Corporate Information Security Policy

 

PO-A01 version 1.2

Apta Solutions & Partners SL and its subsidiaries (Tricise Iberia SL, Tricise SAS, and Tricise SRL), hereinafter referred to as Apta Solutions, consider it essential to ensure information security in all its aspects (integrity, confidentiality, availability, etc.), as well as the security of processes, infrastructures, people, and other resources involved in the provision of company services. To be a model company in its sector, it must adequately manage corporate security, protecting these elements from potential threats, minimizing risks, and ensuring the continuity of business processes.

In the current context, the protection of corporate information and the elements that handle it is particularly relevant. These assets are critical to the organization, so they must be reasonably safeguarded from any threat that may pose a risk to them. Information security must be always guaranteed by adhering to the corresponding legal, organizational, and technical principles.

Therefore, protecting information and maintaining its security becomes a global objective that must be embraced by every member of the company. Thus, each one of us must know and comply with the information security policy, procedures, regulations, standards, and recommendations that implement it.

To this end, the following basic principles of Apta Solutions’ Security Policy are established:

  • Comply with the legal and contractual requirements applicable to the performance of their functions within the organization. In particular, and for the purposes of this policy, in matters related to the protection of personal data and corporate information and the continuity of business processes.
  • Restrict the use of both the information itself and the systems that process it and are owned by Apta Solutions to those tasks necessary for the proper performance of each employee’s work. Therefore, the use of any asset for personal benefit is not permitted.
  • Maintain confidentiality regarding company information and not disclose it to third parties. As an exception, it will be possible to communicate it in cases where it is essential for business reasons, and always under the appropriate security measures.
  • Create and maintain an Information Security Management System that includes the policies, regulations, procedures, and guidelines necessary to transfer security requirements to the various areas of the organization to protect Apta Solutions’ information and assets.

Apta Solutions’ management is committed to taking the necessary measures to implement, maintain, and continuously improve the Information Security Management System, as well as to comply with the applicable information security requirements. To this end, this Security Policy is made public, communicated internally to the entire organization, and made available to interested parties. Non-compliance with this security policy, guidelines, or applicable legislation in each case will result in the adoption of the corresponding legal or disciplinary measures defined by Apta Solutions.

 

Signed: february 2025

 

Management Board