+33 7 79 39 11 28 info@yetimelifrance.fr

Privacy Policy

  1. Home
  2. Privacy Policy

INFORMATION SECURITY POLICY

(GDPR – ISO/IEC 27001 – French & EU Compliance)

1. General Commitment

As a non-profit association governed by French Law of 1 July 1901, Yetim Eli France recognizes that information and data processed within its operations constitute critical and valuable assets.

The Association is committed to proactively managing all risks that may affect the confidentiality, integrity, and availability of its information assets.

2. Protection of Information Assets

The following data categories are considered sensitive and critical:

  • Institutional and strategic information

  • Employee records

  • Donor data

  • Volunteer data

  • Beneficiary data

  • Financial and personal information

All data is processed in compliance with:

  • EU Regulation 2016/679 (GDPR)

  • Applicable French data protection laws

  • Contractual and regulatory obligations

3. Information Systems Security

To ensure operational continuity and secure processing:

  • IT services are maintained to ensure uninterrupted operations

  • Access to personal and sensitive data is restricted to authorized personnel

  • Appropriate technical and organizational measures are implemented (access control, encryption, backups, logging, etc.)

4. Information Security Management System

The Association commits to:

  • Documenting its Information Security Management System (ISMS)

  • Aligning with ISO/IEC 27001 principles

  • Continuously improving its security processes

5. Risk Management

Risks to information assets are:

  • Identified

  • Assessed

  • Evaluated

  • Systematically treated

A risk-based approach is adopted to mitigate internal and external threats.

6. Awareness and Training

The Association conducts:

  • Technical security training

  • Behavioral awareness programs

  • Cybersecurity awareness initiatives

to strengthen the information security culture within the organization.

7. Institutional Commitment

 

Yetim Eli France integrates information security into its overall governance framework and aims to serve as a model organization in the non-profit sector regarding data protection and cybersecurity.