Magic Cloud is committed to promoting security in all its activities and a high level of security is defined in the company’s strategy as a business requirement. To achieve its security requirements, Magic Cloud is committed to operating in accordance with the ISO 27001:2022 security standard. Compliance with ISO 27001:2022 includes, as an integral part, regular security reviews, both by the company itself and by an external independent accredited expert.

The Magic Cloud security objectives are defined as follows:

• Protecting the physical security of staff, data centres, data rooms and offices.

• Protect personal data and privacy, as well as company information, customer information and customer data.

• Maintain confidence in the company and the level of service.

• Minimise the impact of potentially damaging events.

• Achieve and maintain the requirements of ISO 27001:2022 certification.

• Comply with legal and regulatory requirements.

Magic Cloud has an Information Security Officer and an Information Security Team who oversee and develop information security as part of Magic Cloud’s day-to-day operations. All Magic Cloud staff regularly attend security training organised by the company. All staff are required to pass a security test at the start of their employment and annually thereafter.

The whole organisation is committed to the continuous improvement of information security. Every person in the company is required to bring any security incident to the attention of the company without delay, in accordance with existing processes.

Continuous monitoring and improvement of security enables the company to develop positively, allowing us to focus on delivering an optimal customer experience.