Skip to content
Logo detoxi Health

Information Security Policy

1. Purpose and Objectives of Information Security

PROTECTION of detoxi Health GmbH’s information and IT assets, including all computers, mobile devices, network equipment, software, and sensitive data. Protection against internal, external, intentional, or accidental threats, as well as mitigation of risks from theft, loss, misuse, damage, or abuse of these systems.

ACCESS CONTROL: Ensuring that information is protected against unauthorized access. Users are granted access only to resources for which they are explicitly authorized. Assignment of permissions is strictly controlled and regularly reviewed.

PROTECTION OF INFORMATION CONFIDENTIALITY. This includes measures to prevent disclosure of information to unauthorized third parties.

ENSURING INFORMATION INTEGRITY. Measures are taken to prevent unauthorized modification of information.

MAINTAINING INFORMATION AVAILABILITY for business processes. It is ensured that authorized parties can access information when needed.

COMPLIANCE with national legal and regulatory requirements, as well as standards and best practices, exceeding the required level where possible.

DEVELOPMENT, MAINTENANCE, AND TESTING of business continuity plans to ensure the company stays on course despite any obstacles.

AWARENESS AND TRAINING on information security for all employees. Awareness-raising and targeted training are conducted consistently. Security responsibilities are reflected in job descriptions, and compliance with security requirements is expected and accepted as part of our culture.

PROTECTION OF EMPLOYEES when reporting security concerns via reporting channels or direct contact with the Head of Information Security Management. No actions will be taken against employees unless the report clearly indicates unlawful conduct, gross negligence, or repeated intentional disregard of policies or procedures.

CONTINUOUS IMPROVEMENT: The management of detoxi Health GmbH is committed to fostering a culture of continuous improvement in information security and enhancing adaptability to evolving challenges and technological advancements.

REPORTING OF SECURITY INCIDENTS via email to mailto:it-sicherheit@detoxi.info for all actual or suspected security incidents.

2. Enforcement, Exceptions, and Complaints

Non-compliance with this policy may result in disciplinary action, including but not limited to informal or formal warnings. Exceptions require written approval via email from the Head of Information Security Management. Approved exceptions are granted a time-limited exemption. Complaints can be submitted at any time to the Head of Information Security Management at it-sicherheit@detoxi.info. A response will be provided within 14 days of the initial submission.

detoxi Health GmbH

detoxi Health GmbH is an e-health company based in Berlin. We help people develop a healthy relationship with digital media.

© 2026 detoxi Health – All rights reserved