{"id":251,"date":"2026-02-03T10:58:33","date_gmt":"2026-02-03T09:58:33","guid":{"rendered":"https:\/\/ap4592jwt1io3f.apeiroo.com\/?page_id=251"},"modified":"2026-04-01T08:43:46","modified_gmt":"2026-04-01T06:43:46","slug":"cybersecurity-policy","status":"publish","type":"page","link":"https:\/\/apeiroo.com\/en\/nosotros\/politica-de-ciberseguridad\/","title":{"rendered":"CYBERSECURITY POLICY"},"content":{"rendered":"
\n
\n
\n

CYBERSECURITY
POLICY<\/span><\/h1>\n

\u00a0<\/p>\n<\/div><\/div>\n<\/div>\n<\/div>\n\n

\n
\n

APEIROO LABS, S.L.<\/strong>\u00a0<\/span>is a cybersecurity company with more than 20 years of experience, whose mission is to prevent and manage risks for individuals and organizations through the protection of their most important asset: information.<\/p>\n

APEIROO LABS, S.L.<\/strong> has established an integrated management system based on:<\/span><\/p>\n

    \n
  • UNE-ISO\/IEC 27001:2022 (Information Security)<\/span><\/li>\n
  • UNE-ISO 9001:2015 (Quality)<\/span><\/li>\n
  • UNE-ISO\/IEC 20000-1:2018 (IT Service Management)<\/span><\/li>\n
  • National Security Scheme (ENS), in accordance with Royal Decree 311\/2022<\/span><\/span><\/li>\n<\/ul>\n

    with the goal of ensuring information protection, service quality, and
    the continuous improvement of its processes.<\/span><\/p>\n

    The scope of these systems extends to:<\/span><\/p>\n

      \n
    • All of the organization's information and communication technologies (ICT).<\/span><\/li>\n
    • All employees, collaborators, and third parties.<\/span><\/li>\n
    • All services and projects provided by the organization.<\/span><\/span><\/span><\/li>\n<\/ul>\n

      In particular, the information system supports the processes of:
      <\/span><\/p>\n

        \n
      • Security assessments, penetration testing, vulnerability analysis, forensic analysis.<\/span><\/li>\n
      • Technical audits (code, networks, Wi-Fi). Intelligence and counterintelligence.<\/span><\/li>\n
      • Integration, monitoring, and management of security systems.<\/span><\/li>\n
      • Cybersecurity and regulatory compliance consulting services.<\/span><\/li>\n<\/ul>\n

        APEIROO LABS, S.L.\u00a0<\/span><\/b>establishes the following guidelines as its\u00a0<\/span>Security and Quality Policy:\u00a0<\/span><\/b>las siguientes directrices:<\/p>\n

          \n
        • Provide workers with the skills and knowledge necessary for the proper performance of their duties and promote awareness and training in information security.<\/li>\n
        • Maintain a commitment to the continuous improvement of processes, procedures, products, and services through the use of quality indicators.<\/li>\n
        • \n

          Use standard procedures, methodologies, and work tools and perform internal audits to ensure their correct utilization.<\/p>\n<\/li>\n

        • \n

          Keep the planning of all projects updated and perform the necessary monitoring and control to serve as a reference framework and ensure the fulfillment of established objectives in time, cost, and quality.<\/p>\n<\/li>\n

        • \n

          Identify and control project risks and implement mitigation or contingency measures.<\/p>\n<\/li>\n

        • \n

          Guarantee the correct implementation of the requirements agreed upon with the client and manage any changes in a controlled manner.<\/p>\n<\/li>\n

        • \n

          Analyze the different solution alternatives and select, design, and implement the solution that best fits the required functionality.<\/p>\n<\/li>\n

        • \n

          Ensure the availability of information systems, both in the services offered to clients and in internal management.<\/p>\n<\/li>\n

        • \n

          Guarantee and validate with the client that the system fulfills the expected functionality.<\/p>\n<\/li>\n

        • \n

          Ensure data confidentiality.<\/p>\n<\/li>\n

        • \n

          Avoid undue alterations in the information.<\/p>\n<\/li>\n

        • \n

          Control all changes made to project deliverables and ensure the correct upload of developments to the client\u2019s production environments.<\/p>\n<\/li>\n

        • \n

          Comply with current legislation regarding information systems, as well as all applicable requirements.<\/p>\n<\/li>\n<\/ul>\n

          This Policy is understood, implemented, and kept up to date at all levels of the organization and has the full commitment and support of the Management of\u00a0<\/span>APEIROO LABS, S.L.<\/strong><\/strong><\/p>\n

          REGULATORY FRAMEWORK<\/span><\/h1>\n

          One of the objectives must be to comply with applicable legal requirements and any other requirements we subscribe to, in addition to the commitments made with clients, as well as their continuous updating. To this end, the legal and regulatory framework in which we carry out our activities is:<\/p>\n

            \n
          • REGULATION (EU) 2016\/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.<\/li>\n
          • Organic Law 3\/2018, of December 5, on Personal Data Protection and the Guarantee of Digital Rights.
            Royal Legislative Decree 1\/1996, of April 12, Intellectual Property Law.
            Law 2\/2019, of March 1, amending the consolidated text of the Intellectual Property Law, approved by Royal Legislative Decree 1\/1996, of April 12, and incorporating into Spanish law Directive 2014\/26\/EU of the European Parliament and of the Council of February 26, 2014, and Directive (EU) 2017\/1564 of the European Parliament and of the Council of September 13, 2017.<\/li>\n
          • Royal Decree 311\/2022, of May 3, regulating the National Security Scheme.<\/li>\n
          • Law 34\/2002 of July 11 on Information Society Services and Electronic Commerce (LSSI).<\/li>\n
          • Law 40\/2015, of October 1, on the Legal Regime of the Public Sector.<\/li>\n
          • Law 39\/2015, of October 1st, on the Common Administrative Procedure of Public Administrations.<\/li>\n<\/ul>\n

             <\/p>\n<\/div><\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"","protected":false},"author":1,"featured_media":0,"parent":14,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-251","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/apeiroo.com\/en\/wp-json\/wp\/v2\/pages\/251","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/apeiroo.com\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/apeiroo.com\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/apeiroo.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/apeiroo.com\/en\/wp-json\/wp\/v2\/comments?post=251"}],"version-history":[{"count":10,"href":"https:\/\/apeiroo.com\/en\/wp-json\/wp\/v2\/pages\/251\/revisions"}],"predecessor-version":[{"id":2517,"href":"https:\/\/apeiroo.com\/en\/wp-json\/wp\/v2\/pages\/251\/revisions\/2517"}],"up":[{"embeddable":true,"href":"https:\/\/apeiroo.com\/en\/wp-json\/wp\/v2\/pages\/14"}],"wp:attachment":[{"href":"https:\/\/apeiroo.com\/en\/wp-json\/wp\/v2\/media?parent=251"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}