

We also expect our business partners to share our commitment to ethical and responsible business practices. We never authorize anyone to engage in bribery or corruption on our behalf, as UpcoMinds prohibits all forms of corruption and bribery by all personnel and any third parties engaged to perform activities or provide goods or services on the UpcoMinds’ behalf.

UpcoMinds expects its employees and subcontractors to speak openly and raise concerns about possible breaches of this policy with the Management of the company or via other available reporting channels. At the same time, UpcoMinds has zero tolerance for retaliation against anyone who speaks openly about conduct they believe is unethical, illegal, or not in line with policies, even if the concern isn’t substantiated, as long as they have not knowingly made a false report.

We take breaches of our policies seriously. Depending on the severity of the breach, consequences may range from a warning to termination of employment.

Dealing with Third Parties

The Company can be held liable if an improper payment is made by a third party on UpcoMinds’ behalf. Third parties may include, for example, consultants, joint venture partners, subcontractors, sales representatives, etc. For this reason, it is very important that UpcoMinds is assured that any third parties acting on its behalf have a good reputation and are aware of the Company’s policies regarding prevention of bribes and other improper payments

All agreements with third parties must be in writing and must contain provisions requiring third parties to comply fully with applicable anti-corruption and anti-bribery laws.

• Promoting Sustainability
• Comply with relevant legislation.
• Prevent of pollution
• Continuous improvement

Guiding Principles:

• To comply with, and exceed where practicable, all applicable legislation, regulations, and codes of practice.
• To integrate sustainability considerations into all our business decisions.
• To ensure that all staff are fully aware of our Sustainability Policy and are committed to implementing and improving it.
• To minimize the impact on sustainability of all office and transportation activities.
• To make clients and suppliers aware of our Sustainability Policy and encourage them to adopt sound sustainable management practices.
• To review, annually report, and to continually strive to improve our sustainability performance.

Practical Steps In order to Put These Principles into Practice

Travel and Meetings

• Encourage walking, and/or use public transport to go to the office and to attend meetings, site visits, etc., apart from in exceptional circumstances where the alternatives are impractical and/or cost prohibitive.
• Avoid physical travelling to meetings etc, where alternatives are available and practical, such as using teleconferencing, video conferencing or web cams, and efficient timing of meetings to avoid multiple trips.
• Reduce the need for our staff to travel by supporting alternative working arrangements, including teleworking, etc., and promote the use of public transport by locating our office in accessible locations

Purchase of Equipment and Consumption of Resources

• Minimize our use of paper and other office consumables, for example by double-siding all paper used, and identifying opportunities to reduce waste, such as avoiding to print documents, etc.
• Avoid the use of paper wherever possible. For example, sending invoices and quotes via email as PDF files.
• Recycling equipment that is no longer of use to the company. For example, giving away items such as computers and printers that we no longer use.
• As far as possible arrange for the reuse or recycling of office waste, including paper, computer supplies, etc.
• Reduce the energy consumption of office equipment by purchasing energy efficient equipment, etc.
• Purchase products made with recycled paper. For example, paper towels, printer paper

Working Practices and Advice to Clients

• Ensure that all people that we employ take account of sustainability issues in their advice to clients.
• Include a copy of our Sustainability Policy in all our proposals to clients.
• Promote sustainability within and beyond UpcoMinds.
• Providing appropriate training in sustainability for all staff and collaborators.

The term Quality in UPCOM means that services in the field of development, customization, installation, technical support of software products fully cover the needs of customers as these have been presented based on agreed specifications as well as the specifications of the company itself.

The Management UNDERTAKES A COMMITMENT when it comes to Quality Policy which is COMMUNICATED to the company's entire human resources. Moreover, the company ensures such commitment by developing a spirit of general and collective effort among all its personnel and by providing the necessary resources so that all personnel may adhere to the Quality Policy and promote all actions that will continuously advance and improve quality. The company's management also commits in terms of adherence to Greek and European legislation.

The Quality Policy, the objective and feasible targets for quality, the performance indexes for quality and overall continuous suitability, sufficiency and effectiveness of the Quality Management System are revised at least once a year.

In the framework of this Quality Policy the Management has set Quality objectives which are described as follows:

• High Customer Satisfaction.
• Financial development (sales, profitability increase, etc).
• Consistency towards quality of products and project execution time.
• Company promotion.
• Employees potential – Effective Employment and Development of Human Resources.
• Ongoing improvement of the company's organisation and operation method in accordance with the QMS and effective implementation and performance thereof.

For implementing its Quality Policy, the company adheres to the following principles :

• The Management provides a pleasant working environment and appropriate working conditions to the company's human resources, and develops team spirit and co-operation.
• The Management cares for the implementation of tasks based on Legislative and Regulatory requirements as these are stipulated in National or Community Legislation.
• The Management cares for the implementation of educational and training programmes for its personnel so that the latter may be able to duly fulfil their daily duties.
• The Management co-operates with approved suppliers and vendors in order to be able to deliver products and services according to the requirements of customers, aiming at developing and establishing long-term partnerships.
• Each employee is responsible for the quality of his/her own work.
• Department Managers are responsible for the quality of the work performed by their departments.
• All employees are fully informed regarding the company's Quality Management System (QMS).
• The company provides all necessary resources (equipment, forms, education etc.) for achievement of objectives relevant to quality.
• All actions that may affect quality are scheduled and implemented according to established Procedures & Processes of the Quality Management System.
• All audit information are documented, analysed and used in the context of an ongoing effort for quality improvement.
• The company has appointed a Management Representative (Quality Manager) who is responsible for the Quality Management System. The QM has been assigned the power and organisational independence in order to assure that the company's QMS is in force and adhered to in compliance with the ISO 9001:2015 standard.
• Any deviations are reason for immediate execution of corrective as well as preventive actions.

Thank you for accessing our website, created by Upcom (“company”, “we”, “us”, or “our”). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about our policy, or our practices with regards to your personal information, please contact us at privacy@upcominds.com.

When you use our web site and services, you trust us with your personal information. We take your privacy very seriously and in this privacy notice, we describe our privacy policy. We seek to explain to you in the clearest way possible what information we collect, how we use it and what rights you have in relation to it. We hope you take some time to read through it carefully, as it is important. If there are any terms in this privacy policy that you do not agree with, please discontinue use of website and our services. This privacy policy applies to all information collected through our website and/or any related services, sales, marketing or events (we refer to them collectively in this privacy policy as the “Sites”).
Please read this privacy policy carefully as it will help you make informed decisions about sharing your personal information with us.

What information do you collect?

Personal information you disclose to us

We collect personal information that you voluntarily provide to us when registering with our site, such as your name and contact details (email). All personal information that you provide to us must be true, complete and accurate, and you must notify us of any changes to such personal information.

Information automatically collected

Some information – such as IP address and/or browser and device characteristics – is collected automatically when you visit our website. We automatically collect certain information when you visit, use or navigate our website. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, or any other related information about how and when you access our website and other technical information. This information is primarily needed to maintain the security and operation of our website, and for our internal analytics and reporting purposes only.

This Privacy Policy applies only to your use of this website. Our website, may contain links to other websites and we have no control over how your data is collected, stored, or used by these sites. It is advisable that that you must check the privacy policies of any such websites before providing any data to them.

How do you use my information

We process your information for purposes based on legitimate business interests, compliance with our legal obligations, and/or your consent. We use personal information collected via our website for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests (“Business Purposes”), in order to enter into, with your consent (“Consent”), and/or for compliance with our legal obligations (“Legal Reasons”). We indicate the specific processing grounds we rely on next to each purpose listed below.

We use the information we collect or receive:

• To provide you with further information about our services and their cost and to activate your subscription our blog and its information.
• To respond to legal requests and prevent harm for Legal Reasons. If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond.

Will my Information be shared?

We only share information with your consent, to comply with laws, to protect your rights, or to fulfill business obligations. We only share and disclose your information in the following situations:

Compliance with Laws. We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).

Vital Interests and Legal Rights. We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.

Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

With your Consent.

We may disclose your personal information for any other purpose with your consent.

How long do you keep my information?

We keep your information for as long as necessary to fulfill the purposes outlined in this privacy policy unless otherwise required by law. We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy policy, unless a longer retention period is required or permitted by law (such as tax, accounting or other legal requirements). No purpose in this policy will require us keeping your personal information for longer than the period of time stated above. When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

How do you keep my information safe?

We aim to protect your personal information through a system of organizational and technical security measures. We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, please also remember that we cannot guarantee that the internet itself is 100% secure. Although we will do our best to protect your personal information, transmission of personal information to our website is at your own risk. You should only access the services within a secure environment.

What are my privacy rights?

In some regions, such as in the European Union (EU) and the European Economic Area (EEA), you have rights that allow you greater access to and control over your personal information. You may review, change, or terminate your subscription at any time. In EU and EEA you have certain rights under applicable data protection laws (e.g. GDPR). These may include the right (i) to request access and obtain a copy of your personal information, (ii) to request rectification or erasure; (iii) to restrict the processing of your personal information; and (iv) if applicable, to data portability. In certain circumstances, you may also have the right to object to the processing of your personal information. If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time. Please note however that this will not affect the lawfulness of the processing before its withdrawal. If you are resident in the EU and/or European Economic Area and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm

Do you make update to this policy?

Yes, we will update this policy as necessary to stay compliant with relevant laws. We may update this privacy policy from time to time. The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible. If we make material changes to this privacy policy, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this privacy policy frequently to be informed of how we are protecting your information.

How can I contact you about this policy?

If you have questions or comments about our policies, you may email us at privacy@upcominds.com

Η Upcom θεωρεί στοιχείο στρατηγικής σημασίας την εξασφάλιση της επιχειρησιακής συνέχειας σε όλες της τις δραστηριότητες και δεσμεύεται για τη συνεχή βελτίωση του συστήματος επιχειρησιακής συνέχειας.

Η συνολική λειτουργία της εταιρείας διέπεται από τις αρχές που αποτυπώνονται στο Σύστημα Διαχείρισης Επιχειρησιακής Συνέχειας, το οποίο είναι βασισμένο στις απαιτήσεις και τις προδιαγραφές που ορίζονται από το διεθνές πρότυπο ISO 22301:2019.

Βασικοί στόχοι του Συστήματος Διαχείρισης Επιχειρησιακής Συνέχειας είναι:

• Ο σαφής προσδιορισμός των απαιτήσεων του πελάτη και των ενδιαφερομένων μερών και η εξασφάλιση των απαραίτητων πόρων για την αποτελεσματική εξυπηρέτηση και ικανοποίηση τους.
• Η τεκμηριωμένη αναζήτηση αιτιών εμφάνισης προβλημάτων και αδυναμιών, ώστε να καθοριστούν και εφαρμοστούν οι απαραίτητες διορθωτικές ενέργειες, με σκοπό την αποφυγή της επανεμφάνισής τους.
• Η ανάλυση της επικινδυνότητας και ο έλεγχος αποτελεσματικότητας.
• Η τήρηση της νομοθεσίας και των κανονιστικών απαιτήσεων που διέπουν τη δραστηριότητας της εταιρείας και ο συστηματικός έλεγχος συμμόρφωσης.
• Η συνεχής βελτίωση των παρεχόμενων προϊόντων και υπηρεσιών, καθώς και της συνολικής λειτουργίας του Συστήματος Διαχείρισης Επιχειρησιακής Συνέχειας.
• Η εξασφάλιση της επάρκειας των εργαζομένων, μέσω της συνεχούς εκπαίδευσης τους.
• Θέσπιση σαφών και μετρήσιμων στόχων και αξιολόγηση των επιδόσεων της επιχείρησης, με στόχο τη συνεχή βελτίωση στην ετοιμότητα αντιμετώπισης απροσδόκητων γεγονότων και την απρόσκοπτη παροχή των υπηρεσιών και των προϊόντων της.

Η εξασφάλιση της διαρκούς αποτελεσματικότητας και καταλληλότητας του Συστήματος Επιχειρησιακής Διαχείρισης επιτυγχάνεται μέσω διαδικασιών και ελέγχων τόσο των λειτουργικών διαδικασιών όσο και των προμηθευτών – συνεργατών, και μέσω των περιοδικών ανασκοπήσεων.

Η παρούσα Πολιτική έχει γνωστοποιηθεί σε όλους τους εργαζόμενους και συνεργάτες και είναι διαθέσιμη στο κοινό. Ανασκοπείται και αναθεωρείται ετησίως κατά την ανασκόπηση από τη Διοίκηση.

Η UPCOM, για τις δραστηριότητες, της δεσμεύεται στην ανάπτυξη και εφαρμογή πολιτικών για την προστασία των πληροφοριών που διαχειρίζεται η εταιρεία από όλους τους κινδύνους, εσωτερικούς και εξωτερικούς και προβαίνει στις παρακάτω ενέργειες:

• Έχει υιοθετήσει και εφαρμόζει Πολιτική ασφάλειας κτιριακών εγκαταστάσεων με σκοπό την προστασία της φυσικής πρόσβασης από μη εξουσιοδοτημένα άτομα.
• Εφαρμόζει την Πολιτική Προστασίας του προσωπικού και του εξοπλισμού από φυσικές καταστροφές.
• Αποτρέπει την μη εξουσιοδοτημένη πρόσβαση σε ηλεκτρονικά αρχεία, εφαρμόζοντας την Πολιτική ελέγχου λογικής προσπέλασης.
• Περιορίζει τους κινδύνους απώλειας ή διαρροής ή και μη εξουσιοδοτημένης πρόσβασης σε δεδομένα με την υιοθέτηση της Πολιτικής ορθής χρήσης κινητών αποθηκευτικών μέσων.
• Διασφαλίζει την εμπιστευτικότητα των πληροφοριών μέσω της Πολιτικής ορθής διαχείρισης προσωπικών, ευαίσθητων και εταιρικών δεδομένων.
• Έχει προσδιορίσει, έχει υιοθετήσει και εφαρμόζει Πολιτική πνευματικών δικαιωμάτων.
• Επιβεβαιώνει την ασφάλεια και ακεραιότητα των πληροφοριών μέσω της Πολιτικής εφεδρικής αποθήκευσης και επαναφοράς.
• Αποτρέπει την κακόβουλη και σκόπιμη παραβίαση του δικτύου της με την εφαρμογή της Πολιτικής ορθής χρήσης δικτύου, καθώς και της Πολιτικής ασφαλούς χρήσης διαδικτύου και ηλεκτρονικού ταχυδρομείου.
• Αποτρέπει τη διαρροή πληροφοριών με την υιοθέτηση της Πολιτικής καθαρής θέσης εργασίας.
• Ελέγχει τους συνεργάτες και προμηθευτές της ώστε η δραστηριότητά τους να μην επηρεάζει τη διαθεσιμότητα, την ακεραιότητα και την εμπιστευτικότητα των πληροφοριών που χειρίζεται, μέσω της Πολιτικής ασφάλειας παρεχομένων υπηρεσιών από εξωτερικούς συνεργάτες ή τρίτα μέρη.
• Ελέγχει κάθε λογισμικό που εγκαθίσταται ώστε αυτό να μην επηρεάζει την ασφάλεια των πληροφοριών της, μέσω της Πολιτικής ορθής εγκατάστασης και χρήσης λογισμικού.
• Συμμορφώνεται και δεσμεύεται να συμμορφώνεται πλήρως στις εφαρμοστέες νομικές, κανονιστικές, συμβατικές και άλλες απαιτήσεις που έχει ενυπογράφως αποδεχθεί και που σχετίζονται με την ασφάλεια πληροφοριών.
• Η πολιτική ασφαλείας της UPCOM κι οι επιμέρους πολιτικές που αφορούν στην ασφάλεια των πληροφοριών που διαχειρίζεται ανασκοπούνται μία φορά το χρόνο.
• Ανασκοπεί τη στρατηγική διαχείρισης κινδύνου τουλάχιστον μία φορά το χρόνο.
• Προωθεί την εμπιστοσύνη των πελατών δρώντας σύμφωνα με τα διεθνή πρότυπα ασφαλείας και ελέγχου των συστημάτων.
• Βελτιώνει συνεχώς το [ΣΔΑΠ], μέσω της συνεχούς ανασκόπησης των μετρήσιμων στόχων ασφαλείας, σε συγκεκριμένες διεργασίες και επίπεδα της εταιρείας.
• Έχει εγκαταστήσει μηχανισμό συνεχούς αναγνώρισης, εκτίμησης και διαχείρισης απειλών που αφορούν στην ασφάλεια των πληροφοριών.
• Επιβεβαιώνει την εμπιστευτικότητα των δεδομένων.
• Αναπτύσσει, εφαρμόζει και ελέγχει Πλάνο Αποκατάστασης, καθώς και Πλάνο Επιχειρηματικής Συνέχειας.
• Δημιουργεί μηχανισμούς για την αναγνώριση και ανασκόπηση του κινδύνου και του αντίκτυπου οποιασδήποτε παραβίασης ασφάλειας.
• Επικοινωνεί τις πολιτικές που σχετίζονται με την ασφάλεια των πληροφοριών σε όλους τους εργαζόμενους, τους πελάτες, τους προμηθευτές και συνεργάτες και σε όλα τα ενδιαφερόμενα μέρη.

Η UPCOM δεσμεύεται για την Πολιτική Ασφαλείας την οποία και γνωστοποιεί σε όλο το ανθρώπινο δυναμικό της εταιρείας. Εξασφαλίζει δε τη δέσμευση αυτή καλλιεργώντας το πνεύμα της συνολικής και συλλογικής προσπάθειας σε όλο το ανθρώπινο δυναμικό της εταιρείας και διαθέτοντας όλα τα απαραίτητα μέσα, ώστε όλοι να τηρούν την Πολιτική Ασφαλείας και να προωθούν κάθε ενέργεια που διαρκώς προάγει και βελτιώνει την εμπιστευτικότητα, την ακεραιότητα, την αξιοπιστία και τη διαθεσιμότητα των πληροφοριών.