Our rules

Information security policy

Disclaimer: this is an extract of the Prograils Information Security Policy.

Want to read the full version? Drop us a line, we will share it with you.


Prograils implemented the Information Security Management System (ISMS) to ensure the highest information security standards in our organization. We keep them through such activities as source code and developed components protection, as well as protection of data entrusted by our clients.

The ISMS is based on requirements of the ISO/IEC 27001 norm. We achieve the goals set in the norm through:

  • personal engagement of our team in the maintenance of information security,
  • modern technologies in our projects,
  • spreading security knowledge among our team,
  • compliance with the law,
  • risk management,
  • protection of assets by security measures based on risk analysis,
  • constant improvement of implemented standards.

This policy applies to all the employees and contractors, as well as to any other person given access to information processed at Prograils.


The ISMS includes the following domains of our activity:

  • building and development of IT systems,
  • designing, building and development of web and mobile applications,
  • consulting.

The ISMS was designed with regard to our approach towards processes and organizational culture.

Roles and responsibilities


Maciej Litwiniuk, Prograils’ CEO. In charge of documentation, maintenance and improvement of the ISMS. He also supervises the implementation of approved standards and coordinates internal audits.


Marta Wojciechowicz, Prograils’ COO. Responsible for the ISMS-related policies and processes, running security incidents register and internal audits..


Appointed by the management at Prograils, they run internal audits, recommend corrective actions and verify their implementation.

Employees and contractors

Bound by the rules of information security, they are obliged to report any incidents and improve the ISMS on a daily basis.

Monitoring, measurements, analysis and assessment

At Prograils: - we run internal audits that verify the state of security measures, - we control the course of security rules observance, - we conduct risk forecasts and analysis to apply relevant proceeding plans later on.


We review and update the ISMS documentation, which is subject to Admin’s approval. The complete list of processes and documents that constitute the documentation is featured in the full version of the Information Security Policy.

Relationships with suppliers / 3rd parties

We require signing non-disclosure agreements (NDAs) from all suppliers / 3rd parties who process our personal data and/or personal data belonging to our clients.

Document’s dissemination

The Information Security Policy is an internal document and may be shared with clients.

Still want more details? Contact us for the full version of the Information Security Policy.

Check our latest product - it's based on our experience of managing over 50-people strong company. The tool we're missing as a small company and not an enterprise.

humadroid.io is an employee and performance management software. It's an unique tool allowing everyone to be in the loop - by having up to date info about co-workers, time-off, benefits, assets, helping with one-on-ones, being a go-to place for company-wide announcements.

Check out humadroid.io

Contact us

* Required fields

The controller of your personal data provided via this contact form is Prograils sp. z o.o., with a registered seat at Sczanieckiej 9A/10, 60-215 Poznań. Your personal data will be processed in order to respond to your inquiries and for our marketing purposes (e.g. when you ask us for our post-development, maintenance or ad hoc engagements for your app). You have the rights to: access your personal data, rectify or erase your personal data, restrict the processing of your personal data, data portability and to object to the processing of your personal data. Learn more.


We do not track you online. We use only session cookies and anonymous identifiers for the purposes specified in the cookie policy. No third-party trackers.

I understand
Elo Mordo!Elo Mordo!