Does Xoxoday have a policy governing information classification and is there a process by which all information can be appropriately classified?

Yes at Xoxoday we do have an 'Information Security policy' at place. Information Classification is included in the organization's processes, and be consistent and coherent across the organization. Results of classification indicate value of assets depending on their sensitivity and criticality to the organization, e.g. in terms of confidentiality, integrity and availability. Results of classification are updated in accordance with changes of their value, sensitivity and criticality through their life-cycle.

Below is the link for the information security policy document:
https://drive.google.com/file/d/1nq0cQgEpZ2nb6qmhEX7Kh6InvjGHgpEj/view?usp=sharing

Did this answer your question?
...