MyBizBox
Business OS
Governance & ComplianceCompany Policies

Third Party Confidential Information Policy

This template outlines the company's policy on handling confidential information received from third parties, ensuring its protection and proper use. It should be used by all employees who may come into contact with such information.

Updated 16d ago
confidentialitythird-partyinformation security ندpolicydata protectionSMESouthern Africa
Download Preview & customize

{{company_name}}

{{company_address}}

Phone: {{phone}} | Email: {{email}} | Web: {{website}}

Third Party Confidential Information Policy

Third Party Confidential Information Policy

{{company_name}}

{{company_address}}

Phone: {{phone}}

Email: {{email}}

Website: {{website}}

1. Policy Statement

{{company_name}} is committed to maintaining the confidentiality and integrity of all information, including that received from third parties. This policy outlines the principles and procedures to protect such confidential information and ensure compliance with legal and contractual obligations. All employees, contractors, and agents of {{company_name}} are required to adhere to this policy.

2. Purpose

The purpose of this policy is to:

• Define what constitutes 'Third Party Confidential Information'.

• Establish guidelines for handling, storing, and transmitting such information.

• Ensure compliance with non-disclosure agreements (NDAs) and other contractual obligations.

• Protect {{company_name}} from legal and reputational risks associated with mishandling confidential data.

3. Scope

This policy applies to all employees, contractors, consultants, temporary staff, and any other individuals working for or on behalf of {{company_name}} who may receive, access, or process confidential information belonging to third parties. It covers all forms of information, whether written, oral, electronic, or visual.

4. Definition of Third-Party Confidential Information

Third-Party Confidential Information includes, but is not limited to, any non-public information disclosed by a third party (e.g., clients, partners, vendors, suppliers) to {{company_name}} that is designated as confidential, or that, by its nature, would reasonably be understood to be confidential. This may include:

• Business plans, strategies, and financial data.

• Customer lists, pricing information, and marketing strategies.

• Product designs, specifications, and research and development data.

• Software, algorithms, and intellectual property.

• Personal identifiable information (PII) of individuals.

• Any information subject to a Non-Disclosure Agreement (NDA) or similar confidentiality agreement.

5. Responsibilities

All employees are responsible for:

• Identifying information as third-party confidential.

• Adhering to the terms of this policy and any applicable NDAs.

• Reporting any suspected or actual breaches of confidentiality.

• Seeking clarification from their manager or the {{designated_department/person}} if unsure about the confidentiality status or handling of information.

Management is responsible for:

• Ensuring employees are aware of and trained on this policy.

• Implementing appropriate security measures to protect confidential information.

• Investigating and addressing any breaches of this policy.

6. Handling Procedures

6.1. Identification and Marking:

• All third-party confidential information should be clearly identified and, where possible, marked as 'Confidential' or 'Proprietary'.

• Electronic files should be similarly designated, e.g., in filenames or document properties.

6.2. Non-Disclosure Agreements (NDAs):

• Before receiving any significant third-party confidential information, a comprehensive NDA must be in place, signed by authorized representatives of both parties. {{NDA_template_reference}}

• Employees must be aware of and adhere to the specific terms of any NDA related to the information they are handling.

6.3. Access Control:

• Access to third-party confidential information must be restricted to only those employees, contractors, or agents who have a legitimate 'need-to-know' to perform their job duties.

• Access permissions should be regularly reviewed and updated.

6.4. Storage and Security:

• Physical documents containing confidential information must be stored in secure, locked cabinets or rooms.

• Electronic confidential information must be stored on secure, password-protected systems, servers, or cloud platforms with appropriate encryption.

• Avoid storing confidential information on personal devices or unsecured public networks.

6.5. Transmission:

• When transmitting confidential information electronically, use secure, encrypted channels. Avoid sending confidential information via unencrypted email. Consider using {{secure_file_transfer_protocol}}.

• Physical transmission should be done via secure and traceable methods.

6.6. Discussion and Disclosure:

• Discuss third-party confidential information only in private settings where it cannot be overheard by unauthorized individuals.

• Do not discuss confidential information in public places, on social media, or with unauthorized personnel.

• Never disclose third-party confidential information to external parties without explicit, written authorization and a valid NDA in place.

6.7. Reproduction and Disposal:

• Reproduce confidential information only when necessary and ensure all copies are secured.

• When no longer needed, confidential information must be securely disposed of. Physical documents must be shredded, and electronic files must be securely deleted from all storage locations. {{data_retention_policy_reference}}

7. Breach of Policy

Any breach of this Third-Party Confidential Information Policy, whether intentional or accidental, must be reported immediately to {{appropriate_manager/department}}. All breaches will be investigated thoroughly, and appropriate disciplinary action, up to and including termination of employment or contract, may be taken. Furthermore, legal action may be pursued against individuals or entities responsible for the unauthorized disclosure or misuse of confidential information.

8. Training and Awareness

All relevant employees, contractors, and agents will receive regular training on this policy and their obligations regarding third-party confidential information. Awareness campaigns will be conducted periodically to reinforce key principles.

9. Policy Review

This policy will be reviewed annually, or as needed, to ensure its continued effectiveness and compliance with relevant laws and best practices. Any updates will be communicated to all affected parties.

Signatures

___________________________

{{Authorised_Signatory_Name}}

{{Authorised_Signatory_Title}}

Date: {{date}}

___________________________

Employee Acknowledgement

Printed Name: {{employee_name}}

Date: {{acknowledgement_date}}

Related templates

Graphic Design Brief

Template from the Marketing catalogue. Edit to customise.

1
Today

Annual General Meeting Notice

This document provides a template for an Annual General Meeting (AGM) notice, informing shareholders of the meeting details and agenda.

AGMNoticeShareholders
1d ago

Director Code of Conduct

A document outlining the expected standards of behaviour and ethical conduct for directors of a company.

DirectorCode of ConductGovernance
2w ago

Board Resolution Approving Acquisition of Business Assets

This template provides a formal board resolution for a company to approve the acquisition of business assets. It should be used when the board of directors needs to officially sanction the purchase of assets from another entity.

board resolutionacquisitionassets
4d ago