* client company and our company agree to use PGP to
    exchange private PGP encrypted files.
  * client company and our company (generate if necesary,
    and) exchange PGP public keys
  * client company develops their own methods(manual or 
    automated scripts) for encrypting files to send to
    us, *AND* for decrypting files that we send to them.
  * likewise, our company developed our own software based
    on PGP's command line batch API, for encrypting files 
    to send to clients, and for decrypting encrypted files 
    sent to us by clients.