Yes at Xoxoday we do have an 'Information Security policy' at place. Information Classification is included in the organization's processes, and be consistent and coherent across the organization. Results of classification indicate value of assets depending on their sensitivity and criticality to the organization, e.g. in terms of confidentiality, integrity and availability. Results of classification are updated in accordance with changes of their value, sensitivity and criticality through their life-cycle.
Below is the link for the information security policy document: