Skip to main content
GoodRequest

Information Security Policy

As a modern business, GoodRequest s.r.o. recognizes at senior level the need to ensure that its business operates smoothly and without interruption for the benefit of its employees, customers, shareholders and other stakeholders.

Top management recognizes the importance of information security to protect information and business assets and in order to provide such a level of continuous operation, and that is why we started an Information Security Management System (ISMS) in line with international standard ISO/IEC 27001:2022.

The operation of this ISMS has many benefits for the business, including:

  • Protection of revenue streams and company profitability
  • Ensuring the supply of goods and services to customers
  • Compliance with legal and regulatory requirements
  • Reducing risks to acceptable level and effective process integration

Commitment to the delivery of information security extends to senior levels of the organisation and will be demonstrated through the information security policy and strategy, and the provision of appropriate resources to establish and develop the ISMS.

Top management will also ensure that a systematic review of performance of the programme is conducted on a regular basis to ensure that information security objectives are being met and relevant issues are identified through the audit programme and management processes.

We do encourage all employees and external developers to ensure that they play their part in delivering our information security objectives. It is the responsibility of every person to follow principles of ISMS policies and security awareness trainings to ensure information and processes are protected in respect of desired level of confidentiality, availability and integrity.

We leverage AI to enhance productivity, quality, and decision‑making while protecting client and company data. AI brings benefits such as faster drafting and analysis, improved summarization, developer assistance, and more efficient operations. However, we remain mindful of risks including potential data leakage, inaccurate or biased outputs, and over‑reliance on tools. To mitigate these risks, we use only approved tools and configurations, never input sensitive or client data into external AI systems, and require human review of AI outputs.

Certifications

GoodRequest, s.r.o. maintains independent third‑party certifications for its management systems:

ISO/IEC 27001:2022 - Information Security Management System (ISMS)ISO/IEC 20000-1:2018 - IT Service Management System (ITSMS)

These certifications demonstrate our commitment to systematic risk management, service reliability, and continuous improvement.

 

In Žilina, December 1, 2025

Tomáš Lodňan, CEO

Tomáš Podmaník, CDO