Information Security Policy of the Registry of .gr and .ελ Domain Names

The purpose of the Registry of .gr and .ελ domain names is the provision of quality services and products that ensure the integrity and security of its users' data.

In order to serve the above purpose, the Registry recognizes the Risks that threaten the Security of Information processed within the Institute's activities and provides all the necessary resources for the implementation of an Information Security Management System in accordance with the international standard ISO 27001:2013.

Our commitment to Information Security and the avoidance of incidents that may affect it, is implemented through the following steps:

• Protection of resources and data in the Registry's services from any threat, internal or external, intentional or accidental.
• Systematic assessment and evaluation of the risks related to the assurance of information, aiming for their correct and timely management.
• Secure processes for development and maintenance of applications, systems and services.
• Archiving data, avoiding viruses and external intrusions, controlling access to systems, recording all security incidents and managing unexpected developments.
• Constantly updating management and staff on information security issues.
• Controlling of the circulating and exchanged information and data.
• Protection of the interests of the Registry and those who deal with it and trust it.
• Prompt and efficient handling of security incidents and breaches.
• Encouraging internal and external communication regarding Information Security issues.
• Commitment to the faithful implementation of the Security Policies and all applicable national and community legislation. The Registry of .gr and .ελ domain names is committed to the continuous effort of improving the Secure Information Management System, so that it can guarantee high levels of security to those who transact with it.