Woelfel Research Inc.
Confidentiality Policy
Woelfel Research Inc. Confidentiality Policy Summary Woelfel Research Inc (WRI) is strongly committed to protecting the confidentiality of the data we are entrusted with. Protecting our client’s data is one of our highest priorities, and we have never disclosed any client data to an outside entity without prior instruction and authorization. Further, our data security systems safeguard client data from outside threats. This policy statement describes the procedures and safeguards used by WRI. Use of Information WRI routinely uses and collects confidential information for our clients. This information includes, but is not limited to: Customer databases and other information related to customers and prospects Financial and demographic data Marketing and Strategic plans Advertising copy, executions and campaign information Product formulations Competitive intelligence Intellectual property Trade claims Information related to employees, affiliates, and business partners Legal documents, and Survey data we collect The only use WRI ever makes of confidential information is what we specifically agree upon with our clients. WRI will not communicate, reveal, disclose, sell, distribute, rent, license, share or pass on any client information to a third party without prior consent and instructions from our client. The only exception to this policy would be if we were compelled to do so by a court order. Further, WRI will not reuse customer samples or other proprietary client information without being instructed to do so by our client. WRI never uses client information for any purpose not authorized by our clients. All WRI employees are bound by a confidentiality agreement. Data Security At WRI we are committed to protecting the privacy of our client’s confidential information. We take a variety of steps and have several systems in place to protect this information from misuse, loss, and from unauthorized access, modification or disclosure. We ensure this through security measures and systems such as: Secure servers and PCs Restrictions on where confidential data can be stored Password protection and user authentication Secure storage systems Physical Access Physical access to our main office and telephone centers are limited by pass keys, locks, receptionists, and alarm systems. Within our office space, access to confidential information is limited to users who work with the data. Access by other employees is denied by account privileges and passwords. Archival documents are stored in a secure storage facility. Upon request or when client documents are no longer needed, confidential hard copy documents are destroyed. Electronic Access Within our facilities, electronic access to data is restricted by passwords and account restrictions. Off site access is severely limited through two firewalls, including a custom Checkpoint firewall solution with monitoring and alert systems. The Windows XP firewall provides a third firewall for many users. Data communicated between our offices is done via a secure, encrypted VPN. The only confidential information stored on our servers is what is needed for telephone surveys; typically phone numbers and names. Any other sensitive information stored on our servers is done on an as-needed basis. Access to the servers is tightly controlled within our facilities, and our servers have non-routable IP addresses, so they are not directly accessible from outside our office. Data Protection Several policies and systems are in place to secure data in case of mishap, environmental hazard, damage, or natural disaster. Our servers are mirrored and data is backed up to tape nightly. For survey data we collect, redundant information is stored in two offices in different parts of Virginia. Servers are connected to UPS systems.
© 2002 Woelfel Research, Inc. All rights reserved
