Group Quality and Compliance Policy

The O3 EXPERTS ADAPTED COMPANY cooperative group is committed to providing high-quality services while ensuring compliance with current regulations. Our quality policy is aligned with the requirements of the ISO 9001 standard, while our compliance policy incorporates personal data protection standards in accordance with the RGPD (General Data Protection Regulation), particularly in the area of supplementary pensions and the management of social and HR data.

Objectives of the Quality and Compliance Policy

  • To ensure optimum customer satisfaction by providing services that meet and exceed their expectations.
  • Maintain a high level of compliance with laws and regulations, particularly those relating to the protection of personal data and the fight against money laundering.
  • Promote inclusion and diversity by supporting the professional integration of people with disabilities.
  • Continuously improve our processes to ensure the effectiveness and efficiency of our services.
  • Train and educate our employees on quality and compliance requirements, including best practice in data protection and anti-money laundering.

Our customer-centric approach means that we listen carefully to our customers' needs and tailor our services to meet their specific requirements. We are committed to :

  • Understanding and anticipating customer needs through regular interaction and feedback.
  • Providing customised solutions that meet specific customer challenges, particularly in the area of supplementary pensions.
  • Measure customer satisfaction and take corrective action where gaps are identified.

Implementing efficient processes is crucial to the quality of our services. We take a systematic approach to:

  • Identify and document key processes according to ISO 9001 requirements.
  • Ensure process control and traceability to guarantee consistent quality.
  • Use performance indicators to monitor and continually improve our processes.

Continuous improvement is a cornerstone of our quality policy. We strive to:

  • Encourage innovation and creativity in the search for improvement solutions.
  • Conduct regular internal audits to identify opportunities for improvement.
  • Foster an environment where employees can suggest improvements and recognize their contributions.

Commitment to Compliance: Protection of Personal Data

The protection of personal data is an absolute priority for the O3 EXPERTS ADAPTED COMPANY cooperative group.
Our commitment translates into:

RGPD compliance: We ensure that all our data processing activities comply with the principles of the RGPD, including lawfulness, transparency, and data minimisation.

Appointment of a Data Protection Officer (DPO): The DPO oversees the implementation of the data protection policy, ensures compliance and is the point of contact for the supervisory authorities.

Data Protection Impact Assessments (DPIA): For any data processing likely to give rise to high risks for the rights and freedoms of data subjects.

Management leadership and commitment

The management of the O3 EXPERTS ADAPTED COMPANY cooperative group plays a key role in implementing and maintaining our quality policy. Responsibilities include:

  • Establishing a clear vision and objectives for quality and compliance.
  • Providing the necessary resources to achieve quality objectives.
  • Encouraging a culture of quality and compliance at all levels of the organisation.

Staff involvement

Our employees are essential to guaranteeing the quality of our services. We are committed to:

  • Train and develop employee skills in quality and compliance.
  • Encourage the active participation of all employees in continuous improvement initiatives.
  • Recognize and reward contributions to quality improvement.

Confidentiality and Data Security

We implement technical and organisational measures to guarantee data confidentiality and security:

  • Encryption of sensitive data to prevent unauthorised access.
  • Regular updating of security policies to deal with new threats and vulnerabilities.
  • Incident response plan to deal quickly and effectively with any data breach.

ISO standards

We adhere to the main principles of the relevant ISO standards to guarantee the quality of our services:

  • ISO 9001: For quality management.
  • ISO 27001: For information security management.

O3 Group commitments in line with the ISO 27001 Key Principles:

The O3 EXPERTS ADAPTED COMPANY cooperative group is firmly committed to ensuring information security in accordance with the principles of the ISO 27001 standard. This commitment is demonstrated through the following actions and measures:

Information Security Policy

We have established a clear and comprehensible information security policy, aligned with the company's strategic objectives and communicated to all levels of the organisation.

Management leadership and commitment

Management plays an active role in supporting and overseeing the implementation of information security policies. This includes providing the necessary resources and promoting a security culture within the company.

Risk Assessment

We conduct regular risk assessments to identify potential threats and vulnerabilities. This enables us to implement appropriate security measures to reduce risks to an acceptable level.

Access Control

Strict access control measures are in place to ensure that only authorized people can access sensitive information. This includes strong authentication and access rights management.

Privacy Policy

In compliance with the RGPD, we guarantee the confidentiality and integrity of personal data processed. This includes encryption protocols, data retention policies and procedures for responding to security incidents.

Training and Awareness

We regularly organize training and awareness-raising sessions for our employees to enhance their information security skills and keep them abreast of best practices and new threats.

Business Continuity Plan

A business continuity plan is in place to ensure the resilience of our operations in the event of a major incident. This includes data backup and recovery strategies.

Audit and Monitoring

We carry out regular internal audits to assess the effectiveness of our Information Security Management System (ISMS) and identify areas for improvement.

Continuous Improvement

In line with the PDCA (Plan-Do-Check-Act) cycle, we are committed to continuous improvement of our ISMS, incorporating feedback, audit results and technological developments.

Security Incident Management

We have procedures for the rapid and effective management of information security incidents, including detection, notification, response and recovery.

Thanks to these commitments, the O3 Group guarantees rigorous management of information security, ensuring the protection of our customers' and partners' data while meeting the requirements of the ISO 27001 standard.

An essential strategic framework

The O3 EXPERTS ADAPTED COMPANY cooperative group's quality and compliance policy is an essential strategic framework for guaranteeing high-quality services while complying with the standards and regulations in force. Through this approach, we are committed to protecting our customers' personal data, combating money laundering and promoting inclusion and cooperation. By integrating the requirements of ISO standards and regulations such as the RGPD, we ensure continuous improvement of our processes and an active contribution to the United Nations Sustainable Development Goals. We remain committed to achieving our goals and meeting the expectations of all our stakeholders, while maintaining the highest standards of quality and compliance.