First and foremost, we are a US corporation and therefore all of our contracts are governed by US laws and provisions.

More specifically, the steps we are taking to ensure the full protection of our customers' Intellectual Property are detailed below.

We understand that Intellectual Property (IP) is among the most valuable assets of each single customer, and provide with all the required steps to insure that the IP is well protected against any wrongdoing or act of negligence.

Corporate non-disclosure agreements

Our Non-Disclosure Agreement (NDA) lay the provisions for protecting each customer’s Intellectual Property. These agreements are signed at the very beginning of the cooperation, before any confidential information starts flowing between the corporations.

NDAs are governed by US laws.

Should you require to use your own NDA, we will gladly accept to sign it in lieu of our own document.

Employee Confidentiality Agreements

Any (i) employee, (ii) contractor, and (iii) employee of a VSI’s partner involved in any given project is required to sign applicable confidentiality contracts along with their employee / contractor agreement when joining our company. These agreements state that they will comply with our own IP Protection regulations.

Statements of good faith

When leaving the company for employees, or upon termination for contractors, we require them to sign a departure form at the end of their last day of employment confirming that they knew of and have obeyed all regulations and obligations, as stated in their contract. These statements of good faith are kept for at least 2 years in the employee/contractor file and can be forwarded to our customers upon request.

Hardware and Software Security

Server administration

• Secure server room with restricted access, proper environmental conditions, and safety regulations for the equipment
• Physical security management of hard copies and data storage media
• UPS and backups
• Server administration (services, ports, patches, and updates)
• Client machine administration (password-protected screensaver, inactive accounts)
• System privilege and right management
• Disaster recovery plan

Data transmission and storage

• Sensitive information transmitted between web client and web server are encrypted
• Secure communication methods used for transmission of sensitive information
• No email transmission of sensitive information
• Sensitive information NEVER stored on non-secure server

Development team

• Special additional policies can be adopted upon request: remove floppy drives and CD copiers from desktop computers
• Prohibit mobile storage media from being taken in or out of designated work environments.

Building security

• Set up of restricted areas upon request

Document management

• Every copy of every confidential document is separately numbered and tracked
• All copies of customer confidential documents are regularly accounted for, and are returned or deleted (with a Certificate of Deletion) according to the Confidential Document Management Flow described below.

Confidential Information Flow

With the exception of the initial corporate NDA signed between the parties, confidential information exchanged between the Parties must be done according to the following rules that can be amended at the start of the cooperation and need then to be accepted in writing by the Parties.

The following flowchart illustrates the process that we follow to handle confidential information.

This process is always tailored to each particular situation. It includes for instance naming a “focal point”, i.e. a person in charge of receiving the confidential information sent by the other party and deciding to whom to distribute it, and the creation of a list of document types (highly sensitive, sensitive, technical, marketing, etc.) and a list of intended recipients for each category.