Security
Policy

Back
SECURITY POLICY

CHIEF EXECUTIVE'S STATEMENT OF COMMITMENT

The protection of information is a board-level priority. Methinks’ senior management is committed to safeguarding the confidentiality, integrity, availability, authenticity and traceability of all physical and electronic information assets across the organization. This commitment ensures business continuity, profitability, customer trust, and compliance with legal, regulatory, and contractual obligations.

Our Information Security Management System (ISMS) aligns with Methinks' strategic goals, serving as a foundation for secure information sharing, electronic operations, and the mitigation of information-related risks to acceptable levels. Methinks ensures security measures are proportionate to the impact ofi nformation systems and complies with required regulatory audits, in accordance with ISO 27001, GDPR, HIPAA, and ENS.

Just like any other critical asset, the data we manage and the infrastructure that supports it must be protected. Therefore, the company is dedicated to the implementation and continuous improvement of an effective ISMS.

The ISMS establishes minimum security standards applicable to all information systems and the processes that support them. It also assigns key responsibilities to managers, who must ensure compliance within their areas of oversight. This approach maintains a balance between fostering an open and collaborative environment, where information is accessible to employees with limited exceptions; while protecting our data from unauthorized access, loss, alteration, or disclosure. Our commitment is demonstrated through:
- Establishing and maintaining appropriate control of our processes and activities.
- Providing adequate resources to implement and maintain an effective information security management system (ISMS), in accordance with ISO 27001, GDPR, HIPAA and ENS.
- Continually improving our ISMS to respond to emerging threats and business changes and regulatory requirements, as mandated by ISO 27001 Clause 5.2.
- Complying with applicable requirements related to information security.
- Setting measurable quality objectives at key functions and ensuring those objectives are met.
We ensure these commitments are adopted throughout the organization and reviewed on a regular basis for suitability.

This statement is available through our public website for all personnel who carry out work on behalf of Methinks including Methinks personnel, consultants, contractors, as well as people and entities that have a direct interest in the Information Security Management System of Methinks.
Methinks’ Information Security Policy is implemented through the Information Security ManagementSystem.‍
Where to find us

Pier01, Office 2D2, Plaça de Pau Vila
08039 Barcelona, Spain

Contact usView on maps

Controller / METHINKS SOFTWARE S.L. (METHINKS)
Purpose / Subscribing to the Newsletter.
Legal Bases / Express consent.
Storage Period / The data will be kept for the time necessary to fulfill the purposes collected, as well as for the fulfillment of legal obligations.

Rights / You have the right to request from us access, rectification or erasure of your personal data, the right to restrict processing and object to processing at dpo@methinks.ai.

Additional Information / Additional and detailed information on Data Protection can be found in the attached clauses in Privacy Policy.
Responsable / METHINKS SOFTWARE S.L. (METHINKS)

Finalidad / Contactar con el usuario.
Base Legal/ Consentimiento expreso.

Periodo de Conservación / Los datos serán conservados durante el tiempo necesario para cumplir con la finalidad de la recogida, así como para cumplir con las obligaciones legales.
Derechos / Tienes derecho a solicitarnos el acceso, rectificación o supresión de tus datos personales, el derecho a restringir el tratamiento y a retirar el consentimiento en dpo@methinks.ai.
Información Adicional / La información adicional y detallada sobre protección de datos puede encontrarse en Política de Privacidad.