How does Gelivable manage confidentiality requirements?

We have conducted multiple internal reviews and enhancements of our confidentiality management system, aiming to ensure that our commitment to confidentiality is systematically upheld from the initial handling of customer information through to the conclusion of the project. Today, I will provide a brief overview of the Gelivable's practices in managing confidentiality.

1. All documents are categorized into four classifications: Restricted, Highly Confidential, Confidential and Public, based on their content and specific requirements. These classifications are clearly defined to ensure that all colleagues comprehend the significance of each distinction.

2. We have developed a comparative authority table for the circulation process of confidential documents and products. This table has been reviewed and trained by all employees and is accessible at all major locations.

3. Upon receipt of the documents, the Sales Department will identify and assigned it to the respective confidentiality classification based on customers’ requirements and/or with reference to the confidentiality agreement signed. The documents will be stamped with the corresponding classification identification/logo in a clearly visible location.  Engineering design related documents upon completion, such as design plans, technical information, product information, drawings and other documents will have their confidentiality classification assigned by the Engineering Head of Department. Likewise, the documents will be stamped with the corresponding classification identification/logo in a clearly visible location.  

4. The Document Control Department will then record the documents into the “Confidential Information Register“ with a corresponding serial number, level of authorized release, record of the corresponding personnel, and assigning the Confidentiality Gatekeeper (in this case, the Sales Manager will be responsible for all customers’ related documents)

5. Confidential documents are then distributed in accordance with the authority table for respective assess. Confidential engineering design related documents upon approval will be converted by the Engineering Department into general information for internal use among the various department; Upon the document’s conversion, it must no longer retain any information pertaining to the initial development project or client, and should be classified in accordance with the prescribed identification methodology.

6. Parts produced by Production or externally procured by Purchasing shall be labelled with a “Confidential” sign upon delivery.

7. Parts labelled with "Confidential" signs will not be handled by other unrelated personnel throughout the processes except for direct authorized workers. This restriction extends to any form of display, photography, observation, or examination by unauthorized individuals.

8. The Sales department verifies the Confidentiality Agreement and other applicable regulations established with the customer, completes the "Network Platform Customer Information Non-Use List," and forwards it to the Marketing Department. The Marketing Department then conducts weekly confirmations of the Network Platform's content and fills out the "Customer Information Non-Use List Confirmation Checklist" to ensure that no customer-related information is disclosed in any materials.

9. The Human Resources Department, acting as the auditor, will conduct audits of confidentiality management across various departments on a semi-annual basis. Any identified lapses will be addressed promptly. Additionally, each department will compile and maintain the "Confidential Information Register" on a quarterly basis.

10. Depending on the requirements of the company/customer, additional dedicated agreements on non-disclosure or confidentiality may be needed for specific projects. In such cases, the Human Resources Department and the project related team shall be responsible for the specific agreements. 

11. Regulations regarding employee resignation: Prior to the employee’s departure, he/she is responsible to return all confidential materials and information in their possession to the designated Confidentiality Gatekeeper, and to complete the handover procedures. It is mandatory to reiterate the confidentiality obligations to the departing employee, whether through written communication or verbal discussion. It is also necessary to inform the employee's new workplace about the confidentiality obligations that the employee has agreed to in their prior position.

The above are the Confidentiality controls which we have incorporated. Gradually, we will have our IT Department engaged with external software vendors to enhance our management of the confidentiality controls through OA, ERP and other tools. While we are not 100% foolproof, we are committed to ongoing improvements, which will lead to enhanced effectiveness with each step we take.