Data controlling, data security, quality management policy

Data controlling

BISZ Zrt. offers a downloadable Data Controlling Guide to provide information to its partners on its practices concerning consumer protection, legal remedies, complaints management, customer relations and website registration, as well as its organisational and technical measures for data protection, and the legal remedies available to partners.

Data security policy

Data security is key to the operations of BISZ Központi Hitelinformációs Zártkörűen Működő Részvénytársaság (BISZ Central Credit Information Plc.), as databases of the systems operated by us contain data that qualify as either personal data or trade and banking secrets. Such data are supplied by the financial organisations subscribing to the systems (data providers) in accordance with the provisions of system rules. Data providers registering data in the databases of the systems have exclusive permission, and at the same time are required to maintain and update the data which they have registered. This exclusivity also applies to the retrieval of information from the databases, which is a right of subscribing data providers.

We seek to assess the threats affecting information security (confidentiality, integrity, availability), to analyse and continuously review risks following a well-defined methodology, as well as to take appropriate measures to avoid their occurrence. For that reason, we have set the objective of protecting the data and information stored in our databases, as well as our data and IT equipment, against both external and internal incidents, whether intentional or accidental.

The efficiency of the security system largely depends on internal and external staff. Consequently, to minimise risks and to ensure its stable operations, BISZ Zrt. has been making efforts to achieve, maintain and improve the loyalty of its employees to the organisation, as well as awareness of and commitment to data protection. BISZ Zrt.’s management plays a key role in ensuring the effectiveness of the information security management system. It is committed to the information security management system and its continual improvement.
Following their entry, new employees are given data security training in order to become aware of the importance of data security and their personal responsibilities.

In pursuit of enhanced security and prevention, BISZ Zrt. has set the following requirements for all of its employees:

  • protection of confidential information against unauthorised disclosure;
  • maintenance of the accuracy and integrity of information; and
  • ensuring that data and key services are always available in a timely manner and with the required functionality.

We have an information security system in place conforming to the ISO/IEC 27001 standard, which we continually improve in order to increase the level of our security. We expect all of our suppliers to accept and fully comply with our data security requirements.

BISZ Zrt.’s management undertakes to fulfil the objectives specified in its data security policy, and expects all of its employees to perform work in accordance with its data security rules.

Quality management policy

BISZ Központi Hitelinformációs Zártkörűen Működő Részvénytársaság (BISZ Central Credit Information Plc.) is a private limited company established in 1994 by Hungarian financial institutions. Currently, 100% of its shares are held by GIRO Elszámolásforgalmi Zártkörűen Működő Részvénytársaság (Giro Clearing Plc.). The systems operated by us are self-contained databases, serving the main purposes of ensuring a more differentiated assessment of creditworthiness, and maintaining a central register of consumer statements that enable free cash withdrawals. We thereby aim to ensure that lending is made available more extensively, to help reduce credit risk for the safer operations of member organisations, and to maintain an up-to-date register of consumers’ statements allowing free cash withdrawals.

We aim to provide high quality services to data providers on a continuous basis. We have up-to-date information on the needs of data providers and accordingly, we continuously look for quality solutions and ways to work more efficiently.

A key element of successful operations is the continuous improvement of quality, which ensures fulfilment of the requirements imposed on our organisation. Accordingly, we adjust our services to ensure that they comply with statutory requirements, while meeting, to the greatest possible extent, the needs of data providers.

BISZ Zrt. intends to ensure that data providers are satisfied while using the service, therefore we have continuously been evaluating the effectiveness of our relations, exploring opportunities for improvement.
The efficiency of the quality management system largely depends on internal and external staff. Consequently, participation in the necessary instruction, training and continuing training programs is both an opportunity and a requirement for all employees. At the same time, we are making efforts to develop close and positive internal working relations. We pay attention to ensuring that employees’ skills develop, because that determines relations with data providers and therefore the quality of our service as well.

Following their entry, new employees are given quality management training in order to become familiar with the provisions contained in the documents of the quality management system as well as their personal responsibilities.

We have a quality management system in place conforming to the ISO 9001 standard, which we continually improve for the benefit of our data providers. We expect all of our suppliers to accept and fully comply with our requirements for quality management.

BISZ Zrt.’s management undertakes to fulfil the objectives specified in its quality policy, and expects all of its employees to perform work in accordance with the requirements contained in the documents of its quality management system.