Confidentiality is not a feature we offer; it is a requirement built into how we operate. Every member of the QDP team is subject to strict confidentiality obligations as a condition of their engagement. We execute Non-Disclosure Agreements (NDAs) at the outset of every client relationship, and we enforce those agreements through documented protocols and regular operational review.

We do not discuss, share, or reference any client or deal information outside of the specific project team responsible for that engagement. Engagement-level information does not cross team boundaries without explicit client authorization.

Access to client data is strictly limited to team members with a direct project need. We apply the principle of least-privilege access: no individual has access to data beyond what is required to complete their assigned deliverables on a specific engagement.

• Client files are stored in designated, access-controlled project environments
• File sharing occurs only through agreed-upon, secure channels specified at the outset of each engagement
• We do not use personal email, consumer file-sharing services, or unapproved cloud platforms for client data
• All active project files are labeled and tracked to prevent commingling across engagements
• Terminated or completed engagement files are handled according to agreed-upon retention or destruction protocols

Beyond confidentiality, we maintain strict standards for the integrity of the data we handle and produce. In a diligence context, inaccurate outputs can affect transaction pricing, deal structure, and legal representations. Our data integrity practices are designed to eliminate errors, document our work, and give your team full traceability from source to output.

• Source data is logged at intake: file name, version, date received, and provider
• All transformations applied to source data are documented in a structured processing log
• Output figures are tied out to source inputs through formula links or documented cross-references
• We distinguish clearly between received data and any normalization or adjustment assumptions
• Final deliverables include a documentation tab or summary identifying all source files used

We are flexible on file transfer methods and will adopt your firm's preferred secure channel.

• Secure file transfer platforms (SFTP or platform-based portals)
• Encrypted email attachments where required
• Client-managed virtual data rooms (VDRs) for deal-specific file access
• Password-protected deliverable files where requested

We will not accept or transmit client data through unsecured or non-approved channels. If your firm has specific transmission requirements, we will confirm and document compliance at the start of the engagement.

At the conclusion of each engagement, we follow your firm's instructions regarding the retention or destruction of client data.

• Return of all source files to client with confirmation of deletion from QDP systems
• Retention for a defined period in secure, access-controlled storage for follow-on work
• Documented destruction with written confirmation upon request

We do not retain client data for QDP's own purposes, model development, or any purpose beyond direct delivery of contracted services.

We recognize that our clients operate within demanding regulatory and professional standards environments. Our data protection practices are designed to meet those standards in practice, not as a compliance checkbox, but as a reflection of the trust that transaction advisory relationships require. We welcome questions from prospective clients about any aspect of our data handling practices.