Timestamp

Disclaimers

Supplier and Third-Party Policy (Quality and Security)

At the TIMESTAMP Group, we manage our supply chain to ensure service quality and information protection throughout the entire supplier lifecycle. Our approach is aligned with ISO 9001 and with an Information Security Management System compliant with ISO/IEC 27001, including additional controls for cloud services (ISO/IEC 27017) and for the protection of personal data in the cloud (ISO/IEC 27018). When required by a service or project, we apply the requirements of the National Security Scheme (ENS), High category.

 

What we require from suppliers (according to criticality and scope)

  • Compliance with the agreed contractual requirements, service levels, and quality standards.

  • Security measures proportional to risk: access control, traceability, segregation, encryption when applicable, and vulnerability management.

  • For cloud services: application of the shared responsibility model, secure configuration controls, and monitoring (ISO/IEC 27017).

  • When personal data processing in the cloud applies: privacy guarantees, purpose limitation, access control, and appropriate protection measures (ISO/IEC 27018).

  • Notification and collaboration in the event of incidents that may affect TIMESTAMP, as well as compliance with applicable security instructions.

  • Subcontracting control when applicable, and secure return/destruction of information at the end of the service.

     

How we manage it

  • Initial assessment prior to contracting when required by the service.

  • Periodic assessment (at least annually) and extraordinary reassessment in case of relevant incidents, significant changes, or performance degradation.

  • Formalisation of requirements through contracts/orders and annexes (including specific security, cloud, or ENS requirements, when applicable).

  • Monitoring of improvement actions and verification of their effectiveness when necessary.

     

Our Commitment

We communicate applicable quality and security requirements to suppliers (and potential suppliers), promoting a relationship based on continuous improvement, confidentiality, and responsible information management.

Timestamp

Contact Us

Schedule a meeting with our team or submit a query.
Timestamp

Blog Public Procurement Quality and Environment Policy Privacy Policy Cookie Policy Information Security Policy Code of Conduct Scope of Management System Declaration of commitment to sustainability Statement on Diversity, Equality, and Inclusion (DEI) Certifications Business Continuity Policy Supplier and Third-Party Policy (Quality and Security) Irregularities Communication Policy

© 2026, Timestamp Group. All rights reserved. Website developed by Made2Web Digital Agency.