Data Privacy and Security
As a big data and business intelligence company that processes 80 million daily video views for over 190 online video platforms, we know that earning and maintaining the trust of our clients is as vital to our core mission as our technological innovations and solutions.
NPAW’s certification to ISO 27001 reflects our strong commitment to data security. This globally recognized standard is proof that we adhere to top-tier security controls for our Information Security Management System (ISMS), requiring a rigorous, independent three-stage audit of our data security procedures. We recently achieved ISO 27001:2022, an updated version of the standard incorporating the latest advancements in data protection. The renewal underscores our continued pledge to data protection and demonstrates that our security infrastructure and plans are not only in line with, but surpass, the stringent requirements of the certification.
Additionally, NPAW is ISO 27701 certified. This Privacy Information Management System (PIMS) standard acts as a privacy extension to the ISO/IEC 27001 certification, providing broad requirements, guidelines, and controls that can be tailored to particular business needs and regulations including GDPR. These are audited by both internal and external parties, providing a record of standard adherence.
Achieving ISO 27701 certification marks a milestone for NPAW, demonstrating that the company proactively supports the latest global governance, privacy, and risk management strategies before they become standards in the SaaS analytics industry. The certification sets a benchmark in personal data privacy protection, requiring a company to connect data privacy protocols with an information security management system and implement a functional, comprehensive internal system to handle privacy concerns.
ISO 27001 Certificate
ISO 27701 Certificate
Market, opinion, and social research
NPAW also places a high value on environmental responsibility. We are certified to ISO 14001, an international standard that focuses on environmental management and performance. This certification further illustrates our commitment to an environmentally responsible approach to our operations. We believe that, as a technology company, we have a unique potential and responsibility to lead the charge in environmental stewardship, and we are working to do exactly that.
As proof of our dedication to the environment, below you will find our environmental policy, which details our initiatives and goals in creating a sustainable organization, and our ISO 14001 certificate.
Crime Prevention Model
NPAW has developed a Crime Prevention Model that complies with legal requirements in terms of corporate criminal liability. Its purpose is to prevent its legal structure from being used to commit crimes while implementing good corporate governance.
Code of Conduct and Responsible Practices
NPAW has developed a Code of Conduct in which it establishes the performance criteria to be observed by employees in the execution of their professional responsibilities.
The purpose of this Code is to promote professional, ethical, and responsible behavior within NPAW and among all its employees in the development of their activities, as a fundamental element of the company’s corporate culture, supporting the training and personal and professional development of its employees. To this end, the principles and values that should govern the relationships of NPAW with its stakeholders are defined.
NPAW has implemented a Whistleblower Channel (in Spanish, “Canal de denuncias“) in accordance with Law 2/2023, dated February 20th. The purpose of this channel is to enable any direct member of NPAW’s team (board of directors, top management and employees) or related parties (partners, suppliers and third parties) to report any indication or suspicion of a conduct that may involve:
- Non-compliance with applicable regulations, protocols, procedures and internal controls;
- Commission of acts that do not adhere to ethical principles and good business practices;
- Commission of acts that could be considered as criminal.
These communications can be submitted anonymously or by identifying yourself. Reports are received by an external law firm, Asesoría Penal Corporativa S.L.
Such reports can be made here