Obscreen Docs

Appearance

Designation of an Information Security Officer (CISO / RSSI)

This document formalizes the designation of an Information Security Officer (Chief Information Security Officer, Responsable de la Sécurité des Systèmes d'Information in French) for Obscreen and complements the Information Security Policy, the Systems Security and Integrity Policy, the Customer Data Encryption Policy, the DPO Designation, and the Privacy Policy.

1. Official Designation

Obscreen hereby designates Jessym Reziga, Founder and Owner of Obscreen, as Information Security Officer (CISO) of the company.

Given the size and structure of Obscreen (sole proprietorship), this designation is voluntary and is intended to provide a clear single point of accountability for information security matters across the Obscreen software, the Obscreen Cloud platform, and the supporting services.

2. Role and Responsibilities

The CISO's main missions are:

  • Definition and Implementation of the Security Policy: Define the strategies and procedures to protect the information assets of the company, including those described in the Information Security Policy and the Systems Security and Integrity Policy.
  • Regulatory Compliance: Ensure compliance with applicable laws and regulations, in particular the GDPR and French data protection law.
  • Risk Management: Identify, assess, and mitigate the risks related to the security of information systems, including risks specific to multi-cloud operations (Hetzner, Cloudflare, AWS, Google) and to the license issuance and payment integrations.
  • Security Incident Management: Coordinate the response to security incidents, ensure appropriate internal and external communication, and notify customers and authorities when required.
  • Awareness and Training: Promote a security culture within the company by training employees and contractors on best practices.
  • Monitoring and Audit: Supervise security audits and put in place monitoring mechanisms to detect anomalies (intrusion detection, log analysis, abuse handling).
  • Innovation and Continuous Improvement: Stay informed of new threats and technologies to adapt the security strategy accordingly.
  • Coordination with the DPO: Cooperate with the Data Protection Officer on personal data security topics, in particular for the technical and organizational measures required by Article 32 of the GDPR.

3. Commitment

The CISO accepts this designation and commits to:

  • Fulfilling their duties with diligence, integrity, and professionalism.
  • Protecting the confidentiality, integrity, and availability of Obscreen information and customer data.
  • Collaborating with all stakeholders, including subprocessors, contractors, and customers, to ensure a comprehensive approach to security.

4. Duration of the Designation

This designation is effective as of January 1, 2026 and shall remain in force until a new designation is notified, or until a permanent or external CISO is appointed.

5. Contact

For any question regarding information security at Obscreen, or to report a security incident or vulnerability, please contact the CISO at [email protected].