Information Security Policy

At Hatch Studio Management’s request, performing its strategic consultancy business, located at C/Pallars 276, 3º2ª, Barcelona, the Quality Manager has established and implemented an Information Security and Service Management System based on the requirements of the ISO 27001 Standards. This guarantees efficient and secure management of the services offered, while ensuring compliance with all applicable legal obligations, confidentiality, integrity and availability of information systems.

The main objective of this Information Security Policy is to establish a model of action that enables us to develop a company culture, a way of working and decision-making, as well as ensuring that information security and respect for personal data are a constant.

We will support and develop an organisation that:

  1. Ensures the confidentiality, integrity and availability of information, preventing its disclosure and unauthorised access.
  2. Maintains the integrity of the information, ensuring its accuracy and preventing its deterioration.
  3. Sets information security objectives on an annual basis.
  4. Complies with legal, contractual and business requirements and standards.
  5. Effectively implements service continuity, developing a process of analysis, management and addressing of risks to information assets.
  6. Promotes the professionalism, specialisation and experience of staff, with the implementation of training and awareness-raising activities on information security processes.
  7. Informs all employees of their security roles and obligations.
    - Reporting security breaches
    - Preserving the confidentiality, integrity and availability of information assets in compliance with this policy.
    - Complying with the policies and procedures inherent to the ISMS.
  8. Continually improves our management systems, establishing corresponding control objectives to eliminate hazards and mitigate identified risks.
  9. Assesses and leverages opportunities to improve our organisation.
  10. Ensures efficient and effective delivery of services to clients.
  11. Fulfils the requirements agreed through service level agreements.
  12. Ensures that all services involved guarantee customer and stakeholder satisfaction.
  13. Guarantees continuous service and the appropriate management of incidents.
  14. Manages risks efficiently.
  15. Encourages safe communication, internally and externally.
  16. Ensures customer satisfaction and compliance with customer requirements.
  17. Promotes continuous improvement, recognising individual and team achievements.
  18. Ensures the availability of information, in all formats, whenever it is needed.

This information security policy shall always be aligned with the company's general policies and with those that serve as a framework for other internal management systems, such as quality policies or software development standards.

Ensuring that all those who have an influence on quality are aware of the Policy and the objectives defined therein shall be achieved through its dissemination by the Quality Manager to all levels of the organisation.

We acknowledge that these are the shared values of Hatch Studio.

Barcelona, 20 April 2022
Signed: Violeta Bendersky