Confidentiality Policy
ECAAS ISO New Zealand staff and management, Sub-Contractors and any other person getting access to confidential information, including any information relating to ECAAS or its clients, former clients and past and current prospect clients, their organisation and their management systems are required to treat this information as confidential at all times.
Confidential information includes (but is not limited to) the following:
-
any information relating to the business affairs of clients and their personnel, other than their trade names and scope and status of certification;
-
matters of a technical nature, trade secrets, technical data, marketing procedures, accounting programs and procedures, financial information, strategic and business plans;
-
other information which, if disclosed, the person knows or ought reasonably to know, would be detrimental to ECAAS, its personnel or its clients; and
-
all other information which is imparted in circumstances which the person knows or ought reasonably to know that the information is confidential to ECAAS or any persons with whom ECAAS is concerned.
Excluded from confidentiality is information which:
-
is or becomes a matter of public record;
-
Information relating to the Status of Certification of our clients, including company name, relevant Standard, Scope of Certification and Geographical location as well as the status, issue date and expiry date of your Certification;
ECAAS shall not disclose Confidential Information to third parties unless:
-
the disclosure is necessary to perform parts of a Contract (for example to a suitable Sub-contractor)
-
the disclosure is specifically authorised by the other party;
-
the third party is a related body corporate of a party within the meaning of section 9 of the Corporations Act (2001);
-
the disclosure is required by applicable law or by any government or government agency having jurisdiction over the party concerned or by an accreditation authority we subscribe to;
This Policy does not prevent us from disclosing Confidential Information to any government or regulatory body where we reasonably believe the health or safety of any person may be compromised if such disclosure is not made.
This Policy operates in conjunction with contracts of employment, letters of appointment and/or Sub-Contractor agreements.
Every party working on behalf of ECAAS, either as an employee or as an external service provider is required to confirm acceptance and understanding of this policy prior to the commencement of employment/contract.
At all times ECAAS requirements for maintenance of confidentiality are subordinate to national or relevant state legislation.
Action may be taken against any person or organisation found to be in breach of their confidentiality obligation, regardless of whether the relation between that person/organisation and ECAAS still exists or not. The type and extent of this action will reflect the nature and consequences of the breach of confidentiality but could include instant dismissal, termination of contract or legal action.