Appendix 15 - Computer and Electronic Devices Policy

Introduction

 Tracklements promotes effective communication and recognises that the misuse of IT can cause reputational and business damage. 

 Whilst the use of electronic equipment and communications can greatly enhance the efficient running of the business, there is extensive scope for misuse and abuse, which can be extremely damaging. This Policy sets out what is acceptable practice and any contravention of the rules is likely to result in a disciplinary action, which could result in dismissal or legal action against you.

 This policy does not form part of the employment contract and does not otherwise have contractual effect and may be amended by Tracklements from time to time in its absolute discretion.  In the event that any employee is found to have breached this policy, Tracklements may take action under the Disciplinary Policy.

You must not remove any documents or other property belonging to Tracklements or its customers unless you have been given prior written permission to do so, or unless the removal is in the ordinary course of your duties.

It is important that you take care of any Company property that is entrusted to you. Any misuse, damage or loss of any equipment may be considered as misconduct or gross misconduct, which could lead to your dismissal.

Tracklements will provide you with all the necessary equipment to enable you to carry out your duties, such as stationery, writing equipment, books, publications, instruments and machines. These remain the property of Tracklements at all times and must not be removed from the office, unless you have the express permission of your manager. You must take all reasonable steps to keep them in good order and prevent them from being lost, stolen or damaged.

Data Protection Laws

 From 25 May 2018, the European Directive and separate national laws was replaced by the General Data Protection Regulation (the “GDPR”) which will increase the level of protection for personal data and significantly increase the level of fines that can be imposed on companies who breach data protection laws. This was subsequently enacted into UK legislation as the “UK GDPR”, following the UK leaving the EU effective from 31 December 2020.

Use Of Equipment, The Internet And Email

  • If the Company provides you with a computer or mobile phone/electronic handheld device, you must not make any changes to the configuration of either the hardware or software. Nor must you do anything that would interfere with the use for which it is intended.

  • We reserve the right to withdraw any or all of the equipment or facilities at our discretion.

  • You must take good care of any equipment in your control and report any faults, loss or damage immediately.

  • You may not use our facilities to further commercial business activities or profit-making ventures not connected with the Company. Not only might this amount to gross misconduct, it may lead to us taking legal action against you, if appropriate.

  • You may make reasonable personal use of internal and external e-mail, the internet, landline phones and mobile phones. Personal use must not interfere with the Company’s business and you must not spend inappropriate amounts of time using them.

  • If you have a Company mobile phone or other equipment, you must immediately report any loss or theft.

  • You must take particular care of equipment such as mobile phones and laptop computers when using them out of the office.

  • Inappropriate use of any facilities is strictly prohibited.

  • The introduction of new software must always be checked by the Company’s IT Department.

Monitoring

We have the right to monitor all communications at all times and may intercept, monitor, read, copy, delete or retrieve any such communications as we reasonably see fit. Examples of when this may be appropriate are to detect unauthorised use of our system; to establish whether the communication has any relevance to business purposes; to maintain network security; to provide evidence of business transactions; to ensure that the Company's business procedures are adhered to; for training or monitoring standards of service, or to access communications when you are on holiday or otherwise unavailable.

Tracklements will have full access to your system at all times and you should be aware that deleted e-mails will remain held on the system for some time and will be accessible from backup if required for investigation of complaints of systems abuse or other matters.

Prohibited Use

The communication, downloading, texting, saving or printing of prohibited or unacceptable materials will not be tolerated and may lead to disciplinary action.  Serious breaches of this restriction will constitute gross misconduct and may lead to summary dismissal.

Examples of prohibited materials are communications that include:

  • Racist, sexist or any other discriminatory language.

  • Offensive, indecent or obscene language or images.

  • Pornography.

  • Untrue or malicious statements.

  • Any material that is in breach of copyright.

  • Any defamatory statements.

  • Anything that the transmission of which may constitute a criminal offence.

  • Information that is harassing, sexually explicit, threatening or illegal such as offensive jokes or cartoons in any form whatsoever.

In the event that you receive any such materials or any other prohibited materials, they should be deleted immediately and must not be further distributed and you must immediately inform your Manager.

Gaining access to another employee's e-mail without consent is a disciplinary matter unless this has previously been authorised by the Company.

Unauthorised access to Company information, whether computerised or manual, may lead to disciplinary action. In the case of computerised information, “hacking” will be considered a dismissible offence.

Viruses and similar problems can bring an entire computer network to a standstill. It is important, therefore, that all employees are aware of the need to act responsibly and minimise the risk of this occurring. To help protect the Company network, you must not download any documents on to a computer belonging to the Company without being confident that it comes from a legitimate source. If in doubt, please ask our IT consultant.

You may not download or use material from the Internet or elsewhere in violation of software licences or the copyright, trademark or patent laws. You may not install or use any software obtained over the Internet without written permission from our I.T. consultant.

Social Networking

The use of computer equipment, phones and other handheld devices for social networking through sites such as Facebook and Twitter is commonplace. You must use them responsibly, and any excessive use or abuse of this policy will constitute a disciplinary offence.

You must not contribute to personal bogs during working hours, or using a computer belonging to the Company.

You must not contribute to any blog which criticises the Company, is derogatory about a colleague, or otherwise brings the Company into disrepute, at any time (this includes during personal time). If you are dissatisfied with some aspect of your employment this should be addressed using the Company’s grievance procedure.

Before posting pictures of colleagues or Company activities you must first get permission from those involved or, in the case of Tracklements, a Director.

Examples of bringing the Company into disrepute include, but not limited to, criticising products or services, posting anything derogatory about customers, clients, Managers or other employees, or making any comments that might dissuade the public from dealing with the Company.

Using a blog to criticise or damage the reputation of the Company may result in disciplinary action and dismissal.

E-Mails

The Data Protection Act 2018 requires that information that is recorded is not excessive, is not kept for longer than necessary and is relevant. Employees, therefore, are required to archive their e-mails appropriately and to delete information that is no longer required. Further details about archiving techniques can be obtained from our I.T. consultant.

Avoid saying anything that could cause offence or embarrassment if it was forwarded to third parties or found its way into the public domain.

In general, personal emails are not to be sent from your work email address. You should not contribute to system congestion by replying all unnecessarily, or use another person’s email address unless specifically authorised to do so.

Security

You must adhere to the following rules regarding security:

  • You are responsible for the security of the equipment used by you and must not allow it to be used by anyone other than in accordance with this policy. This includes locking your terminal or logging off when leaving it unattended or when leaving the office.

  • You should use passwords on all IT equipment. In order to ensure that secure passwords are used and are not re-used across multiple service, you will be assigned a network password by our IT consultant. Should you need to change your password you must tell your Manager or the IT consultant so that we can access your desktop in case of an emergency if you’re away or uncontactable. For access to external services where you are required to choose your own password, always choose passwords which are unique, contain a mixture of capitals, lowercase letters and numbers. Never re-use passwords for multiple sites or services

  • You must keep your passwords confidential. On leaving our employ you must give all your passwords and usernames to your manager.

 

  • Access to the Company’s computers must be password protected. You are required to use your passwords, and not put in place any processes which bypass the requirement for a password.

  • In the case of portable IT equipment (laptops, smart phones etc), you must ensure they are kept secure at all times, and not left unattended in a public place or when not in your regular home (e.g. in a car). 

  • Passwords must be used to secure access to data kept on such equipment. 

  • You are responsible for the security of your e-mail and Internet access and you must not allow any unauthorised person to access those systems.

  • No information should be disclosed about the Company's systems that may make these vulnerable to any third party

  • Unauthorised access to any of the Company's computers or network devices is a breach of this Policy and anyone violating this Policy will be subject to disciplinary action.

  • Confidential information should not be left on display on an unattended workstation.

  • CD’s, memory sticks or other portable storage devices that contain work-related material form part of the intellectual property of the Company.  Because of the portable nature of such material, particular caution should be exercised when using, storing or transporting them, whether within or outside the Company's premises.

  • CD’s, memory sticks or other portable storage devices that contain non-work related material must not be used on any Company or client PC.

  • Viruses often gain entry to systems via e-mail attachments. Whilst we appreciate you have no direct control over attachments, you must be alert to this possibility and take all reasonable precautions. Not only should senders be discouraged from sending attachments that are not work-related, you should never send games which also slow the network down.

  • All files should be stored on the network as these are secured by daily backup routines.

  • Copyright rules do apply to articles on the internet. Hence, care should be taken when using internet information. If there is any doubt whether material can be used, the Head of Marketing should be contacted for specific advice.

  • You should not delete, destroy or modify existing systems, programs or information unless there is an established deletion/procedure in place and you are authorised to do so.

  • You must not download or install software from external sources without the express permission of your manager and only in collaboration with the IT support provider.

  • You must not attach any device or equipment to Company’s system without authorisation from your manager.

  • You should not attempt to gain access to restricted areas of the network.

Software, Games And Licensing

With the exception of those installed as part of the standard desktop environment or those specifically authorised by the Company, no games will be permitted on PCs owned or in use by the Company.

No 'free' software (e.g., shareware, public domain) is to be installed on any PC or other electronic equipment unless specifically authorised by the Company.

You must not make “pirate” copies of any Company owned software as this not only breaks Company rules but is an illegal practice.

Bullying And Harassment

If you feel that you are being harassed or have been harassed or bullied or are offended by material received from a colleague, you should immediately inform your Manager of the situation.

Action To Be Taken In The Case Of Inappropriate Use

If you are found to have used e-mail or the internet in an inappropriate manner, disciplinary action may be taken. This could include summary dismissal, depending on the nature and severity of the offence.