Confidentiality Policy on OASIS Supplier and Assessment data

OASIS database company registration information is segregated into type 1 and 2 data. Type 1 data includes general company and certification information typically listed on the certificate. Type 2 data is restricted company audit information which includes:

An OASIS listed certified company is able to grant access to their type 2 restricted data to select individuals, to IAQG member companies or to all users through their OASIS Administrator.

Any information in respect of specific Certification Body/Registrar Management Committees, National Accreditation Bodies, Certification Bodies/Registrars and suppliers that is not available in the public domain is however available to the IAQG management and oversight function and IAQG OASIS database administrators. This information will be kept confidential and not copied or distributed to anyone unless with written permission of the organisation concerned.

IAQG oversight members, IAQG OASIS database administrators and related workgroup or sub team members are obligated to sign a confidentiality agreement for confidential usage of any type 2 information not available in the public domain.

The above agreement shall not apply if the information is obtained through publication, or otherwise legitimately in the public domain *, or lawfully obtained from a party free to divulge it.

* Note: the public part of OASIS is considered as public domain.