The management of SOFTLINK s. r. o. (hereinafter referred to as the company) attaches great importance to securing the information entrusted to it and with which it deals. It perceives the protection of its own information and the information of its clients as a comprehensive and managed system of balanced measures aimed at adequately protecting all important assets. The primary priority is the protection of personal data of customers' clients processed by the company in accordance with the law on personal data protection.

The main task is to ensure the availability, integrity, and confidentiality of data. To protect its own and entrusted information, the company has built, maintains, and develops an information security management system (ISMS) in accordance with ČSN ISO/IEC 27001:2023. The information security management system is based on information security objectives and on identified and assessed risks.

The system further includes the determination of responsibilities and duties along with the creation and adherence to documented security policies and procedures. The system also sets the scope of risk assessment criteria and includes controls for compliance with established rules, defines legal, regulatory, and contractual requirements, staff training, and procedures for responding to security incidents.

Based on risk analysis, the company is committed to implementing security measures in the priority order given by the risk management plan and security requirements in the following areas:

• Organizational security, defining responsibilities and the scope of the security management system.
• Human resources security, ensuring that only authorized personnel, who are appropriately selected and aware of their responsibilities, have access to confidential information.
• Asset classification and management, determining how to identify and assess assets, classify information, and handle it. This area also addresses the "Risk Analysis" itself, including defining its structure and evaluation criteria.
• Access control, defining the protection and control of access to information, services, and processes.
• Cryptography to protect the confidentiality, authenticity, and integrity of information.
• Physical security and environmental security, preventing unauthorized access, damage, degradation, destruction, or other interventions into the information and the premises where the devices are located.
• Operational security, establishing procedures for the proper and secure operation of information processing resources and related services.
• Communications security, aiming to ensure the protection and security of communications during their creation, storage, and transmission within and outside the company.
• Acquisition, development, and maintenance of systems, defining security rules for system development and maintenance from the design, development, and testing phase through to actual operation and maintenance.
• Supplier relationships, which must also be managed with regard to the agreed level of information security and service provision concerning the information security system.
• Security incident management, establishing procedures for responding to violations of rules, security, and the resilience of the ISMS.
• Business continuity management, establishing a framework for prevention and crisis response through the implementation of continuity plans.
• Compliance assurance, detailing specific procedures to ensure that adopted measures comply with legislation and security technology requirements.

The company's management ensures that the information security policy:

1. Aligns with the company's objectives,
2. Includes a commitment to meet requirements and to continually improve the effectiveness of the system,
3. Provides a framework for setting and reviewing security objectives,
4. Is always accessible, communicated, and understood within the organization during staff training,
5. Is regularly reviewed for continuous suitability through "Management Review," along with the quality management system.

Director of the company: Ing. Hynek Černý
Kralupy nad Vltavou, 20th April 2024

Company

Founded in 1993, SOFTLINK has more than 30 years of successful operation across all customer segments from energy distributors, government, large commercial and industrial companies to housing associations. Since its inception, the company has been developing, manufacturing and operating radio technologies and today, with more than 100,000 meter readings, is a market leader in online energy monitoring and smart IoT solutions.

Present

In the last ten years, the company has been involved in the field of Smart Meetering and IoT (Internet of Things), where it applies its know-how in radio networks, HW and SW development. Our primary solution is online monitoring of energy (electricity, gas, water, heat), from the development of metering modules to customer monitoring software. The entire solution is developed and operated by our own employees, which gives us great flexibility in relation to the specific requirements of our customers and partners

Background

The strong capital background of the Quantcom Group, of which Softlink became a subsidiary in 2023, and more than 100,000 measured points make us the market leader in the Czech Republic. Our solutions can also be found in other EU countries through our network of partners.

Company management

We know exactly what we're doing. We have the expertise and skills, we are unique and independent. What we value most is our in-house team of experts, which is stable, enabling us to provide development and subsequent excellent customer care across all customer segments. Softlink staff are happy to advise on existing services, design and provide optimal solutions according to individual customer requirements.

We're growing, we are looking for professionals in different areas. Send us your CV to: This email address is being protected from spambots. You need JavaScript enabled to view it.