Triptych Privacy and Confidentiality Policy

‍

1. Purpose

Triptych is committed to maintaining the privacy and confidentiality of all client, employee, and project-related information. This policy outlines our practices for handling, storing, and protecting sensitive information, ensuring compliance with applicable privacy laws and maintaining trust with our clients and team members.

2. Scope

This policy applies to all Triptych employees, contractors, partners, and anyone granted access to confidential or private information. It covers all client and employee data, project materials, and other sensitive information, regardless of format (digital, physical, or verbal).

3. Definitions

• Confidential Information: Any non-public information shared with Triptych, including but not limited to client data, project details, intellectual property, trade secrets, and business strategies.
• Personal Data: Information that can be used to identify an individual, such as names, contact information, identification numbers, financial data, or any other personal identifiers.
• Data Subject: Any person whose data is processed by Triptych, including clients, employees, and users of our services.

4. Collection and Use of Data

Triptych collects only the minimum necessary personal and business information required to perform our services, meet legal requirements, and ensure efficient operation. We do not sell, rent, or otherwise share personal data with third parties unless explicitly required for project execution or as mandated by law.

5. Protection of Information

To ensure the safety and integrity of confidential and personal information, Triptych adheres to the following measures:

• Access Control: Access to sensitive information is limited to authorized personnel based on their job responsibilities. All employees and contractors are required to use unique login credentials and follow our strict password protocols.
• Data Encryption: All personal and confidential data stored digitally is encrypted both at rest and in transit, using industry-standard encryption protocols.
• Physical Security: Hard copies of sensitive information are stored in secure, restricted areas accessible only to authorized personnel. When no longer needed, physical documents are disposed of securely through shredding or certified disposal services.
• Regular Audits: Triptych conducts periodic reviews of data protection measures, ensuring compliance with internal policies and industry standards.

6. Confidentiality Obligations

All Triptych employees and contractors are required to:

• Sign a non-disclosure agreement (NDA) upon joining the company.
• Avoid disclosing any confidential information to unauthorized parties, both during and after employment.
• Use confidential information only for authorized purposes and only as needed to perform their job responsibilities.

Any unauthorized disclosure of confidential or personal information may result in disciplinary action, including termination, and may involve legal consequences.

7. Client Confidentiality

Triptych treats all client information as strictly confidential. Project materials, strategic plans, proprietary client data, and any other sensitive client information will not be disclosed to third parties without the client's express written consent, except where required by law.

8. Employee Privacy

Triptych respects the privacy of all employees. Personal data collected for employment purposes (such as contact information, banking details, or performance records) is stored securely and used only for business or regulatory needs. Employees have the right to access their personal data upon request, and any updates or corrections are processed promptly.

9. Incident Response and Data Breach Notification

In the event of a suspected data breach, Triptych will:

• Promptly investigate the incident to identify its scope and cause.
• Take immediate steps to contain and mitigate the breach.
• Notify affected clients or employees and relevant authorities in accordance with legal requirements.
• Implement corrective actions to prevent similar incidents in the future.

10. Policy Review and Updates

This Privacy and Confidentiality Policy is reviewed annually or whenever there is a significant change in privacy laws or business practices. Employees are informed of any updates and expected to adhere to the latest version of this policy.

11. Contact Information

For questions regarding this policy or concerns about privacy and confidentiality at Triptych, please contact us at
info@triptych.co
‍
(423) 509-6637