This Confidentiality Policy (“Policy”) adopted by the Bluetooth SIG board of directors establishes a uniform set of rules that Bluetooth SIG, Inc. and its Members (as defined in Section 1) must follow in connection with the protection, use, and disclosure of non-public information shared in the course of participating in Bluetooth SIG Activities (defined in Section 2). This Policy is intended to replace all policies, statements, and agreements previously adopted, promulgated, or entered into by Bluetooth SIG, Inc. regarding protection, use, and disclosure of confidential or proprietary information between and among Bluetooth SIG, Inc. and its Members in connection with Bluetooth SIG Activities. It is important that each Member read, understand, and comply with this Policy’s requirements with respect to use and disclosure of Confidential Information (as defined in Section 2) to create an environment where Members are able to fully participate in Bluetooth SIG Activities and understand their obligations to Bluetooth SIG, Inc. and other Members.
Updated 10 Sep 2024; Posted 13 Sep 2024
1. Who must comply with this Policy?
This Policy applies to the “SIG” and “Members.” When used in this Policy:
“Member” means a firm, corporation, or other legal entity that has a current membership in Bluetooth SIG, Inc., including the firm, corporation, or other legal entity’s employees and agents.
“SIG” means the corporation “Bluetooth SIG, Inc.”, including its staff and the individual directors of its board of directors when acting in their capacity as directors.
2. What information is governed by this Policy?
This Policy applies to “Member Confidential Information” and “SIG Confidential Information.” When used in this Policy:
“Member Confidential Information” means Member Information that is also Confidential Information.
“SIG Confidential Information” means SIG Information that is also Confidential Information.
“Third Party Confidential Information” means Third Party Information that is also Confidential Information.
“Member Information” means information disclosed by a Member to the SIG or to other Members in the course of participating in SIG Activities regarding the Member’s current or future business, intellectual property, products, technology, or services, including but not limited to financial information, technical and non-technical information, business plans, marketing plans, product plans, road maps, business models, pricing, forecasts, designs, techniques, formulas, strategies, and the identity of customers, business partners, contractors, and suppliers.
“SIG Information” means:
- Information disclosed by the SIG (other than Member Information) to any Member in connection with the Member’s participation in SIG Activities; and
- Information that is disclosed by Members (other than Member Information) in the course of participating in SIG Activities, including but not limited to all work product produced by Members and all feedback and suggestions regarding current and future Bluetooth specifications.
- Information disclosed by a third party to the SIG or its Members in connection with SIG Activities (“Third Party Information”).
“Confidential Information” means non-public information that is marked “Confidential” or, if communicated orally, is: (a) identified as confidential prior to disclosure; and (b) within 30 days after the original date of disclosure, reduced to writing, marked “Confidential,” and delivered to the recipient. Confidential Information does not include any information that:
- At the time of disclosure, is known by the recipient without an obligation of confidentiality;
- At the time of disclosure, is publicly available;
- After disclosure it becomes publicly available without a violation of this Policy;
- Is disclosed to the recipient by a third party that was not under an obligation of confidentiality; or
- Was independently developed by the recipient without the use of any Confidential Information.
“SIG Activities” means (a) in the case of the SIG, activities engaged in by the SIG as permitted by the Bylaws, and (b) in the case of a Member, activities engaged in by that Member in its capacity as a Member, including but not limited to participating in the Bluetooth Qualification Process, reporting errors to the SIG, recommending changes to SIG documents, or participating in activities within committees and working, study, expert, and other groups within the SIG.
3. Does this Policy apply to every disclosure of Confidential Information between the SIG and Members?
No. This Policy does not apply when the SIG engages with a Member and the Member is not acting in its capacity as a SIG Member (such as, for example, when a Member is hired as a consultant or contractor to the SIG or is a vendor of products or services to the SIG).
4. Is there any information that a Member should not share with the SIG or other Members?
Yes. A Member must not share any information with the SIG or other Members if disclosure of information is prohibited by or would otherwise violate applicable laws or the SIG’s Articles of Incorporation, Bylaws, or Policies, including the Bluetooth SIG Inc. General Rules of Antitrust Compliance.
5. What must the SIG do to comply with this Policy?
Except as set forth in the exceptions outlined in Section 9, for a period of 2 years following receipt of Member Confidential Information, the SIG must:
- Only use it in connection with SIG Activities;
- Use the same degree of care that it uses to protect its own Confidential Information to limit disclosure to the SIG and Members, but in no event will the SIG use less than a reasonable degree of care; and
- Not remove any “Confidential” or similar legends.
6. What must a Member do to comply with this Policy?
Except as set forth in the exceptions outlined in Section 9, for a period of 2 years following receipt of SIG Confidential Information or Member Confidential Information of another Member, a Member must:
- Only use it in connection with SIG Activities;
- Use the same degree of care that it uses to protect its own Confidential Information to limit disclosure to the SIG and other Members, but in no event will the Member use less than a reasonable degree of care; and
- Not remove any “Confidential” or similar legends.
7. What happens if I am no longer a Member?
If, for any reason, a Member’s membership is terminated or a Member withdraws from the SIG, this Policy will continue to apply with respect to Confidential Information governed by this Policy that is disclosed and received by that Member prior to the date of withdrawal or termination.
8. Are any disclosures to non-members permitted?
The SIG and Members may disclose Confidential Information when the disclosure is required to comply with applicable laws or an order of a court or government entity that has jurisdiction over the SIG or the Member, as applicable. The SIG and Members also may disclose Confidential Information to Affiliates (defined below), contractors, and legal and financial advisors, who:
- Have a need to know in connection with SIG Activities;
- Are notified of the confidential nature of the information; and
- Are bound to obligations of confidentiality that are at least as protective as this Policy.
When used in this Policy, “Affiliate” means any entity that meets the definition of “Affiliate” under SIG Bylaws.
9. Are there any exceptions to this Policy?
Yes, there are a few situations where the general rules in Sections 4 and 6 of this Policy do not apply.
- Committees and Groups. A Member must limit disclosure of SIG Confidential Information (other than Third Party Confidential Information which is addressed below) and other Member Confidential Information that a Member receives in connection with a committee or group established by the SIG (“Group Information”) to members with Promoter-level or Associate-level status, until the SIG makes the Group Information available to all Members with Adopter-level status (even if the period of time is longer than 2 years). When the SIG makes Group Information available to any Member with Adopter-level status, then (except for draft specifications) the 2-year period of confidentiality set forth in Section 6 will apply from the date the SIG first makes the Group Information available to a Member with Adopter-level status. Group Information includes information shared during meetings as well as using communication tools provided by the SIG to enable group or committee discussions (e.g., email reflectors).
- Third Party Information. A Member may receive Third Party Confidential Information in connection with SIG Activities, such as when a group or committee is authorized by the board to work with an external organization (e.g., another standards development organization). A Member must only use Third Party Confidential Information for the limited purposes for which it is disclosed and must limit disclosure to the group or committee that received the Third Party Confidential Information (“Authorized Group”), even if the information was disclosed to the Member by the SIG and not directly from the third party. A Member must use the same degree of care that it uses to protect its own Confidential Information to limit disclosure to the SIG and the other Members of the Authorized Group, but in no event will the Member use less than a reasonable degree of care. Member will delete all Third Party Confidential Information when it is no longer necessary for the purpose or earlier if requested by the SIG or the third party.
- Draft Specifications. A Member must limit disclosure of a draft specification to the SIG and other Members until final adoption and publication by the SIG (even if final adoption and publication takes longer than 2 years or it is never adopted or published). For clarification, adoption of a prototyping specification is not final adoption of a draft specification. Prior to final adoption, the SIG may make public statements regarding draft specifications and members may make the same statements to non-members; provided that members must not disclose the draft specifications or any information about draft specifications that has not been previously disclosed in a public statement made by the SIG.
- Additional Confidentiality Agreements with the SIG. There may be circumstances when the rules set forth in this Policy are not appropriate for a particular disclosure of Confidential Information that would otherwise fall within the scope of this Policy. The SIG and Members may, after the date of this Policy, enter into separate agreements governing the protection, disclosure, and use of a specific item or category of Confidential Information that would otherwise fall within the scope of this Policy; provided, however, that in order for the agreement to supersede this Policy the agreement must identify this Policy and expressly state that the terms of the agreement are intended to supersede this Policy solely with respect to the specific item or category of Confidential Information identified in the agreement. If this Policy conflicts with any agreement entered into by the SIG and a Member prior to June 3, 2017, then this Policy will govern with respect to the protection, disclosure, and use of all SIG Information and Member Information that is Confidential Information under this Policy.
10. What if there are circumstances where non-public information is shared by the SIG or a Member and it is not within the scope of Confidential Information under this Policy?
There may be circumstances when the SIG or a Member share non-public information that should be governed by this Policy as Confidential Information despite the fact that it is not covered by the definition of Confidential Information (e.g., it is submitted by a Member into a system in a manner where a Member is not able to label it “Confidential”). The SIG and Members may enter into separate agreements that extend the protections regarding use and disclosure of Confidential Information to specific items of Member Confidential Information or SIG Confidential Information.
11. What should a Member do if there is violation of this Policy?
If a Member becomes aware that Confidential Information of the SIG or another Member has been used or disclosed in violation of this Policy, the Member must promptly notify the SIG by email to executivedirector@bluetooth.com of the unauthorized use or disclosure, and must cooperate with the SIG in the SIG’s efforts to prevent further unauthorized use and disclosure.