Skip to main content
 

Integrated Policy

Information Security, Occupational Health and Safety, and Service Management Policy

The main mission of SII Group Spain (SII Concatel S.L.) is to provide solutions and services based on software development and maintenance, engineering, and technological infrastructures. To fulfill this mission, Management has decided to implement a Services, Security, and Occupational Health and Safety Plan and, to comply with Information Security regulations, an information system that supports the following processes: systems engineering and development, consulting, design, sales, and maintenance of IT services. These systems enable the establishment of a Management System in accordance with the standards ISO/IEC 27001:2022, National Security Scheme (ENS), TISAX 2.1, UNE-EN-ISO 20000-1:2018, UNE-EN-ISO 45001:2018, and PECAL 2110 (Ed 4) & PECAL 2310 (Ed B Ver.1).

Management therefore assumes, as a responsibility and top priority, the implementation of the Plan and the design, development, and maintenance of this system to guarantee the quality of Services, Information Security, and Occupational Health and Safety, providing all necessary resources.

The fundamental objectives are to achieve maximum customer satisfaction by determining and meeting their requirements and ensuring that our services are fit for purpose. Preventing any non-conformity is established as a core principle of the system so that the absence of defects or their early detection, along with our customer-oriented approach, allow us to consistently maintain a prominent position as a company dedicated to the information systems that support the following processes: systems engineering and development, consulting, design, sales, and maintenance of IT services for ISO/IEC 27001:2022 and ENS.

Scope of the TISAX 2.1 System: Information system supporting the processes of development, consulting, design, sales, and maintenance of IT services for the automotive sector.

Scope of the Management System (ISO 45001): The scope of the Quality Management System in ICT services and Occupational Health and Safety is the provision of Software Development and Maintenance Services and Technological Infrastructures.

Scope of the Management System (ISO 20000-1): UNE-EN-ISO 20000-1:2018 – QA Testing Service, Web Development Software Factory, Technical Assistance for Catalogues & Marketplaces, Automation and Hosting, UX/UI Technical Assistance, Application Maintenance, and Software Architecture and Development.

Scope of the Management System (PECAL 2110 & PECAL 2310): Services for the development, engineering, and maintenance of software and technological infrastructures.

Through this document, Management wishes to communicate to all members of SII Group Spain the commitment assumed in the Quality of Services Policy, Information Security, and Occupational Health and Safety, and to extend to all suppliers, collaborators, customers, partners, and associates a request for cooperation to deliver defect-free and sustainable services, always ensuring the full satisfaction of those who use them.

The commitment we assume as General Management is to maintain a strong focus on continuous improvement related to the development of the company and all its collaborators, as well as to guarantee quality throughout the entire service chain of SII Group Spain with the required technical, scientific, and professional rigor, oriented toward competitive, business, and human development.

Likewise, SII Group Spain also considers as fundamental principles the preservation of the environment, the well-being, safety, and occupational health of its professionals. Therefore, quantitative objectives in these areas are established annually. Consequently, we declare and assume the following commitments and principles:

  • Carry out all activities related to the applicable scopes, continuously controlling the necessary measures to ensure optimal health and safety conditions for our workers and collaborators.

  • Improve in all business areas to provide better services and to adapt to customer expectations, meeting their needs at all times based on secure infrastructure and in compliance with Information Security legislation, Information Society Services regulations, and all applicable regulations related to the services provided.

  • Maintain ongoing control of legislative compliance, collaborating with authorities in charge of Occupational Health and Safety (OHS), Information Security, and other applicable legal requirements subscribed to by the company.

  • Promote continuous improvement through the evolution of the implemented Management Systems (OHS, Service Quality, and Information Security).

  • Protect the environment, prevent pollution, and implement actions against climate change.

  • Promote employee training.

  • Prevent harm and deterioration of workers’ health, including those working on our behalf, by providing safe and healthy working conditions for the prevention of injuries and health impairment, committing to eliminating hazards and reducing OHS risks.

  • Promote training and information, as well as the participation of all employees in the Occupational Health and Safety Management System.

  • Drive continuous improvement through systematic evaluation of the Occupational Health and Safety Management System.

  • Encourage communication at all levels of the company to convey concerns that affect workers’ well-being, ensuring consultation and participation of workers and their representatives.

  • Ensure the use of products that comply with legal and applicable requirements and review their expiration dates.

Management holds ultimate responsibility for achieving the proposed Management System Objectives and therefore provides all necessary human, material, and financial resources to meet them, fully complying with applicable legal and regulatory requirements. Likewise, Management supports and provides all necessary means and resources to preserve and continuously improve Safety and Health during work activities.

General Management,
December 2025.