López de Hoyos Street 64, 1G. 28002 Madrid, Spain
Design And Development Mobile Technologies, S.L. (hereinafter, Logixs) establishes this Information Security Policy with the aim of protecting the information, digital services, technological assets and business processes that support its activities.
Logixs, as a company specialising in technology services — software development, cloud engineering, DevOps and artificial intelligence —, undertakes to manage information security as an essential element for building trust, ensuring business continuity, protecting its clients and guaranteeing the quality of the services provided.
This policy applies to the entire organisation and to the processes, people, information assets, technologies and suppliers required to design, develop, implement, operate and support the company's technology services, including information belonging to clients, partners and employees.
Logixs develops its Information Security Management System in accordance with the following principles:
Quality, integrating security into service delivery and continuous improvement.
Innovation, incorporating security by design and throughout the entire lifecycle of services and solutions.
Trust, protecting the confidentiality, integrity, availability, authenticity and traceability of information.
Responsibility, promoting clear accountability, cross-functional collaboration and a security culture across the organisation.
Logixs's information security activities are carried out within the framework of the following main regulations:
Royal Decree 311/2022, of 3 May — National Security Framework (ENS)
Regulation (EU) 2016/679 — General Data Protection Regulation (GDPR)
Organic Law 3/2018 — Protection of Personal Data and guarantee of digital rights (LOPDGDD)
ISO/IEC 27001:2022 — adopted information security management framework
Monitoring and updating the applicable regulatory framework is the responsibility of Logixs's information security team.
The management of Logixs commits to:
establishing, implementing, maintaining and continuously improving the Information Security Management System
defining and periodically reviewing information security objectives
ensuring the performance of information security risk management
assigning clear roles and responsibilities for the implementation and operation of the system, including the mandatory roles set out in Article 11 of Royal Decree 311/2022
promoting the protection of information belonging to clients, employees, suppliers and internal operations
driving compliance with applicable requirements, including contractual, legal and regulatory ones
providing the necessary resources for the implementation and operation of the system
supporting staff training and awareness in the area of information security
To implement this policy, Logixs promotes, at a minimum, the following lines of action:
access and identity control
secure change management and software development
activity logging, monitoring and traceability
backups and operational continuity
security incident management
supplier and third-party management
information classification and protection
staff training and awareness
The management and coordination of information security at Logixs is carried out through the Information Security Committee, chaired by the General Management and coordinated by the Security Officer.
The Committee's remit covers oversight of the Information Security Management System, approval of the security policy and objectives, and strategic decision-making on information security matters.
The Committee meets at least once a year.
All members of Logixs, as well as third parties acting on behalf of the organisation, must be aware of and comply with this policy and the procedures derived from it.
Failure to comply with this policy may result in the applicable disciplinary or contractual measures.
This policy will be reviewed at least annually and, in any case, whenever significant changes occur in the organisation's context, activities, identified risks or applicable legal and regulatory requirements.