Management area

Information Security Policy

Approved on 17 February 2026 · Version 01

AP Interactive Solutions is a company specialised in the provision of cloud infrastructure, cybersecurity and software development solutions. The organisation offers cloud computing, dedicated servers, storage, data centre colocation, managed services, DDoS protection and cybersecurity consulting. AP Interactive is committed to safeguarding the security of information and ensuring business continuity based on the principles of confidentiality, integrity, traceability, authenticity and availability, complying with the requirements of ISO 27001 and the Spanish National Security Framework (ENS).

Within this framework, AP Interactive has implemented an Information Security Management System (ISMS) in accordance with ISO/IEC 27001:2022 and the Spanish National Security Framework (ENS), based on the following pillars:

  1. Confidentiality: Ensure that information is accessible only to those authorised to have access.
  2. Integrity: Safeguard the accuracy and completeness of information and processing methods.
  3. Availability: Ensure that authorised users have access to information when required.
  4. Authenticity: Guarantee the identity of users and the origin of information.
  5. Traceability: Ensure an audit trail of all actions performed on information.

To this end, Management assumes its commitment to information security and establishes the following principles:

  • Leadership and commitment: Management leads and supports the ISMS, providing the resources required for its operation and improvement.
  • Risk management: Identify, assess and treat information security risks, minimising potential impacts on the confidentiality, integrity and availability of assets, especially in remote work and distributed development environments.
  • Continuous improvement: Set security objectives and evaluate ISMS performance to ensure its ongoing suitability, adequacy and effectiveness.
  • Legal and contractual compliance: Comply with applicable legal, regulatory and contractual requirements, including the General Data Protection Regulation (GDPR), Spanish data protection law (LOPDGDD) and the requirements of the Spanish National Security Framework (ENS).
  • Security by design: Implement security measures from the earliest stages of every project across the technological infrastructure.
  • Training and awareness: Motivate and train all personnel in information security to ensure that they understand their responsibilities and act in accordance with the established policies.
  • Business continuity: Ensure the organisation's ability to continue delivering essential services and to recover operations in the event of disruption.

These principles are assumed by Management, who provides the necessary means and equips its employees with sufficient resources for their fulfilment.

This policy is reviewed periodically to ensure its alignment with the organisation's context and is documented, communicated and made available to all interested parties.

Approved on 17 February 2026. Version 01.
Signed by Management — AP Interactive Solutions S.L.

Original document available as PDF: download signed PDF.