Confidentiality and Data Handling
How we protect client documents and project information.
Effective date: 6 July 2026. We treat non-public client material as confidential from the first substantive enquiry through delivery and the applicable retention period.
1. Confidential treatment by default
We use non-public project information only to assess the enquiry, prepare a quotation, perform the agreed work, complete quality review, deliver files, administer the project, and meet legal or accounting obligations. We do not publish, sell, or use client documents for unrelated marketing or portfolio purposes without written permission.
2. Need-to-know access
We limit access to personnel and approved service providers who need the information for the agreed project or its secure administration. Access should be proportionate to the task and removed when it is no longer required.
3. Editors, reviewers, and service providers
Where another editor, reviewer, administrator, or technical provider supports a project, we require appropriate confidentiality and data-handling obligations. We remain responsible for selecting suitable providers and limiting the information shared with them.
4. Secure transfer and storage
We use transfer and storage methods appropriate to the sensitivity of the material, the available systems, and the agreed project terms. Clients should not send passwords, identity documents, patient identifiers, financial credentials, or other highly sensitive information unless it is essential and a suitable method has been confirmed.
5. Website sample uploads
Files uploaded through the sample-edit form are stored outside the public WordPress Media Library under an opaque filename and are available through an administrator-only download action. Under our standard website retention setting, the uploaded copy is scheduled for deletion after 30 days. The enquiry record may be retained separately for business administration and legal obligations.
6. Artificial intelligence and automated tools
We do not use confidential client content to train public artificial-intelligence models. We do not submit confidential material to public generative-AI services unless the client has given informed written permission and we have agreed the purpose, provider, data controls, and retention implications. Routine spelling, terminology, security, backup, and productivity tools may process limited information where reasonably necessary and appropriately controlled.
7. Retention, deletion, and backups
We keep working files only for as long as reasonably needed for delivery, clarification, quality control, payment, legal obligations, security, or dispute handling. A client who requires a specific deletion schedule should state it before the project begins. Deletion from active storage may not immediately remove encrypted backup copies, which expire according to the relevant backup cycle.
8. Security incidents
If we become aware of a material incident affecting client information, we will investigate, contain the issue where reasonably possible, preserve relevant records, and notify affected clients or authorities when required by applicable law or contract.
9. Non-disclosure agreements
We can review a client-provided non-disclosure agreement or propose suitable confidentiality wording. An agreement applies only when accepted by authorised representatives. Project-specific terms take precedence over this general page to the extent of any inconsistency.
10. Permitted and required disclosure
Confidentiality does not apply to information that is already public through no breach by us, was lawfully known to us without restriction, is independently developed without using the client material, or must be disclosed by law, court order, or a competent authority. Where legally permitted, we will seek to notify the client before a compelled disclosure.
11. Client responsibilities
The client must have the right to share the material, minimise unnecessary personal data, remove identifiers where practical, disclose any institutional or contractual restrictions, and provide accurate handling instructions before transfer.
12. Questions or special requirements
Send confidentiality questions, deletion requests, or proposed project-specific requirements to pps@ppslanguage.com before transferring sensitive material.
