MHP CONTROL SERVICES S.L, is configured as a leading and innovative company in the sector of Time Management, assuming the creation, design, development, and commercialization of its platform-software and biometric registration devices, which covers the Integral Service.
MHP Control Services develops its activity, based on three fundamental pillars, the mission and vision of the company are:
1. The vocation of the service, putting the client always first.
2. The development of human capital and the management of its talent, understanding that it is not possible to provide a quality service, without the necessary active involvement of its employees.
3. Technological independence: the devices offered and the access platform, are of own manufacture and development, allowing to provide a quality service, with self-sufficiency by minimizing the quota of intermediary providers,guaranteeing the contracting company, the uninterrupted service provision.
Given its consolidation in the national market and international expansion, MHP Control Services, aware that quality is essential for the provision of its service, has come establishing an express commitment of quality in their service. This commitment is part of a strategy aimed at risk management, business continuity, maintenance of the excellence of its service and the consolidation of a quality culture within the Organization.
Given the above, the Information Security Management System has been promoted as a tool that helps Organizations with identification and minimizing risks associated with handling information, as well as reducing the costs associated with these risks.
Under this premise and, in accordance with the Quality Policy, MHP Control Services assumes the following commitments:
• Prioritize satisfaction and compliance with customer requirements, administrations public and private entities, interpreting their needs and disposing of resources necessary.
• Promote commitment to Quality, facilitating participation and valuing all the innovative contributions of employees.
• Continuously improve the effectiveness of the Quality System, in order to increase our competitiveness in the local, national and international market, through the use of process control tools, audits, risk analysis, processes disciplines, training and awareness of the use of tools.
• Identify, classify and protect, on the basis of this classification, the information belongings to MHP Control services.
• MHP Control Services complies with the legal requirements related to the security of information, as well as the commitments voluntarily acquired with the security certifications that is attached.
• Design a strategy of preventive security with the appropriate resources, with the objective to minimize the security risks, both physically and logically.
• Identify critical points in terms of security and establish preventive and continuous improvement actions.
• Ensuring the availability, integrity, confidentiality, traceability, and authenticity of all information that is generated, keeping and managing its own, customers and suppliers.
• Protect the services and computer systems that support the information treated, against external and internal threats, deliberate or accidental.
• Ensure that the information of the Organization, customers, employees, and other interested parties are treated in an ethical manner, in accordance with the laws and internal rules, and used only for the purpose for which it was collected.
• Set concrete and measurable objectives in terms of information security, based on this policy and its future development.
• Promote the safety culture as a basic objective of functioning and development of the processes and activities of the organization by raising awareness and training it's to employees and transferring that concern to their clients.
• Establish the appropriate channels to ensure that incidents and security violations are reported, recorded and monitored.
• Have a Business Continuity Plan to ensure the continuity of its operations to the occurrence of events not foreseen or natural disasters.
This policy will be developed through a set of specific policies, guides, standards and procedures that will be updated according to need and depending on changes in the legal context, technological advances, changes in the corporate structure, etc.
Violations of this policy are subject to disciplinary sanctions established by MHP Control Services, without prejudice to any sanctions that may be established through current regulations.
As part of the commitment of MHP Control Services, this Information Security Policy will be disseminated at all levels of the organization and made available to the public for consultation.
It is the responsibility of the entire MHP Control Services organization to comply with the established, review and update it on a regular basis, through a process of continuous improvement.
The security strategy of MHP Control Services is based on the Information Security Policy with the following principles:
1.) Confidentiality: We guarantee that data and systems are only accessed by authorized persons.
2.) Integrity: We guarantee the accuracy of information and systems against alteration, damage or destruction, either accidentally or fraudulently.
3.) Availability: We guarantee that the information and systems can be used in the required manner and time.
4.) Auditability: We guarantee that any action or transaction can be absolutely assuring to the fulfillment of controls keys established in the corresponding regulations.
The responsibility of MHP Control services is to establish policies, standards, and procedures of implementation of use and good practices as well as the monitoring and maintenance of certifications already recognized within the company, through the realization of periodic audits in the field of personal data protection and cybersecurity.
Las Palmas of Gran Canaria, Canary Islands, Spain, August 31st, 2018
D. Moisés Hernández Padrón