National Security Scheme- Annual independent audits
- Infrastructure in Spain
- Ongoing regulatory compliance
- Documentation available under NDA
- 24/7 technical support
Certifications that back our services
National Security Scheme (ENS)
Spanish legal framework (RD 311/2022) that ensures the protection of information systems. Required for public sector providers and companies working with the Public Administration. We meet ENS certification requirements at the medium level.
ISO/IEC 27001 — ISMS
The international standard for Information Security Management Systems. Covers risk management, access control, incident response, and business continuity. Certified by an ENAC-accredited body and regularly audited.
ISO 9001 — Quality Management
Quality management system that ensures efficient internal processes. Guarantees standardization, continuous improvement, and customer focus. Applies to all our hosting, domain, and technical support services.
GDPR / LOPDGDD
Compliance with the European General Data Protection Regulation and Spanish data protection law. Regulates how personal data is processed and protects user rights. Data Processing Agreements (DPA) are available for customers.
Security by design, not an add-on
Every layer of our infrastructure is built with compliance in mind from day one
Infrastructure in Spain
All our data centers are located in Spain, ensuring data sovereignty and GDPR compliance without ambiguity around jurisdiction.
Independent audits
Our certifications are issued and renewed by accredited third-party organizations. We don't self-certify; everything is independently verified every year.
Documentation available
Security policy, summary audit reports, DPA, and statements of applicability are available for enterprise customers under NDA.
Incident response
Documented security incident response process with notification timelines aligned with GDPR (72h) and ENS requirements.
Access control and encryption
Identity management, least-privilege access, encryption in transit and at rest. Technical controls audited under ISO 27001 Annex A.
Business continuity
Business continuity and disaster recovery plans (BCP/DRP) with defined RTO and RPO. Daily backups with configurable retention and geographic redundancy.
Why this is important for your business
cdmon's compliance is an asset your customers and auditors will expect, and here's why based on your profile
Cybersecurity company
Your customers will ask about your hosting provider. You can present ISO 27001 and ENS certifications in your due diligence without relying on a US hyperscaler.
Public sector provider
ENS is a legal requirement to work with the Public Administration. You have the documentation needed to meet technical requirements.
Healthcare and sensitive data
Healthcare regulations require certified infrastructure. Our ISMS ensures protection of sensitive data under GDPR.
Legal & Fintech
Meeting EBA, DORA, or Bank of Spain requirements requires audited providers. Our certifications are part of your compliance chain.
Large enterprises
Security and procurement teams require VSA or SIG questionnaires. You get documented, audit-ready answers from day one.
Agencies and MSPs
When you sell infrastructure to third parties, your provider's security is your responsibility. Delegate with confidence, knowing the most critical point is covered.
A long-term commitment to security
Compliance is not a one-time project; it's an organizational culture we build year after year
First ISO certifications
cdmon obtains ISO 9001 and ISO 27001 certifications, becoming one of the few Spanish hosting providers with formal accreditation in quality and information security management systems.
GDPR readiness
Implementation of processes and technical controls required for GDPR compliance, including the DPO role and incident management procedures.
ENS certification
cdmon obtains ENS certification (RD 311/2022), becoming a qualified provider for Public Administration projects.
Continuous improvement
Certifications are not static. Every year we undergo renewal audits and expand controls to adapt to evolving threats and regulations.
Need documentation for your audit?
Talk to our security team and get the compliance pack with all the documentation you need for your due diligence processes
Call us
Regardless of whether you're a client, we would be happy to talk to you and lend you a hand: 93 826 49 11 / 91 182 27 67
Write to us
Send us your query or request. Our support team will be happy to assist you.
Chat with us
Open the chat and ask our amazing support team.