MANAGEMENT POLICY

ENVÍA IT, S.L., driven by innovation and the development of technological solutions, specializes in the Design, Development, Implementation, and Commercialization of Software. The company is committed to meeting applicable information security requirements and protecting the confidentiality, integrity, and availability of the information used by the company and its Clients, as well as their processing, storage, and communication systems.

To this end, the Management of ENVÍA IT, S.L. is committed to implementing, maintaining, and continually improving an Information Security Management System (ISMS), in accordance with the UNE-EN ISO 27001 standard, which establishes information security objectives aligned with the organization’s strategic goals.

For the Management of ENVÍA IT, S.L., the implementation of the information security management system contributes to achieving the following main objectives:

  • Strengthening the trust of all stakeholders, especially our Clients.

  • Ensuring compliance with legal, regulatory, and contractual obligations.

  • Guaranteeing the security of information, both our own and that of our Clients, in terms of confidentiality, integrity, and availability.

  • Working toward the continuous improvement of the management system, allowing us to identify and address all information security risks.

  • Protecting the organization’s information assets against all threats and vulnerabilities, and ensuring the confidentiality, availability, and integrity of information to maintain a secure working environment through annually established and reviewed objectives.

  • Maintaining the confidentiality of information, especially that related to the personal data of employees, clients, and suppliers.

  • Preserving the integrity of information in relation to its classification.

  • Complying with the legal and regulatory requirements applicable to our company.

  • Continuously updating our staff’s training in information security matters.

All personnel of ENVÍA IT, S.L. are responsible for the implementation of the security measures defined in the ISMS and for complying with them. They are also required to follow all information security policies and procedures published by the company.

The Management of ENVÍA IT, S.L. is aware of the risks to information security and the importance of proper management. Therefore, it will provide the necessary means and resources, maintaining and improving its information security management system and ensuring the involvement of all human resources through ongoing training.

Tarragona, January 7, 2025

Approved by Management