By confidentiality, a certification body shall ensure that information is accessible only to those interested parties authorized to have access and specific rules are established for auditors, administrative staff and other interested parties.
Clients entrust us with and allow us to gather information relating to their activities and other matters as part of the certification process. They do so in confidence, and they have the legitimate expectation that staff will respect confidentiality principles and act appropriately.
Information related to customers are not used or disclosed for purposes other than registration of the management system without the client’s explicit consent, or where there is a legal justification to do so. In contrast, anonymised information is not confidential and may be used without constraints.