Purple Elephant Productions confidentiality policy
Policy brief & purpose
Our confidentiality policy explains how we expect our employees and volunteers to treat confidential information. Employees and volunteers will unavoidably receive and handle personal and private information about families, partners and our company. We want to make sure that this information is well-protected.
This policy affects all employees, including directors and contractors, and volunteers, who may have access to confidential information.
Confidential information is secret, valuable, expensive and/or easily replicated. Common examples of confidential information are:
- Unpublished financial information
- Data relating to families, partners, employees and volunteers
- Family lists and registers (existing and prospective)
- Data entrusted to our company by external parties
- Pricing/budgets and other undisclosed strategies
- Documents and processes explicitly marked as confidential such as DBS information
- Unpublished projects and initiatives marked as confidential
Employees and volunteers may have various levels of authorized access to confidential information.
What employees and volunteers should do:
- Lock or secure confidential information at all times eg. in a safe, cash box or lockable cupboard
- Shred confidential documents when they’re no longer needed
- Make sure they only view confidential information on secure devices
- Only disclose information to other employees or volunteers when it’s necessary and authorized
- Keep confidential documents inside our company’s premises unless it’s absolutely necessary to move them
What employees and volunteers shouldn’t do:
- Use confidential information for any personal benefit or profit
- Disclose confidential information to anyone outside of our company, including to other members of their family or household
- Discuss children or families, volunteers or employees on any online or mobile social media platforms including Facebook, Instagram and Twitter
- Replicate confidential documents or files and store them on insecure devices
When employees or volunteers stop working for our company, they’re obliged to return any confidential files and delete them from their personal devices.
We’ll take measures to ensure that confidential information is well protected. We’ll:
- Store and lock paper documents
- Encrypt electronic information and safeguard databases
- Ask employees and volunteers to sign a confidentiality agreement
Confidential information may occasionally have to be disclosed for legitimate reasons. Examples are:
- If a regulatory body requests it as part of an investigation or audit
- If a safeguarding issue arises
In such cases and if they are at all unsure, employees and volunteers should refer to a company director before disclosing any information.
If any breach of the above occurs, it could lead to disciplinary action.
Dated: June 2020. This policy will be reviewed biannually at the AGM.