SHA

Policies

The Management of SHA Spain has approved this Quality Policy, which should serve as a guide for how our organization and all its members develop and lead all activities, responsibilities, and relationships, based on satisfying the needs and requirements of its clients and users. It is committed to good professional practices and to providing products/services that meet their intended use, emphasizing the importance of understanding our stakeholders and quickly and effectively responding to any risk situation.

At SHA Spain, we consider continuous improvement of the quality of our products/services and the satisfaction of our clients and stakeholders as one of our core values, integrating stakeholder dialogue and understanding into our governance strategies, and including their requirements and expectations in our objectives as a fundamental pillar of our mission, vision, and values.

Our Vision:

To be global leaders in integrative health and wellness care.

Our Mission:

To help people reach and maintain an optimal state of health, bringing together in a unique and integrative method the latest advances in scientific medicine alongside the most effective and proven holistic therapies, with a special emphasis on healthy and balanced nutrition.

Our Values:

We genuinely care for our guests, our team, our planet, and our resources
We act with excellence in everything we do, making it a habit
We prioritize honesty and loyalty in all our actions
We commit to continuous improvement and innovation
We enjoy the journey, facing challenges with passion and enthusiasm

As part of the commitment and leadership of SHA Spain, the necessary resources, responsibilities, and mechanisms have been allocated for the proper implementation, development, and continuous improvement of a QUALITY MANAGEMENT SYSTEM, aligned with the requirements of the international standard ISO 9001:2015.

Our QUALITY MANAGEMENT SYSTEM is designed and implemented through concrete actions defined in policies, procedures, controls, and specific measures. It is subject to regular evaluations and reviews, with the following key commitments:

Meeting the health objectives of our patients.
Quality and its improvement are the responsibility of all members of SHA Spain, starting from the Management.
Quality is achieved by planning, executing, reviewing, and improving the Management System, always considering the organization’s internal and external context.
Quality is focused on satisfying all our stakeholders by the organization’s commitment to meeting their needs and requirements, as well as legal, regulatory, and product/service requirements.
The quality of our products/services relies on the effectiveness of the Quality Management System, where preventing errors is a fundamental aspect, always seeking continuous improvement of our management system.
Quality drives us to pay close attention to technological developments and the possible improvements that new technologies may offer us.
Quality requires everyone’s participation and collaboration, so this Policy is communicated to all SHA Spain staff for their awareness and understanding.

To fulfill these commitments, we have designed and approved specific objectives that are periodically measured and evaluated.

Information Security Policy

The company has decided to implement an Information Security Management System based on ISO 27001 with the goal of preserving the confidentiality, integrity, and availability of information; protecting it from a wide range of threats; and ensuring business continuity, minimizing damage, maximizing the return on investments and business opportunities, and promoting continuous improvement.

Management is aware that information is a highly valuable asset for the Organization and therefore requires adequate protection.

Management establishes the following basic objectives, as a starting point and support for the goals and principles of information security:

Protection of personal data and individuals’ privacy.
Safeguarding organizational records.
Protection of intellectual property rights.
Documentation of the information security policy.
Assignment of security responsibilities.
Training and awareness for information security.
Logging of security incidents.
Business continuity management.
Management of security-related changes within the company.

Through the development and implementation of this Information Security Management System, Management undertakes the following commitments:

Develop software and services in compliance with legal requirements, identifying applicable laws to the organization’s business lines within the scope of the Information Security Management System.
Protect our guests’ information with the highest effectiveness.
Establish and comply with contractual requirements with stakeholders.
Define training requirements in security and provide necessary training to stakeholders through training plans.
Prevent and detect viruses and other malicious software through specific policies and contractual agreements with specialized organizations.
Ensure business continuity by developing plans in line with internationally recognized methodologies.
Establish the consequences of violations of this security policy, which will be reflected in contracts with stakeholders, suppliers, and subcontractors.
Act at all times with the highest professional ethics.

This Policy provides the framework for continuous improvement of the Information Security Management System, as well as for establishing and reviewing its objectives. It is communicated to the entire Organization and published on the website, reviewed annually for adequacy and on an extraordinary basis when special circumstances and/or substantial changes occur in the Information Security Management System. It is made available to the general public.

SHA Management

Change Control