Information Security


EMAYA provides outsourced services (Contact Center and BPO) for international clients in various industries, including but not limited to: Inbound services, digital marketing and customer service, in accordance with our clients’ requirements.  

As we are committed to all the services that we provide to our clients, EMAYA has implemented an Information Security Management System (ISMS) as well as the required security standards and controls to ensure the confidentiality, availability and integrity of information and the assets that support it; and to ensure that EMAYA complies with the legal legislation regarding  information security, regulations, best practices and legal obligations as well as with our clients’ service levels agreements.

EMAYA is dedicated to achieving excellence through meeting and improving all of the requirements that are applicable to the organization, such as: The protection of information assets whether physical locations, hardware, security controls, policies and processes, software licenses, and others.

If you have additional questions regarding our ISMS policies or require additional information about security, we are happy to answer them. Please write to and we will respond as soon as possible.


Through EMAYA’s ISMS, we place strict controls over the information our employees can access. Based on the resources being provided to our clients and their specific tasks, EMAYA structures access to data in such a way that employees only have access to the data they need to do their job and only have access to the data approved by our clients. Through our physical and logical security policies, we help ensure that sensitive data cannot be transferred, disseminated, or copied. Your solution may or may not involve EMAYA employees accessing sensitive data. EMAYA employees are prohibited from using these accesses to view sensitive data without client approval and only when it is necessary to do so to perform a function of their job. We have technical controls and audit policies in place to ensure that any access to Data is logged and tracked.

All our employees are bound by our ISMS policies regarding the acceptable use of Data. As a company, EMAYA is committed to safeguarding the data and trust of our clients and partners.

Personnel practices

EMAYA conducts background checks on all employees prior to their employment which include Police and criminal report, employment verification, and credit reports (depending on the account or position).

On their first day of work, EMAYA agents receive privacy and security training during their onboarding and additional periodic training throughout their employment with EMAYA. In addition to signing their employment contracts, new hires must sign confidentiality agreements and must review and sign acknowledgment of  EMAYA’s ISMS policies and procedures, prior to commencing work.


We understand that you rely on EMAYA services to work. We’re committed to your resources being available when you need them. We’ve designed our infrastructure with redundancies so that your resources are able to work unimpeded. Our operations team tests disaster recovery measures regularly and has a 24-hour on-call team to quickly resolve unexpected incidents.


Certifications, Attestments, and other Standards

The following security-related audits and certifications are applicable to EMAYA services:

  • ISO 27001:2013 Certified in BPO and Call Center Services
  • Service Organization Control (SOC 2 Type II) Attestment and reports
  • Penetration Testing
  • Disaster Recovery and Business Continuity Plans
  • HIPAA Compliant

All Certifications and Test Results are available upon request.