Security Policy
At Hatch Studio Management’s request, performing its strategic consultancy business, with a Headquarter at Carrer de Ribes 81, principal 1ª Barcelona, CP: 08013 Spain and a second legal address in Rua Bandeira Paulista 275 Andar 4 – Itaim Bibi -São Paulo SP 04532-010, Brazil the Quality Manager has established and implemented an Information Security and Service Management System based on the requirements of the ISO 27001 Standards. This guarantees efficient and secure management of the services offered, while ensuring compliance with all applicable legal obligations, confidentiality, integrity and availability of information systems.
The main objective of this Information Security Policy is to establish a model of action that enables us to develop a company culture, a way of working and decision-making, as well as ensuring that information security and respect for personal data are a constant.
We will support and develop an organisation that:
- Ensures the confidentiality, integrity and availability of information, preventing its disclosure and unauthorised access.
- Maintains the integrity of the information, ensuring its accuracy and preventing its deterioration.
- Sets information security objectives on an annual basis.
- Complies with legal, contractual and business requirements and standards.
- Effectively implements service continuity, developing a process of analysis, management and addressing of risks to information assets.
- Promotes the professionalism, specialisation and experience of staff, with the implementation of training and awareness-raising activities on information security processes.
- Informs all employees of their security roles and obligations.
- Reporting security breaches
- Preserving the confidentiality, integrity and availability of information assets in compliance with this policy.
- Complying with the policies and procedures inherent to the ISMS.
- Continually improves our management systems, establishing corresponding control objectives to eliminate hazards and mitigate identified risks.
- Assesses and leverages opportunities to improve our organisation.
- Ensures efficient and effective delivery of services to clients.
- Fulfils the requirements agreed through service level agreements.
- Ensures that all services involved guarantee customer and stakeholder satisfaction.
- Guarantees continuous service and the appropriate management of incidents.
- Manages risks efficiently.
- Encourages safe communication, internally and externally.
- Ensures customer satisfaction and compliance with customer requirements.
- Promotes continuous improvement, recognising individual and team achievements.
- Ensures the availability of information, in all formats, whenever it is needed.
This information security policy will always be in line with the company’s general policies and with those that serve as a framework for other internal management systems, such as quality policies or software development standards.
The scope of this Information Security Policy is governed taking into account the information systems that support the processes, considering that Hatch is an innovation consulting firm that helps organizations to reshape their businesses through data, knowledge and creativity. Using data science, strategic research and design capabilities, Hatch helps technology and digitized companies that want to innovate on a global scale with a society-centric perspective, and in accordance with the statement of applicability current as of the date of approval of this policy.
The assurance that all the people who influence quality are aware of the Policy and the proposed objectives is achieved thanks to its dissemination, by the Quality Manager, at all levels of the organization.
We admit that these are the shared values within Hatch Studio.
Barcelona May 21, 2023
Violeta Bendersky