CERTINSPECT is responsible, based on the legally enforceable agreements, with the management of all information obtained or created during the certification activities, at all the levels of its organizational structure, including commissions, collaborating staff acting on its behalf.
In order to offer its clients full confidence and to obtain privileged access to the information necessary to perform an adequate evaluation on the compliance with the certification criteria, CERTINSPECT prepared this confidentiality policy which treats as confidential the information regarding:
- its clients;
- its own staff and its collaborators;
- its clients, coming from other sources than the client itself (complaints, authorities);
- a specific client or certified person/persons.
For the purpose of complying with the confidentiality principle, CERTINSPECT has taken the following measures:
- signing of the Deontological Code by the entire internal staff and the collaborators, including the members of the CERTINSPECT commissions;
- advance notification to the client concerning the information which the body wants to make public, considering that all the other information is confidential except for those made public by the client itself;
- to notify the client prior to supplying a piece of information concerning the former to third parties, with the exception of situations regulated by the law;
- to ensure through contractual clauses that its subcontractors comply with confidentiality in their supplied services.
CERTINSPECT has processes, equipment and facilities that ensure the safe handling of confidential information: electronic storage devices for storing information, usernames and access passwords on different levels, etc.
As Director, I undertake to allocate the necessary resources for the implementation of this policy.
Date: 01 August 2017