At Vancast Comunicación on-line SL (hereinafter Vancast), a company dedicated to the
development and operation of platforms for managing and distributing digital media (video,
audio and other) for companies and organizations, along with the delivery of event
production services associated with these platforms, we are aware of the importance of
information security for the daily development of our activity and the correct management of
our organisation's information and assets.

In order to ensure this management, at Vancast we have implemented an Information
Security Management System in accordance with the requirements of the ISO/IEC
27001:2022 standard to guarantee the continuity of the information systems, minimise risks
and ensure compliance with the objectives set.

In order to guarantee the effectiveness and application of the Information Security
Management System, an Information Security Committee is established, which will be
responsible for the approval, dissemination and compliance with this Security Policy, as well
as for the supervision, implementation, development and maintenance of the Management
System.

The objective of this Security Policy is to establish the necessary framework for action to
protect information resources against threats, whether internal or external, deliberate or
accidental, in order to ensure compliance with the confidentiality, integrity and availability of
information. To this end, the following commitments are issued below:

● To comply with current legislation on information security.
● To ensure the privacy of the data managed by Vancast of clients, employees,
suppliers and third parties.
● To guarantee the confidentiality, availability and integrity of our organisation's own
information assets.
● Identify and reduce the information security risks relevant to our organisation.
● Ensure the capacity to respond to emergency situations, re-establishing the
operation of critical services in the shortest possible time.
● Protect information assets according to their value or importance.
● Promote information security awareness and training.
● Establish a frame of reference for the fulfilment of objectives and goals in the field of
information security, as well as for the continuous improvement of our activities and
processes.

 

Any person whose activity may, directly or indirectly, be affected by the requirements of the
Information Security Management System is obliged to strictly comply with the Security
Policy.

​​

Signed: CEO Vancast Comunicación on-line.