Information security policy

At Freestone we apply the utmost in creative thinking to everything we do. In delivering design and marketing solutions to our national and international clients.

Our Information Security Management (“ISM”) policy aims to maintain the highest standard of confidentiality, integrity and availability of internal, client and supplier information and to protect the company’s information assets from all threats, whether
internal or external, deliberate or accidental.

It is our policy to seek to operate in order to comply with the requirements of BS EN ISO 27001:2022.

Our success is dependent upon our ability to store information securely, and retrieve and process it as and when required. Such information and the way it may be processed is subject to UK legislation.

Our ISM Policy is achieved by a stringent set of controls, including policies, processes, procedures and software and hardware functions. These controls are continuously monitored, reviewed, improved and approved by the Managing Director to ensure that specific security and business objectives are met. This is operated in conjunction with other business management processes, and incorporates all applicable statutory,
regulatory and contractual requirements.

Awareness of our ISM Policy is incorporated in our induction process. The ISM policy is readily accessible internally and presented to existing and prospective clients. In addition to employees; suppliers, contractors and sub-contractors
to Freestones are expected to adhere to our ISM Policy.

All employees are empowered to take responsibility for Information Security and a robust process for identifying and reporting security risks and incidents is in place and is regularly reviewed.

Stuart Freestone
Managing Director
May 2025