Information security policy

CLOUDAPPI, S.L. (hereinafter, “COMPANY”) as a company that offers consulting and API development services within the Cloud world, using the most modern DevOps techniques and contributing our grain of sand to digital transformation, considers human resources, information, technologies, and material resources that support them as fundamental assets for the company, which is why it considers it essential to guarantee their security, understood as a comprehensive concept whose purpose is to preserve its assets.

The company’s commitment to comprehensive security within the organization (physical and operational), as well as to information security, cybersecurity, IT security, network security, business continuity, as well as any other relevant area or function whose objective is corporate protection against potential damage, has led the organization to implement and maintain an Information Security Management System (ISMS), which guarantees customers and suppliers the security of shared information.

The ISMS is managed in accordance with the guidelines established by the UNE-ISO/IEC 27001 standard to ensure maximum protection of our information assets against any intentional or unintentional intrusion.

This policy aims to set guidelines to ensure:

  1. Confidentiality of information
  2. Integrity of information
  3. Availability of information

The ultimate goal of this implementation is to establish the organizational, technical, physical, and legal measures necessary to protect information assets against unauthorized access, disclosure, duplication, system interruption, modification, destruction, loss, theft, or misuse that could occur intentionally or accidentally.

Furthermore, by approving this Policy, the management of COMPANY expresses its determination to achieve a level of security that is appropriate to the needs of the business and that guarantees the protection of its assets. To this end, the organization demonstrates its commitment to:

  1. Continuous improvement of the information security management system.
  2. Compliance with applicable requirements: contractual, regulatory, and others specified.
  3. Awareness and training of personnel in information security.
  4. Accountability of personnel with respect to the information assets they manage.
  5. Provision and management of the necessary equipment, applications, and technological tools to ensure the preservation and safekeeping of information.

This policy serves as a reference framework for the information security objectives established in the management system, and is available to all identified stakeholders. This document should be reviewed in light of any organizational or business changes that occur, in order to maintain its relevance, adequacy, and effectiveness.

All employees, suppliers, consultants, and third parties who use information assets owned by COMPANY are responsible for complying with and upholding its Information Security Policy with integrity.

In Getafe (Madrid), September 1st of 2021 Rev.00 

Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.