Quality and Security Policy

eNubes Comunicación, S.L., as a company dedicated to marketing, digital and audiovisual production, and proprietary digital technology developments, openly declares its intention to offer competitive services to all its customers. For this reason, it has implemented a quality and information security management system within the organization, with the main objective of achieving the expected customer satisfaction through established processes based on continuous improvement. This ensures the continuity of information systems by minimizing damage risks and ensuring compliance with established objectives to guarantee the confidentiality, integrity, and availability of information at all times.

To this end, it assumes its commitment to quality and information security according to the reference standards UNE/EN-ISO 9001:2015 and ISO/IEC 27001:2013, whereby the company's Senior Management establishes the following principles:

• Competence and leadership by senior management as a commitment to the Quality and Information Security Management system.
• Determine the internal and external interested parties that are relevant to the quality management system and comply with their requirements.
• Understand the context of the organization and determine its opportunities and risks as a basis for planning actions to address, assume, or treat them.
• Ensure the satisfaction of our customers, including the parties interested in the company's results, in all matters related to the performance of our activities and their impact on society.
• Establish objectives and goals focused on evaluating performance in terms of quality, as well as continuous improvement in our activities, regulated in the Management System that develops this policy.
• Compliance with the requirements of the applicable and regulatory legislation for our activity, the commitments acquired with customers and interested parties, and all those internal rules or guidelines of action to which the company is subject.
• Ensure the confidentiality of the data managed by the company and the availability of information systems, both in the services offered to customers and in internal management, avoiding undue alterations to the information.
• Ensure the capacity to respond to emergency situations, restoring the operation of critical services in the shortest possible time.
• Establish the appropriate measures for the treatment of risks derived from the identification and evaluation of assets.
• Motivate and train all personnel working in the organization, both for the correct performance of their job and to act in accordance with the requirements imposed by the reference standard, providing an adequate environment for the operation of the processes.
• Maintenance of fluid communication both internally, between the different departments of the company, and with customers.
• Evaluate and guarantee the technical competence of the personnel for the performance of their functions, as well as ensure their adequate motivation for their participation in the continuous improvement of our processes.
• Guarantee the correct condition of the facilities and adequate equipment, so that they are in correspondence with the company's activity, objectives, and goals.
• Guarantee a continuous analysis of all relevant processes, establishing the pertinent improvements in each case, depending on the results obtained and the established objectives.

These principles are assumed by the Management, which provides the necessary means and gives its employees sufficient resources for their compliance, embodying and making them publicly known through this Quality Policy and its specific Information Security annex.