Legal, Risk & Compliance
The formal policies that keep TechAbout and its people protected — confidentiality, intellectual property, anti-bribery, whistleblowing, data privacy, and responsible use of AI.
Confidentiality & Non-Disclosure
This policy explains what TechAbout treats as confidential information, how you must handle it, and the obligations that continue even after you leave. It applies to everyone who works with us, and it is public so clients and candidates can see the standard we hold ourselves to.
Purpose
Much of our value lives in information that is not public: our own product plans, our clients' data, and the trust people place in us when they share something private. Protecting that information is both a legal duty and a matter of professional integrity. This policy sets the standard so that we can be trusted with sensitive work, and so no one is left guessing about what they can and cannot share.
Scope / Who This Applies To
This policy applies to all TechAbout employees, contractors, interns, and anyone else given access to our systems or information, whether they work on-site or remotely. It applies to information in any form: documents, code, databases, messages, screenshots, verbal conversations, and anything stored on a device or in the cloud.
The Policy
What counts as confidential information
Treat the following as confidential unless it is already lawfully public or you have clear permission to share it:
- Company information — unreleased product and domain plans, source code, pricing and cost data, business strategy, financials, and internal operations run through our ERPNext/Frappe systems (HR, payroll, ATS, CRM).
- Client information — anything a client entrusts to us: their credentials, analytics, content, customer data, unpublished work, and the fact of the engagement itself where the client expects discretion.
- Employee and candidate information — colleagues' personal data, salaries, health or family details, performance records, and applicant data received through careers@techabout.com.
- Third-party information — data belonging to our vendors, partners, or a client's own customers that reaches us in the course of work.
Your core obligations
- Access and use confidential information only on a need-to-know basis — because your work genuinely requires it, and only for that purpose.
- Do not disclose confidential information to anyone outside TechAbout, or to colleagues who do not need it, without authorisation.
- Never use confidential information for personal benefit — not for a side project, an investment, a favour, or an advantage to yourself or anyone else.
- Handle and share information safely: use approved company systems, share to specific people rather than broad links, and avoid personal email, personal cloud storage, or unmanaged messaging apps for company or client data.
- These obligations continue after your employment ends. Confidentiality does not expire when you walk out the door.
NDAs with clients and vendors
- A signed non-disclosure agreement (NDA) should be in place before we receive sensitive information from a client or vendor, or share ours with them — international clients, in particular, often expect one as standard.
- Read any NDA before you rely on it, and route it through your manager or ethics@techabout.com if terms are unclear. Do not agree to obligations we cannot actually meet.
- An NDA sets specific terms on top of this policy; where it is stricter, the stricter terms apply.
Leaving TechAbout
When you exit, you must return or securely delete all confidential information and any copies, on company and personal devices alike, and confirm you have done so. You may not take client lists, code, designs, or data with you.
If you would not want it seen by the wrong person, treat it as confidential and share it only on a need-to-know basis.
What To Do / How To Report
- Unsure whether something is confidential, or whether you may share it? Ask before you send — check with your manager or ethics@techabout.com.
- Suspect a leak, a lost device, or unauthorised access? Report it immediately to security@techabout.com so we can contain it. Speed matters more than certainty.
This policy covers the duty of confidentiality. For how to protect information in practice — devices, passwords, and safe storage — see the handbook's Data Security, Devices & Passwords. The technical controls and standards we align toward, including ISO/IEC 27001 for international work, are covered separately in the Information Security book.
Consequences
Breaching confidentiality is serious. Depending on the harm, it may lead to disciplinary action up to and including termination, and, where a leak or unauthorised access involves a computer system, potential liability under Pakistan's Prevention of Electronic Crimes Act 2016 or other applicable law. Employees may appeal through the handbook's Disciplinary Appeal Process. The specific legal position in any case is subject to review by qualified local counsel and current law.
Questions? Contact ethics@techabout.com.
Have a compliance question?
When in doubt, ask before you act. Email ethics@techabout.com for anything sensitive.