QUALITY AND INFORMATION SECURITY POLICY. ALVIC (Servicomput, S.A.U.)


ALVIC (Servicomput, S.A.U.) aims to offer our customers the highest quality in the products, facilities and services provided and, in the after-sales service. Thus, ensuring a cordial, constant and solid relationship between both parties. For this reason, our company establishes, declares and assumes the following principles:

In relation to the Quality Policy:

  1. The quality of our products, facilities and services is governed by our internal controls to prevent defects and detect possible errors, in addition to seeking constant technical progress so that our customers have up-to-date, safe, stable solutions with functional features appropriate to the current time and laws.
  2. The quality of our after-sales service is governed by the speed of attention to the requests of our clients and the efficiency in solving possible problems in our systems. In this sense, we try to improve the quality of the service day by day, with more effective technicians and a higher level of training. With the aim of providing the best facilities, we are offering customers different types of maintenance contracts, expanding the network of technical services and offering new after-sales service functions through the new Alvic website.
  3. As a point of support for our clients, and to improve our service to them, an e-learning platform is opened in constant evolution with new courses both for existing applications on the current market and for new products. Supporting our clients at all times in their training.
  4. Our company permanently invests in Research and Development of new products, improvement and expansion of current ones, with the aim of having systems and solutions that meet the needs of our customers and society.
  5. We will also base our Quality Policy on the constant improvement of all established processes through the implementation of the most advanced technological tools, with the intention of achieving greater efficiency in all our functions. Introducing the risk management system to prevent these risks and carry out continuous improvement of the organization.
  6. Motivation and professional development of all company personnel, ensuring that management’s objectives regarding the Quality Policy are embraced as individual commitments, with each employee assuming full responsibility for their actions.
  7. Compliance with applicable legislation and regulations in the areas of environmental protection, occupational health and safety, and personal data protection, as well as with any other regulations applicable to our activity, and fulfilment of the requirements of other stakeholders relevant to the company.
  8. We are committed to continuous improvement in the management of tasks and nonconformities, advancing day by day through the enhancement and ongoing development of our management software.
  9. In our commitment to improving after-sales service, we have established our policy of certified technical services, ensuring that no area remains unattended. In the same vein, we have implemented a training plan for technical services that require it.
  10. Apply the highest standards of security in information management.

The purpose of these commitments is to achieve the highest level of satisfaction for our clients and other relevant stakeholders affected by our activity, and we are confident that this objective will provide us with the greatest strength as a company.

In relation to the Information Security Policy:

The objectives of information security are:

  • To protect information against loss of availability, confidentiality, and integrity.
  • To systematically and periodically assess and manage information security risks, implementing appropriate controls to mitigate identified risks.
  • To comply with applicable legal requirements, requirements related to information security and information systems, customer expectations, and contractual commitments regarding information security and data protection.
  • To continuously improve the information security management system.
  • To align with ISO 27001.

Alvic is committed to: 

  • Establishing, implementing, maintaining, and continually improving an information security management system.
  • Ensuring that this policy is communicated to all Alvic personnel and other relevant stakeholders.
  • Periodically reviewing this policy to ensure its continuing suitability and effectiveness.
  • Implementing a continuous improvement process to evaluate and adjust the policy and security controls in response to changes in Alvic’s environment, technological advances, and lessons learned from security incidents.
  • Promoting a culture of information security throughout the organization.
  • Providing ongoing training and awareness to all employees on best practices in information security and their individual responsibilities in protecting Alvic’s information assets.
  • Systematically keeping software up to date by installing the latest versions and available security patches, to protect systems against known vulnerabilities and reduce the risk of security incidents.
  • Establishing procedures for the identification, reporting, response, and recovery from security incidents. Implementing and maintaining a business continuity and disaster recovery plan that ensures the organization’s ability to continue operating and recover from disruptions that may affect the availability of services and information.

Each employee is responsible for complying with this policy and its procedures as applicable to their position. Failure to do so may result in disciplinary action.

This policy has been approved by Alvic’s management and will be reviewed annually or whenever significant changes occur in Alvic’s environment or in applicable legal or regulatory requirements.

Alvic (Servicomput, S.A.U.)

Management

Date: 21/05/2025