Information Security Policy

The protection of information and the systems through which it is processed is of strategic importance to the Firm, as it enables us to achieve our short and long term objectives and at the same time to safeguard the confidentiality of its client’s data.


We recognise the importance of information and information systems in the performance of our professional activities, and implement an Information Security Policy with the aim of:


  • Ensuring the confidentiality, integrity and availability of the information we manage.
  • Ensuring the correct operation of our information systems.
  • The time-efficient response to incidents that could compromise the Firm’s business operations.
  • Compliance with legislative and regulatory requirements.
  • The constant optimisation of the level of Information Security.


To this end:

  • The organizational structures necessary to monitor issues related to Information Security are identified.
  • The technical measures for controlling and restricting access to information and information systems are identified.
  • The way in which information is classified according to importance and value is determined.
  • The measures required to protect information in the stages of processing, storage and transfer are set out.
  • The ways in which the Firm’s lawyers and personnel are notified of and trained in Information Security issues are determined.
  • The ways in which Information Security incidents are dealt with are identified.
  • The ways in which the continuity of the Firm’s business operations is ensured in the event of a malfunction of information systems or in the event of disasters are described.


The Firm periodically carries out assessments of the risks related to Information Security and takes the necessary measures to address any which arise. It applies a framework for evaluating the effectiveness of its Information Security processes, by means of which performance indices are set, the methodology for measuring them is described and reports are regularly compiled and reviewed by the Firm’s Management in order to continuously improve the systems in place.


The Information Security Officer is responsible for controlling and monitoring the policies and procedures related to Information Security and taking the necessary initiatives to eliminate factors that may compromise the availability, integrity and confidentiality of the Firm’s information.


All lawyers and personnel of the Firm and its business partners who have been granted access to our information and information systems are responsible for complying with the rules of the Information Security Policy in place.


The Firm is committed to the continuous monitoring of and compliance with the regulatory and legislative framework in place and to the ongoing implementation and optimization of the effectiveness of the Information Security Management Systems.


The Managing Partner