Internal Operations

Code of Conduct — Webility Team

Document ID: WBL-INT-COC-v1.0

Code of Conduct — Webility Team

Document ID: WBL-INT-COC-v1.0 Classification: Internal — All Team Members Effective Date: [DATE] Reviewed By: [Managing Director / HR] Next Review: [DATE + 12 MONTHS]

Purpose: This Code of Conduct defines the professional and ethical standards expected of everyone who works at or with Webility — full-time employees, part-time staff, contractors, and subcontractors. It exists to protect our clients, our colleagues, our reputation, and the trust that is the foundation of every client relationship.

This document does not cover every possible situation. When in doubt, ask: Would I be comfortable if our most important client and our most respected colleague both saw what I am doing right now? If the answer is no — stop and ask before proceeding.

1. Our Core Principles

Webility is built on four principles that inform every decision:

1. Clients first. We exist to help our clients succeed. Their outcomes take priority over our convenience, our preferences, and internal politics.

2. Honesty above all. We tell the truth — to clients, to colleagues, and to ourselves. This includes bad news, risks we see, and mistakes we make.

3. Quality without shortcuts. We do not ship work we are not proud of. We do not cut corners to save time. We do not accept "good enough" when we know it should be better.

4. Respect for each other. We build a workplace where people can do their best work. That means treating colleagues, clients, and partners with respect — always.

2. Professional Standards

2.1 Work Quality

Every deliverable must pass internal review before being submitted to a client. Never send a first draft directly to a client without a colleague review.
Do not submit work you know to have issues and hope the client won't notice. Flag issues proactively, with a plan to resolve them.
If you don't know how to do something, say so immediately. Ask for help or bring in the right expertise. Never fake competence on a deliverable.
Deliverables must be free of placeholder text, broken links, or unresolved issues before client submission.

2.2 Deadlines and Commitments

Never commit to a deadline you cannot meet. If you are unsure, say "I will confirm by [time]" — then confirm.
If a commitment is at risk, notify your PM immediately — do not wait until the deadline has passed.
The PM is responsible for communicating timeline changes to the client. Team members do not make timeline commitments to clients without PM involvement.
Missed internal deadlines affect client timelines. Take them seriously.

2.3 Client Communication

All client-facing written communication (proposals, deliverable submissions, project updates) must be reviewed by the PM or Account Director before sending.
Never promise something to a client that is not in their contract without written pre-approval from the PM or Account Director.
Never tell a client that another team member made a mistake unless the PM or Account Director has authorized this disclosure. Internal issues are handled internally first.
Treat every client interaction as an opportunity to reinforce our professionalism. Your tone, spelling, and response time all communicate our quality.

2.4 Response Times

Channel	Expected Response Time
Client email (received during business hours)	Within [4] business hours (same day)
Client urgent message (WhatsApp/Slack, marked urgent)	Within [2] hours during business hours
Internal team message	Within [2] hours during business hours
PM request for project update	Same business day
Client email (received after business hours)	Next business day opening

If you are unavailable (vacation, sick, emergency), you are responsible for:

Setting an out-of-office response with your return date and an alternative contact
Notifying your PM in advance so coverage can be arranged

3. Confidentiality

3.1 Client Confidentiality

Everything a client shares with us — business data, internal documents, credentials, financial information, strategy, personnel data, source code, or any other non-public information — is strictly confidential.

You must:

Use client information only for the purpose of the project it was shared for
Not discuss client information with anyone outside the project team (including at Webility)
Not use client information for personal benefit
Not share client information with any third party without the client's written consent
Store client credentials exclusively in the designated project vault in our secrets manager — never in email, Slack, documents, or personal storage
Treat client information as confidential even after your work on the project ends, and even after you leave Webility

This obligation does not expire. It survives your relationship with Webility.

3.2 Internal Confidentiality

Webility's pricing, margins, proposal strategies, client lists, financial information, business plans, system architectures, and internal policies are confidential.

Do not share internal Webility information with clients, prospects, competitors, or personal contacts, except as explicitly authorized by the Managing Director.

3.3 Project Personnel Confidentiality

Do not disclose which clients you work with, which projects you are on, or internal project details on social media, professional platforms, or in external conversations — even positive ones — without written approval from the Account Director.

Exception: Publicly approved case studies and portfolio items approved in writing may be referenced as noted in the Approved References list.

4. Credentials and Data Security

4.1 Credential Handling

Never store client credentials in email, Slack, Google Docs, Notion, or any non-encrypted system.
Client credentials must be stored in the designated project vault in [SECRETS MANAGER NAME] immediately upon receipt.
Never share a client's credentials with a colleague who is not on that project team.
Never use client credentials to access systems for purposes unrelated to the project.
Never use a client's credentials to set up personal accounts, subscriptions, or access third-party services beyond the project scope.

4.2 Your Own Credentials

Use a strong, unique password for every work system. Use [COMPANY PASSWORD MANAGER] to generate and store them.
Enable two-factor authentication (2FA) on all work systems that support it.
Never share your Webility account credentials with anyone — including colleagues, contractors, or IT support — unless through a formal credential transfer process.
Your work devices (laptop, phone used for work email) must have a screen lock with a PIN or biometric.
Do not use public Wi-Fi for accessing client systems or internal work systems without a VPN.
Report a compromised or lost credential to the Managing Director immediately.

4.3 Client Data Handling

Access client data only as necessary for the specific project task.
Do not copy client data to personal devices, personal cloud storage, or personal accounts.
If you must work with client data locally, ensure the device is encrypted and secured.
At project close, delete any local copies of client data and confirm credential transfer to the client.
If you suspect a data breach or unauthorized access — yours or a client's — report it to the Managing Director immediately. Do not attempt to investigate or resolve independently.

5. Conflicts of Interest

5.1 Disclosure Requirement

You must disclose any situation where a personal interest could conflict — or appear to conflict — with your obligations to Webility or its clients. When in doubt, disclose.

Examples that require disclosure:

A family member or close friend is employed by a client or a competitor
You have a financial interest in a vendor, tool, or service you are recommending
A former employer or current side client is a Webility prospect or competitor
You are approached by a Webility client to do work outside of the Webility engagement

5.2 Side Work

Working directly for a Webility client outside of a Webility engagement is prohibited unless explicitly permitted in writing by the Managing Director.

5.3 Vendor Recommendations

Never recommend a third-party tool, platform, or service because you receive a personal benefit (affiliate commission, referral fee, personal relationship) unless the benefit is disclosed to your PM and the client.

6. Respectful Workplace

6.1 What We Expect

Webility is a place where everyone — regardless of role, seniority, gender, race, nationality, sexual orientation, age, disability, or religion — should feel safe, respected, and heard.

We do not tolerate:

Harassment of any kind — physical, verbal, written, digital, or sexual
Bullying, intimidation, or deliberate exclusion
Discrimination based on any personal characteristic
Aggressive, threatening, or demeaning communication — to colleagues or clients
Retaliation against someone who raises a concern

6.2 Client Interactions

We expect clients to treat our team professionally. If a client is abusive, threatening, or persistently disrespectful toward a team member, escalate to the Account Director or Managing Director immediately. Work may be suspended under the Acceptable Use Policy.

6.3 Reporting

If you experience or witness conduct that violates this section, report it to the Managing Director or, if the issue involves the Managing Director, to the designated external contact: [EXTERNAL HR CONTACT / EMAIL].

Reports are handled confidentially. Retaliation against anyone who makes a good-faith report is prohibited and grounds for immediate dismissal.

Posting on behalf of Webility's official accounts (LinkedIn, Instagram, X/Twitter, etc.) requires authorization from the Account Director. Only authorized team members may post on official channels.

When you post about work on personal social media:

Do not post confidential project details, client names (without permission), internal business information, or pricing
Do not post negative opinions about clients, prospects, or competitors by name
Do not represent your personal opinions as Webility's positions
Be aware that on professional platforms (especially LinkedIn), people associate your personal posts with Webility

You may reference your role at Webility and approved portfolio work. If you're unsure whether something is appropriate to post, ask your PM before posting.

8. Use of AI Tools

Webility uses AI tools (including Claude, ChatGPT, Copilot, and others) in service delivery. When using AI tools:

Never paste client confidential information, proprietary data, or personal data into AI tools unless the tool is explicitly approved for that data type and you have confirmed it does not train on inputs
Use AI as an accelerator, not a replacement for judgment. Review all AI-generated content before submitting it as your own work.
Disclose AI tool use in project work per the AI Use Policy (WBL-POL-AI-v1.0)
Do not use AI tools to generate content that misrepresents your actual capabilities or experience to clients

9. Intellectual Property

9.1 Work Product

Everything you create in the course of your work at Webility — designs, code, copy, systems, processes, templates, and other materials — is owned by Webility (subject to applicable employment law in your jurisdiction).

9.2 Third-Party IP

Do not incorporate third-party copyrighted material (code, images, fonts, content, design elements) into client deliverables without proper licensing. If you are unsure whether a license is required, ask. Ignorance of licensing requirements is not a defense.

9.3 Pre-Existing Personal IP

If you bring your own pre-existing tools, frameworks, or methodologies to a project, disclose this to your PM before use. It must be documented in the project and cleared with the client if their deliverable will depend on it.

10. Violations and Consequences

Violations of this Code of Conduct are taken seriously. Depending on severity, consequences may include:

Severity	Examples	Response
Minor	Late response, failure to disclose a small conflict	Verbal coaching, documented discussion
Moderate	Repeated minor violations, poor-quality work submitted to client	Written warning, performance improvement plan
Serious	Confidentiality breach, credential mishandling, misconduct toward a colleague	Written warning or suspension
Critical	Fraud, theft, harassment, serious data breach, criminal conduct	Immediate termination and potential legal action

Severity determinations are made by the Managing Director. In cases involving legal claims, external counsel will be engaged.

11. Acknowledgement

All team members must acknowledge this Code of Conduct upon joining Webility and upon any material update.

Team Member:

I confirm that I have read, understood, and agree to comply with this Code of Conduct. I understand that violations may result in disciplinary action up to and including termination.

Name: ___________________________ Signature: ___________________________ Date: ___________________________ Role: ___________________________

Webility — WBL-INT-COC-v1.0 | Code of Conduct Internal document — not for client distribution. Last reviewed: [DATE]. Next review: [DATE + 12 MONTHS].

Back to all policies

Legal Library

Internal Operations

Code of Conduct — Webility Team

Document ID: WBL-INT-COC-v1.0

Code of Conduct — Webility Team

Document ID: WBL-INT-COC-v1.0 Classification: Internal — All Team Members Effective Date: [DATE] Reviewed By: [Managing Director / HR] Next Review: [DATE + 12 MONTHS]

Purpose: This Code of Conduct defines the professional and ethical standards expected of everyone who works at or with Webility — full-time employees, part-time staff, contractors, and subcontractors. It exists to protect our clients, our colleagues, our reputation, and the trust that is the foundation of every client relationship.

This document does not cover every possible situation. When in doubt, ask: Would I be comfortable if our most important client and our most respected colleague both saw what I am doing right now? If the answer is no — stop and ask before proceeding.

1. Our Core Principles

Webility is built on four principles that inform every decision:

1. Clients first. We exist to help our clients succeed. Their outcomes take priority over our convenience, our preferences, and internal politics.

2. Honesty above all. We tell the truth — to clients, to colleagues, and to ourselves. This includes bad news, risks we see, and mistakes we make.

3. Quality without shortcuts. We do not ship work we are not proud of. We do not cut corners to save time. We do not accept "good enough" when we know it should be better.

4. Respect for each other. We build a workplace where people can do their best work. That means treating colleagues, clients, and partners with respect — always.

2. Professional Standards

2.1 Work Quality

Every deliverable must pass internal review before being submitted to a client. Never send a first draft directly to a client without a colleague review.
Do not submit work you know to have issues and hope the client won't notice. Flag issues proactively, with a plan to resolve them.
If you don't know how to do something, say so immediately. Ask for help or bring in the right expertise. Never fake competence on a deliverable.
Deliverables must be free of placeholder text, broken links, or unresolved issues before client submission.

2.2 Deadlines and Commitments

Never commit to a deadline you cannot meet. If you are unsure, say "I will confirm by [time]" — then confirm.
If a commitment is at risk, notify your PM immediately — do not wait until the deadline has passed.
The PM is responsible for communicating timeline changes to the client. Team members do not make timeline commitments to clients without PM involvement.
Missed internal deadlines affect client timelines. Take them seriously.

2.3 Client Communication

All client-facing written communication (proposals, deliverable submissions, project updates) must be reviewed by the PM or Account Director before sending.
Never promise something to a client that is not in their contract without written pre-approval from the PM or Account Director.
Never tell a client that another team member made a mistake unless the PM or Account Director has authorized this disclosure. Internal issues are handled internally first.
Treat every client interaction as an opportunity to reinforce our professionalism. Your tone, spelling, and response time all communicate our quality.

2.4 Response Times

Channel	Expected Response Time
Client email (received during business hours)	Within [4] business hours (same day)
Client urgent message (WhatsApp/Slack, marked urgent)	Within [2] hours during business hours
Internal team message	Within [2] hours during business hours
PM request for project update	Same business day
Client email (received after business hours)	Next business day opening

If you are unavailable (vacation, sick, emergency), you are responsible for:

Setting an out-of-office response with your return date and an alternative contact
Notifying your PM in advance so coverage can be arranged

3. Confidentiality

3.1 Client Confidentiality

You must:

Use client information only for the purpose of the project it was shared for
Not discuss client information with anyone outside the project team (including at Webility)
Not use client information for personal benefit
Not share client information with any third party without the client's written consent
Store client credentials exclusively in the designated project vault in our secrets manager — never in email, Slack, documents, or personal storage
Treat client information as confidential even after your work on the project ends, and even after you leave Webility

This obligation does not expire. It survives your relationship with Webility.

3.2 Internal Confidentiality

Webility's pricing, margins, proposal strategies, client lists, financial information, business plans, system architectures, and internal policies are confidential.

Do not share internal Webility information with clients, prospects, competitors, or personal contacts, except as explicitly authorized by the Managing Director.

3.3 Project Personnel Confidentiality

Exception: Publicly approved case studies and portfolio items approved in writing may be referenced as noted in the Approved References list.

4. Credentials and Data Security

4.1 Credential Handling

Never store client credentials in email, Slack, Google Docs, Notion, or any non-encrypted system.
Client credentials must be stored in the designated project vault in [SECRETS MANAGER NAME] immediately upon receipt.
Never share a client's credentials with a colleague who is not on that project team.
Never use client credentials to access systems for purposes unrelated to the project.
Never use a client's credentials to set up personal accounts, subscriptions, or access third-party services beyond the project scope.

4.2 Your Own Credentials

Use a strong, unique password for every work system. Use [COMPANY PASSWORD MANAGER] to generate and store them.
Enable two-factor authentication (2FA) on all work systems that support it.
Never share your Webility account credentials with anyone — including colleagues, contractors, or IT support — unless through a formal credential transfer process.
Your work devices (laptop, phone used for work email) must have a screen lock with a PIN or biometric.
Do not use public Wi-Fi for accessing client systems or internal work systems without a VPN.
Report a compromised or lost credential to the Managing Director immediately.

4.3 Client Data Handling

Access client data only as necessary for the specific project task.
Do not copy client data to personal devices, personal cloud storage, or personal accounts.
If you must work with client data locally, ensure the device is encrypted and secured.
At project close, delete any local copies of client data and confirm credential transfer to the client.
If you suspect a data breach or unauthorized access — yours or a client's — report it to the Managing Director immediately. Do not attempt to investigate or resolve independently.

5. Conflicts of Interest

5.1 Disclosure Requirement

You must disclose any situation where a personal interest could conflict — or appear to conflict — with your obligations to Webility or its clients. When in doubt, disclose.

Examples that require disclosure:

A family member or close friend is employed by a client or a competitor
You have a financial interest in a vendor, tool, or service you are recommending
A former employer or current side client is a Webility prospect or competitor
You are approached by a Webility client to do work outside of the Webility engagement

5.2 Side Work

Working directly for a Webility client outside of a Webility engagement is prohibited unless explicitly permitted in writing by the Managing Director.

5.3 Vendor Recommendations

6. Respectful Workplace

6.1 What We Expect

Webility is a place where everyone — regardless of role, seniority, gender, race, nationality, sexual orientation, age, disability, or religion — should feel safe, respected, and heard.

We do not tolerate:

Harassment of any kind — physical, verbal, written, digital, or sexual
Bullying, intimidation, or deliberate exclusion
Discrimination based on any personal characteristic
Aggressive, threatening, or demeaning communication — to colleagues or clients
Retaliation against someone who raises a concern

6.2 Client Interactions

6.3 Reporting

Reports are handled confidentially. Retaliation against anyone who makes a good-faith report is prohibited and grounds for immediate dismissal.

Posting on behalf of Webility's official accounts (LinkedIn, Instagram, X/Twitter, etc.) requires authorization from the Account Director. Only authorized team members may post on official channels.

When you post about work on personal social media:

Do not post confidential project details, client names (without permission), internal business information, or pricing
Do not post negative opinions about clients, prospects, or competitors by name
Do not represent your personal opinions as Webility's positions
Be aware that on professional platforms (especially LinkedIn), people associate your personal posts with Webility

You may reference your role at Webility and approved portfolio work. If you're unsure whether something is appropriate to post, ask your PM before posting.

8. Use of AI Tools

Webility uses AI tools (including Claude, ChatGPT, Copilot, and others) in service delivery. When using AI tools:

Never paste client confidential information, proprietary data, or personal data into AI tools unless the tool is explicitly approved for that data type and you have confirmed it does not train on inputs
Use AI as an accelerator, not a replacement for judgment. Review all AI-generated content before submitting it as your own work.
Disclose AI tool use in project work per the AI Use Policy (WBL-POL-AI-v1.0)
Do not use AI tools to generate content that misrepresents your actual capabilities or experience to clients

9. Intellectual Property

9.1 Work Product

9.2 Third-Party IP

9.3 Pre-Existing Personal IP

10. Violations and Consequences

Violations of this Code of Conduct are taken seriously. Depending on severity, consequences may include:

Severity	Examples	Response
Minor	Late response, failure to disclose a small conflict	Verbal coaching, documented discussion
Moderate	Repeated minor violations, poor-quality work submitted to client	Written warning, performance improvement plan
Serious	Confidentiality breach, credential mishandling, misconduct toward a colleague	Written warning or suspension
Critical	Fraud, theft, harassment, serious data breach, criminal conduct	Immediate termination and potential legal action

Severity determinations are made by the Managing Director. In cases involving legal claims, external counsel will be engaged.

11. Acknowledgement

All team members must acknowledge this Code of Conduct upon joining Webility and upon any material update.

Team Member:

I confirm that I have read, understood, and agree to comply with this Code of Conduct. I understand that violations may result in disciplinary action up to and including termination.

Name: ___________________________ Signature: ___________________________ Date: ___________________________ Role: ___________________________

Webility — WBL-INT-COC-v1.0 | Code of Conduct Internal document — not for client distribution. Last reviewed: [DATE]. Next review: [DATE + 12 MONTHS].

Back to all policies

Code of Conduct — Webility Team

Code of Conduct — Webility Team

1. Our Core Principles

2. Professional Standards

2.1 Work Quality

2.2 Deadlines and Commitments

2.3 Client Communication

2.4 Response Times

3. Confidentiality

3.1 Client Confidentiality

3.2 Internal Confidentiality

3.3 Project Personnel Confidentiality

4. Credentials and Data Security

4.1 Credential Handling

4.2 Your Own Credentials

4.3 Client Data Handling

5. Conflicts of Interest

5.1 Disclosure Requirement

5.2 Side Work

5.3 Vendor Recommendations

6. Respectful Workplace

6.1 What We Expect

6.2 Client Interactions

6.3 Reporting

7. Social Media and Public Communication

7.1 Webility Social Media

7.2 Personal Social Media

8. Use of AI Tools

9. Intellectual Property

9.1 Work Product

9.2 Third-Party IP

9.3 Pre-Existing Personal IP

10. Violations and Consequences

11. Acknowledgement

Code of Conduct — Webility Team

Code of Conduct — Webility Team

1. Our Core Principles

2. Professional Standards

2.1 Work Quality

2.2 Deadlines and Commitments

2.3 Client Communication

2.4 Response Times

3. Confidentiality

3.1 Client Confidentiality

3.2 Internal Confidentiality

3.3 Project Personnel Confidentiality

4. Credentials and Data Security

4.1 Credential Handling

4.2 Your Own Credentials

4.3 Client Data Handling

5. Conflicts of Interest

5.1 Disclosure Requirement

5.2 Side Work

5.3 Vendor Recommendations

6. Respectful Workplace

6.1 What We Expect

6.2 Client Interactions

6.3 Reporting

7. Social Media and Public Communication

7.1 Webility Social Media

7.2 Personal Social Media

8. Use of AI Tools

9. Intellectual Property

9.1 Work Product

9.2 Third-Party IP

9.3 Pre-Existing Personal IP

10. Violations and Consequences

11. Acknowledgement