Policy brief & purpose
We designed our company confidentiality policy to explain how we expect our members to treat confidential information. Members will unavoidably receive and handle personal and private information about clients, partners, and our company. We want to make sure that this information is well-protected.
We must protect this information for two reasons. It may:
Be legally binding (e.g. sensitive customer data.)
Constitute the backbone of our business, giving us a competitive advantage (e.g. business processes.)
This policy affects all employees, members including board members, investors, contractors, and volunteers, who may have access to confidential information.
Confidential and proprietary information is secret, valuable, expensive, and/or easily replicated.
Common examples of confidential information are:
Unpublished financial information
Data of Customers/Partners/Vendors
Patents, formulas, or new technologies
Customer lists (existing and prospective)
Data entrusted to our company by external parties
Pricing/marketing and other undisclosed strategies
Documents and processes explicitly marked as confidential
Unpublished goals, forecasts and initiatives marked as confidential
Members may have various levels of authorised access to confidential information.
What members should do:
Lock or secure confidential information always
Shred confidential documents when they are no longer needed
Make sure they only view confidential information on secure devices
Only disclose information to another member when it is necessary and authorised
Keep confidential documents inside our company’s premises unless it is necessary to move them
What members should not do:
Use confidential information for any personal benefit or profit
Disclose confidential information to anyone outside of our company
Replicate confidential documents and files and store them on insecure devices
When a member ceases membership or stops working for our company, they are obliged to return any confidential files and delete them from their personal devices.
We will take measures to ensure that confidential information is well protected. We will:
Store and lock paper documents
Encrypt electronic information and safeguard databases
Ask members to sign non-compete and/or non-disclosure agreements (NDAs)
Ask for authorisation by senior management to allow members to access certain confidential information
Confidential information may occasionally have to be disclosed for legitimate reasons.
If a regulatory body requests, it as part of an investigation or audit
If our company examines a venture or partnership that requires disclosing some information (within legal boundaries)
In such cases, members involved should document their disclosure procedure and collect all needed authorisations. We are bound to avoid disclosing more information than needed.
Members who do not respect our confidentiality policy will face disciplinary and, possibly, legal action.
We will investigate every breach of this policy. We will terminate any member who wilfully or regularly breaches our confidentiality guidelines for personal profit. We may also have to punish any unintentional breach of this policy depending on its frequency and seriousness. We will terminate members who repeatedly disregard this policy, even when they do so unintentionally.
This policy is binding even after separation of employment or membership.