The purpose of the Confidentiality Policy is to ensure that all employees, committee members, contractors, personnel of external bodies or individuals working on behalf of Certy Certification understand the company’s requirements for disclosing Certy Certification’s confidential client information. This policy is not intended to restrict disclosure in situations where it is mandated by law.
Certy Certification body is committed to providing confidential Certification services to its clients, including information about the client, e.g., complainants and regulators and shall not disclose to others or use confidential technical or business information belonging to Certy Certification, its partners, agents, customers, or clients without authorization. This includes any information gained or developed during Certy Certification activities, whether written or otherwise tangible, that is not generally available to the public and/or provides an advantage to those who use it over competitors.
For this policy, confidentiality relates to the transmission of client, sensitive or identifiable information about individuals or organizations (confidential information), which comes into the possession of Certy Certification through its Management System Certification activities.
Certy Certification shall inform the client, in advance, of the information it intends to place in the public domain. Except for information made publicly available by the customer, all other information will be treated as confidential.
Certy Certification recognizes that occasions may arise where individual employees feel they need to breach confidentiality. Confidential or sensitive information relating to an individual or an organization may be divulged where there is risk of danger to an individual, client, or where it is against the law to withhold it. In these circumstances, information may be divulged to external agencies e.g., Police, Health and Safety Executive, Environmental Protection Agency on a need-to-know basis.
Where a Certy Certification employee or someone operating on its behalf feels that confidentiality should be breached the decision will be based on review of the Impartiality Committee.
All Certy Certification employees and those operating on its behalf will receive a copy of the confidentiality policy and sign a confidentiality agreement. Existing and new employees will be introduced and trained on the confidentiality policy.