Information Security Policy
ALTECH, a company whose scope of work covers: ‘Information systems used to support fleet control, access control, mobility, and telemetry solutions and services.’
For this reason, ALTECH has implemented an information security management system within the organization. Its main objective is to achieve business goals and customer satisfaction by continuously guaranteeing information security through established processes based on a continuous improvement approach. This ensures the continuity of information systems, minimizes the risk of damage, and secures the fulfillment of objectives set to maintain the confidentiality, integrity, and availability of information at all times.
To achieve this, ALTECH is committed to information security in accordance with the reference standard ISO/IEC 27001 and Royal Decree 311/2022, of May 3rd, which regulates the National Security Framework (Esquema Nacional de Seguridad). Therefore, General Management establishes the following principles:
For this reason, ALTECH has implemented an information security management system within the organization. Its main objective is to achieve business goals and customer satisfaction by continuously guaranteeing information security through established processes based on a continuous improvement approach. This ensures the continuity of information systems, minimizes the risk of damage, and secures the fulfillment of objectives set to maintain the confidentiality, integrity, and availability of information at all times.
To achieve this, ALTECH is committed to information security in accordance with the reference standard ISO/IEC 27001 and Royal Decree 311/2022, of May 3rd, which regulates the National Security Framework (Esquema Nacional de Seguridad). Therefore, General Management establishes the following principles:
- Competence and leadership from management as a commitment to developing the Information Security Management system.
- Determining the relevant internal and external interested parties for the Information Security Management system and fulfilling their requirements.
- Understanding the context of the organization and determining its opportunities and risks regarding information security as a basis for planning actions to address, assume, or treat them.
- Ensuring the satisfaction of our customers, including stakeholders in the company’s results, in everything related to the execution of our activities and their impact on society.
- Establishing objectives and goals focused on evaluating Information Security performance, as well as continuous improvement in our activities, regulated by the Management System that develops this policy.
- Compliance with the requirements of applicable legislation and regulations relevant to our activity, commitments made with customers and interested parties, and all internal norms or operating guidelines to which the company is subject.
- Provide confidentiality of the data managed by the company and the availability of information systems, both in services offered to customers and in internal management, preventing undue alterations to information.
- Ensuring response capability in emergency situations, restoring the operation of critical services in the shortest possible time.
- Establishing appropriate measures for risk management derived from asset identification and evaluation.
- Motivating and training all personnel working in the organization, both for the correct performance of their job and to act in accordance with the requirements imposed by the reference standard, providing an adequate environment for process operation.
- Maintaining fluid communication both internally, among different levels of the company, and with customers.
- Evaluating and guaranteeing the technical competence of ALTECH employees and colaborators for the performance of their duties, as well as ensuring their adequate motivation for participation in the continuous improvement of our processes.
- Guaranteeing the correct state of facilities and appropriate equipment, so that they align with the company’s activity, objectives, and goals.
- Ensuring continuous analysis of all relevant processes, establishing pertinent improvements in each case, based on the results obtained and the established objectives.
These principles are assumed by General Management, which provides the necessary means and sufficient resources to its employees for their fulfillment, articulating them and making them publicly known through this Information Security Policy.
Last updated: July 1, 2025