Page 47 - Ipsos
P. 47

Information Classification: Internal Use
                                                                      Ipsos Book of Policies & Procedures

                          Operations  Managers  are  responsible  for  ensuring  that  information  in  relation  with
                          respondents  are  retained  and  destroyed  according  to  ESOMAR  standards,  applicable
                          local laws for Personal Data and this policy.

                          Business Unit  Managers are responsible for ensuring that information relating to their
                          business units is retained and destroyed according to this policy.  This includes ensuring
                          study  and  project  teams  within  their  business  units  comply  with  this  policy  where
                          Study/Project Managers have left the Business Unit.
                          Chief Financial Officers are responsible for ensuring that:
                           o  Financial  information  is  retained  in  compliance  with  relevant  national  and
                              international legal and regulatory requirements.
                           o  The required authorization of changes to the retention and destruction of financial
                              records and information is provided.
                           o  An Annual Review of information retention and destruction is carried out.

                          Human Resources Directors are responsible for ensuring that:
                           o  Information  held  regarding  staff,  interviewers  and  other  workers  is  retained  in
                              compliance  with  relevant  national  and  international  legal  and  regulatory
                              requirements.
                           o  The required authorization of changes to the retention and destruction of Personnel
                              records and information is provided.
                           o  An Annual Review of information retention and destruction is carried out.



                         3.3    Violation

                   Violation of this policy may result in disciplinary action. This may include termination for breach of
                   employment contract in case of employees and temporaries; termination for breach of services
                   agreement in the case of contractors or consultants; and dismissal for interns and volunteers.




                   4.0  Information Classification and Labelling Policy


                   4.1    Information Classification Policy

                   Based  on  its  value,  legal  requirements,  sensitivity,  and  criticality  to  the  organization,  Ipsos
                   information has been classified and labeled as:

                   -  Strictly  confidential  information  contains  sensitive  and  very  important  information  to  our
                      business,  not  designated  to  the  public  or  unauthorized  persons  and  whose  unauthorized
                      disclosure could be very prejudicial to business continuity. This type of information can only be
                      access by Ipsos employee on a need to know basis. It includes but not limited to:

                                 o  Any Information provided by Clients which is not in public domain,
                                 o  Study Results and Panel / Research Data,
                                 o  Information on the type of research projects conducted by client,

                                 o  All Personal Data,


                                                   Page 7 of 22
   42   43   44   45   46   47   48   49   50   51   52