Let´s talk

General information security policy

Information is a fundamental asset for Stillion and for the other companies within the mrHouston Group: mrByte, mrKeylocke, Bitwok,  mrHouston and Stillion.
For this reason, we are committed to ensuring its confidentiality, integrity and availability, aligning our practices with international security standards, in particular ISO/IEC 27001.

1/ Scope

This policy applies to all employees, contractors, suppliers and any other interested party who has access to mrHouston’s information and systems, regardless of their location or format.

2/ Objectives and Commitment

Stillion’s management commits to working towards the achievement of the following general objectives:

  1. Ensure information security by safeguarding confidentiality, integrity and availability.
  2. Foster a culture of responsibility in information security through awareness and continuous training.
  3. Comply with all legal, regulatory and contractual requirements related to information security, personal data protection, intellectual property protection and any other relevant regulations.
  4. Adopt standards and best practices in information security.
  5. Design, implement and maintain an appropriate Information Security Management System (ISMS).
  6. Establish and periodically review information security objectives aligned with the organization’s purpose and strategy, as well as with identified threats and the fundamental principles of information security described in this policy.
  7. Ensure supervision and monitoring of compliance with these information security objectives.
  8. Provide the organization with the necessary technological, human and financial resources to ensure information protection.
  9. Continuously and diligently identify, assess and treat the risks to which the organization is exposed.
  10. Promote self-assessment and continuous improvement, identifying opportunities to optimize information security.

3/ Fundamental Principles of Information Security

  1. Information protection, ensuring confidentiality, integrity and availability.
  2. Legal and regulatory compliance, ensuring alignment with applicable regulations and requirements.
  3. Risk management, identifying, assessing and mitigating potential threats and vulnerabilities to protect information assets.
  4. Training and awareness, promoting active responsibility among all collaborators through awareness programmes.
  5. Continuous improvement, optimizing processes, tools and security measures to respond to Stillion’s context.

4/ Communication and Disclosure

This policy will be communicated and made publicly available to all interested parties, both internal and external to the organization.

The document will be published through appropriate channels to ensure access for interested parties, such as the organization’s public website, corporate intranet and internal document management system, facilitating consultation by internal staff.

5/ Responsibilities

  • Stillion Management is responsible for defining, disseminating, promoting and supervising this policy, as well as ensuring the allocation of the resources necessary for its proper implementation.
  • The Cybersecurity Coordination Committee (CCC) is a multidisciplinary body responsible for supervising, advising and ensuring the implementation, updating and compliance of the organization’s Security Plan, aligned with standards such as ISO 27001, managing risks and coordinating responses to critical incidents.
  • The Cybersecurity Officer is responsible for implementing, supervising and improving the ISMS, coordinating security initiatives and managing information-related incidents.
  • The Stillion IT Technical Team is responsible for providing the technical means required to ensure the operation of the ISMS.
  • All employees and collaborators must comply with this policy and the regulations derived from it. They are responsible for safeguarding information security in their daily activities and must report any information security incident as soon as they become aware of it, through the channels established by the organization.

6/ Review and Approval

This policy will be periodically reviewed and updated according to organizational needs and changes in the environment.

Approved by the Stillion Management Committee on January 07, 2026.

THANK YOU FOR SUBSCRIBING

You’ll now receive our updates, insights and publications directly in your inbox.
Clear technology. No noise.

THANK YOU

Your message has been sent successfully.
We will get back to you shortly!