Information Security Policy
To maintain our excellent level of service as a strategic partner for our clients, the security of the personal information and data we hold is among our highest priorities.
This commitment is embedded in our Information Security Policy, based on the following principles:
- Personal information and data under our responsibility regards information and data that is treated, physically or digitally stored, and processed in the IT systems and infrastructure at the locations our professionals use;
- Irrespective of the position, role, area, or privileges granted to professionals, the privacy and security of personal information and data must remain secure. Professionals must always seek to:
- Keep the information confidential, ensuring that it is only accessed when truly necessary and solely by authorized people;
- Ensure the integrity, accuracy, and completeness of the information, as well as the methods used to process it; and
- Ensure that the information is available to authorized people who depend on it.
- Compliance with all legal obligations determined in applicable laws in order to meet regulatory and contractual requirements relevant to our professionals’ activities;
- Respect for Mattos Filho’s Code of Ethics and Conduct when processing personal information and data.
All professionals are responsible for ensuring the security of personal information and data under the responsibility of Mattos Filho. They must report any circumstance that may expose Mattos Filho to any risk so that the firm can continue to improve processes and procedures regarding information security, personal data protection, and Mattos Filho’s Integrated Management System (SGI).
External information security policy – Supplementary documents
Information Management Policy
Outlines how the firm handles all aspects of the information cycle, including collection, content classification, sharing, storage, retention, and deletion.
Identity and Access Management Policy
Describes how the firm manages its employees’ and third parties’ physical and digital access to information, including facilities, system access, remote access, and more.
Cybersecurity Policy
Outlines how the firm manages equipment and communication channels to ensure information security resources are operating at optimal levels and are monitored in real time.
Information Security Policy – Supplier Relations
Describes how the firm handles risks associated with third parties that interact with Mattos Filho, including agreements and legal requirements.
Information Security Continuity Procedure
Outlines how the firm maintains its strategic and operational framework to respond to process-related disruptions.
Internal Data Protection Governance Policy
Outlines how the firm manages its data privacy program in relation to data subjects.
Audit and Compliance Policy
Describes how the firm manages its Security, Privacy, and Business Sustainability programs to ensure they comply with other Mattos Filho rules and policies.
ISO27001 Certification
We continue to invest in initiatives, training and improvements that bring us up to date with the best market practices for protecting data that is essential to our business and that of third parties. As a result of our efforts, we have been granted ISO27001 certification, an international standard that recognizes companies with stable and mature information security practices and processes.
Integrated Report 2023
We present Pulso, Mattos Filho’s new integrated report. Having pioneered annual disclosures of results among Brazilian law firms, this time, the firm reinforces its commitment to transparency in an innovative way. Featuring multimedia content and an interactive approach, Pulso offers clients a better digital experience. The texts and videos contain information on the three ESG fronts, as well as key business developments that impacted the economy in 2023 and should remain top-of-mind in 2024.
Stay in touch
Get first-hand access to legal analysis from our specialists in different sectors through texts and podcasts. Stay on top of the main issues that impact your business.