Terms

Contents

PRIVACY NOTICE (SIMPLE)
EMAIL DISCLAIMER
WEBSITE DISCLAIMER
UNSUBSCRIBE
PRIVACY NOTICE (DETAIL)
COOKIES POLICY
SUBJECT ACCESS REQUEST
DATA PROTECTION POLICY
CYBER SECURITY – INFORMATION SECURITY
CONTACT
ENVIRONMENTAL POLICY

PRIVACY NOTICE (SIMPLE)

This privacy notice discloses our privacy practices. This privacy notice applies solely to information collected by this website. It will notify you of the following:

What personally identifiable information is collected from you through the website, how it is used and with whom it may be shared.
What choices are available to you regarding the use of your data.
The security procedures in place to protect the misuse of your information.
How you can correct any inaccuracies in the information.

INFORMATION COLLECTION, USE, AND SHARING
We are the sole owners of the information collected on this site. We only have access to/collect information that you voluntarily give us via email or other direct contact from you. We will not sell or rent this information to anyone.

We will use your information to respond to you, regarding the reason you contacted us. We will not share your information with any third party outside of our organization, other than as necessary to fulfil your request, e.g. to ship an order.

Unless you ask us not to, we may contact you via email in the future to tell you about specials, new products or services, or changes to this privacy policy.

YOUR ACCESS TO AND CONTROL OVER INFORMATION
You may opt out of any future contacts from us at any time. You can do the following at any time by contacting us via the email address or phone number given on our website:

See what data we have about you, if any.
Change/correct any data we have about you.
Have us delete any data we have about you.
Express any concern you have about our use of your data.

SECURITY
We take precautions to protect your information. When you submit sensitive information via the website, your information is protected both online and offline.

Wherever we collect sensitive information (such as credit card data), that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a lock icon in the address bar and looking for “https” at the beginning of the address of the Web page.

While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment.

GoTop


EMAIL DISCLAIMER

Care : If you have received this email and it was not intended for you, please reply to the sender, and then delete it. Please treat our information in confidence. This communication may contain legal advice which is confidential and/or privileged. It should not be forwarded or copied to anyone else without the prior permission of the sender.

Contract : This email does not form any binding agreement unless it is supported by an official purchase order form.

Content : All information systems may be monitored to ensure that they are operating correctly. Furthermore, the content of emails and other data on these systems may be examined, in exceptional circumstances, for the purpose of investigating or detecting any unauthorised use.

Confidentiality : The confidentiality of this e-mail and your reply cannot be guaranteed. Where we are providing services to the States of Jersey email may be is subject to the provisions of the Freedom of Information (Jersey) Law 2011 [where relevant to States of Jersey] Under this Law we may be required to disclose information we hold, including the contents of this email and any response to it, unless the information is protected from disclosure by an exemption under the Law or any other enactment, including the Data Protection (Jersey) Law 2005.

DISCLAIMER: Internet communications are not secure and therefore we do not accept legal responsibility for the contents of this message. Any views or opinions presented are solely those of the author and do not necessarily represent us unless otherwise specifically stated.

While all reasonable care has been taken to avoid the transmission of viruses, it is the responsibility of the recipient to ensure that the onward transmission, opening or use of this message and any attachments will not adversely affect its systems or data. No responsibility is accepted in this regard and the recipient should carry out such virus and other checks as it considers appropriate.
GoTop


WEBSITE DISCLAIMER

We provide a web site as a service to the public

We are not responsible for, and expressly disclaims all liability for, damages of any kind arising out of use, reference to, or reliance on any information contained within the site. While the information contained within the site is periodically updated, no guarantee is given that the information provided in this Web site is correct, complete, and up-to-date.

Although the Web site may include links providing direct access to other Internet resources, including Web sites, we are not responsible for the accuracy or content of information contained in these sites.

Links to third-party sites do not constitute an endorsement by us of the parties or their products and services. The appearance on the Web site of advertisements and product or service information does not constitute an endorsement by us, and we hve not investigated the claims made by any advertiser. Product information is based solely on material received from suppliers.

Privacy And Confidentiality

Note that if you offer comments to the website, twitter, linked-in, blogs or other internet or social media related to us you should be aware that these tools, forums and sites are not 100% private or secure and we cannot accept responsibility or liability.

GoTop


UNSUBSCRIBE

UNSUBSCRIBE FORM
If you have any queries or concerns regarding policies, terms, disclaimers, or anything else please contact
tim@timhjrogers.com
timhjrogers@gmail.com
timhjrogers@adaptconsultingcompany.com
Mobile 07797762051

GoTop


PRIVACY NOTICE (DETAIL)

This is our Privacy Notice and this sets out the basics. In some cases you may have an additional documents – contract, agreement, terms – with more details specific to you.

Here is a link to the ICO Guidance ..
Guidance on what a Privacy Notices
Transparency and Control
Privacy Notices Checklist

On the left is the ICO Guidance on what a Privacy Notice should contain. On the right is an explanation of what we do against each criteria.

Identity and contact details of the controller and where applicable, the controller’s representative) and the data protection officer

Unless otherwise specified on contract or agreement this relates to TimRogers, for whom the Data Processing Officer (DPO) is TimHJRogers@gmail.com Mob07797762051

Purpose of the processing and the legal basis for the processing

Unless otherwise specified on contract or agreement this is for the provision of TimRogers services – analysis, projects, programmes, change. We need to know information about you to be able to provide services and only use personal-data where there is a legitimate interest in doing so

The legitimate interests of the controller or third party, where applicable

Unless otherwise specified on contract or agreement this for the legitimate interests of TimRogers operation. We need to know information about you to be able to provide services and only use personal-data where there is a legitimate interest in doing so

Categories of personal data

Unless otherwise specified on contract or agreement this comprises contact details for the purpose of correspondance and contract, eg name, email, business, plus content of correspondance.

Any recipient or categories of recipients of the personal data

Unless otherwise specified on contract or agreement no data is shared with any other organisation, except with explicit agreement. Where we work for the States of Jersey we are bound by Freedom of Information FOI, and will act in accordance for States of Jersey Contracts. However we never share data unless there is legislation or regulation or express agreement to do so.

Details of transfers to third country and safeguards

No data is *transgferred* outside the EU, except the use of applications like Microsoft Office, GMail, Hootsuite, GDPR is a key consideration when selecting a service provider and we seek those that demsontrate that they will keep data private, safe and secure by reference to ISO27001, CyberEssentials or other similar standards. If the use of Microsoft Office, GMail, Hootsuite, is a concern for clients we can work on the client site, using client systems, and no data will leave the client site. In such circumstances we will operate under the client data-protection, information security or other relevant standards as an explicit term of the contract.

Retention period or criteria used to determine the retention period

Unless otherwise specified on contract or agreement data is held 1 year and then archived off-line/culled (shredded). Very few of our contracts go beyond 1 year. In such cases the client work is copied from the 2016 folder onto a 2017 folder before the 2016 folder is archived off-line/culled (Secure encrypted off-line media, which is then kept in a locked cabinet)

The existence of each of data subject’s rights

The GDPR provides the following rights for individuals:
The right to be informed;
The right of access;
The right to rectification;
The right to erasure;
The right to restrict processing;
The right to data portability;
The right to object;
Rights in relation to automated decision making and profiling.
More details can be found here https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

The right to withdraw consent at any time, where relevant

Unless otherwise specified on contract or agreement the legal basis and privacy is covered in our Terms and Conditions which note our legitimate interests. However if you have any concerns tell us.

The right to lodge a complaint with a supervisory authority

If you think we got something wrong please tell us. But you can tell the Regulator https://thinkgdpr.org/

The source the personal data originates from and whether it came from publicly accessible sources

Unless otherwise specified on contract or agreement we get data from you via your correspondance or as agreed by contract. Other information we get might be via Linked-In or similar published resources (We sometimes look-up people before we phone them to better anticipate context, issues and subject)

Whether the provision of personal data part of a statutory or contractual requirement or obligation and possible consequences of failing to provide the personal data

Unless otherwise specified on contract or agreement information is only for the purposes of provision of TimRogers services. Where we work for the States of Jersey we are bound by Freedom of Information FOI, and will act in accordance for States of Jersey Contracts. However we never share data unless there is legislation or regulation or express agreement to do so.

The existence of automated decision making, including profiling and information about how decisions are made, the significance and the consequences.

We have no automated decision making or profiling of personal-data.

As noted above in some cases you may have an additional documents – contract, agreement, terms – with more details specific to you.

YOUR RIGHTS
Under the GDPR, individuals will have the right to obtain:
· confirmation that their data is being processed;
· access to their personal data; and
· other supplementary information (A.15 https://gdpr-info.eu/art-15-gdpr/).

  1. the purposes of the processing;
  2. the categories of personal data concerned;
  3. the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
  4. where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
  5. the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
  6. the right to lodge a complaint with a supervisory authority;
  7. where the personal data are not collected from the data subject, any available information as to their source;
  8. the existence of automated decision-making, including profiling, referred to in A.22 https://gdpr-info.eu/art-22-gdpr/ (1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

Here is a great guide about your data rights
Your Rights


GoTop


COOKIES POLICY

We may use cookies on our websites or webpages . By using the Service, you consent to the use of cookies.

Our Cookies Policy explains what cookies are, how we use cookies, how third-parties we may partner with may use cookies on the Service, your choices regarding cookies and further information about cookies.

What Are Cookies

Cookies are small pieces of text sent by your web browser by a website you visit. A cookie file is stored in your web browser and allows the Service or a third-party to recognize you and make your next visit easier and the Service more useful to you. Cookies can be “persistent” or “session” cookies.

How We Use Cookies

When you use and access the Service, we may place a number of cookies files in your web browser. We use cookies for the following purposes: to enable certain functions of the Service, to provide analytics, to store your preferences, to enable advertisements delivery, including behavioral advertising.

We use both session and persistent cookies on the Service and we use different types of cookies to run the Service:

Essential cookies. We may use essential cookies to authenticate users and prevent fraudulent use of user accounts.

Third-party cookies In addition to our own cookies, we may also use various third-parties cookies to report usage statistics of the Service, deliver advertisements on and through the Service, and so on.

What Are Your Choices Regarding Cookies

If you’d like to delete cookies or instruct your web browser to delete or refuse cookies, please visit the help pages of your web browser. Please note, however, that if you delete cookies or refuse to accept them, you might not be able to use all of the features we offer, you may not be able to store your preferences, and some of our pages might not display properly.

You can learn more about cookies and the following third-party websites:

AllAboutCookies: http://www.allaboutcookies.org/
Network Advertising Initiative: http://www.networkadvertising.org/

This website contains links to other sites. Please be aware that we are not responsible for the content or privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of any other site that collects personally identifiable information.
GoTop


SUBJECT ACCESS REQUEST

We recommend that you have a look at our Privacy Notice – or other contract, agreement, terms -, since you may find the details you are looking for are detailed there.

SUBJECT ACCESS REQUEST FORM

GoTop


DATA PROTECTION POLICY

TimRogers needs to collect and use certain types of information in order to carry on our work, which includes but is not limited to Business Analysis – Projects – Processes – Programmes

This personal information must be collected and dealt with appropriately whether is collected on paper, stored in a computer database, or recorded on other material and there are safeguards to ensure this under the Data Protection Legislation

TimRogers follows the key General Data Protection Regulation GDPR principles

1.-Lawfulness, fairness and transparency-Personal data shall be processed lawfully, fairly and in a transparent manner in relation to the data subject
2.-Purpose limitation-Personal data shall be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes
3.-Data minimisation-Personal data shall be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed
4.-Accuracy-Personal data shall be accurate and, where necessary, kept up to date
5.-Storage limitation-Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed
6.-Integrity and confidentiality-Personal data shall be processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures
7.-Accountability-The controller shall be responsible for, and be able to demonstrate compliance with the GDPR

DATA PROTECTION LEGISLATION

For reference please see the following

Key definitions of the Data Protection Act
https://ico.org.uk/for-organisations/guide-to-data-protection/key-definitions/

Guide to the General Data Protection Regulation (GDPR)
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/key-definitions/

Guide to General Data Protection Regulation in Jersey
https://thinkgdpr.org/resources/guidance-notes/

DATA CONTROLLER

TimRogers is the Data Controller under the Data Protection Legislation, which means that it determines what purposes personal information held, will be used for. It is also responsible for notifying the Information Commissioner of the data it holds or is likely to hold, and the general purposes that this data will be used for.

DISCLOSURE

TimRogers may share data with other organisations, but only in-so-far-as it is necessary for us to be able to operate and provide services.

We have a Privacy Notice and this sets out the basics. In some cases there may be additional documents – contract, agreement, terms – with more details specific to the person or service.

The Individual/Service User will be made aware how and with whom their information will be shared. There are circumstances where the law demands TimRogers to disclose data (including sensitive data) without the data subject’s consent.

These include:

1.-Carrying out a legal duty
2.-Protecting vital interests of a Individual/Service User or other person
3.-The Individual/Service User has already made the information public
4.-Conducting any legal proceedings, obtaining legal advice or defending any legal rights
5.-Monitoring for equal opportunities purposes – i.e. race, disability or religion

TimRogers regards the lawful and correct treatment of personal information as very important to successful working, and to maintaining the confidence of those with whom we deal. TimRogers intends to ensure that personal information is treated lawfully and correctly.

To this end, TimRogers will adhere to the Principles of Data Protection, as detailed in the Data Protection Legislation, and following the latest guidance generally available from the ICO website

https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/

Specifically, the Principles require that personal information:

1.-Shall be processed fairly and lawfully and, in particular, shall not be processed unless specific conditions are met,
2.-Shall be obtained only for one or more of the purposes specified in the Act, and shall not be processed in any manner incompatible with that purpose or those purposes,
3.-Shall be adequate, relevant and not excessive in relation to those purpose(s)
4.-Shall be accurate and, where necessary, kept up to date,
5.-Shall not be kept for longer than is necessary
6.-Shall be processed in accordance with the rights of data subjects under the Act,
7.-Shall be kept secure by the Data Controller who takes appropriate technical and other measures to prevent unauthorised or unlawful processing or accidental loss or destruction of, or damage to, personal information,
8.-Shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of Individuals/Service Users in relation to the processing of personal information.

TimRogers will, through appropriate management and strict application of criteria and controls:

1.-Observe fully conditions regarding the fair collection and use of information
2.-Meet its legal obligations to specify the purposes for which information is used
3.-Collect and process appropriate information, and only to the extent that it is needed to fulfil its operational needs or to comply with any legal requirements
4.-Ensure the quality of information used

DATA COLLECTION

TimRogers will ensure that data is collected within the boundaries defined in this policy. This applies to data that is collected in person, or by completing a form, or by mutual agreement (eg contract, terms-and-conditions, etc.)

We have a Privacy Notice and this sets out the basics. In some cases there may be additional documents – contract, agreement, terms – with more details specific to the person or service.

When collecting data, TimRogers will ensure that the Individual/Service User:

1.-Clearly understands why the information is needed
2.-Understands what it will be used for and what the consequences are should the Individual/Service User decide not to give consent to processing
3.-As far as reasonably possible, grants explicit consent, either written or verbal for data to be processed
4.-Is, as far as reasonably practicable, competent enough to give consent and has given so freely without any duress
5.-Has received sufficient information on why their data is needed and how it will be used

DATA RETENTION AND STORAGE

Information and records relating to service users will be stored securely and will only be accessible to authorised personnel.

We operate a records retention policy which sees the deletion, archive, return of documents at the point of their expire and in accordance with the policy and processes outlined in the records retention policy.

Information will be stored for only as long as it is needed or required by statute, legislation or regulation and will be disposed of appropriately. For contracts with the States of Jersey we are bound by Freedom of Information FOI, and will act in accordance for States of Jersey Contracts.

Generally data is held 1 year and then archived off-line/culled (shredded). Very few of our contracts go beyond 1 year. In such cases the client work is copied from the 2016 folder onto a 2017 folder before the 2016 folder is archived off-line/culled (Secure encrypted off-line media, which is then kept in a locked cabinet)

We operate a information security policy systems which complies with Cyber Essentials principles

1.-Secure your Internet connection
2.-Secure your devices and software
3.-Control access to your data and services
4.-Protect from viruses and other malware
5.-Keep your devices and software up to date

It is TimRogers responsibility to ensure all personal and company data is non-recoverable from any computer system previously used within the organisation, which has been passed on/sold to a third party.

DATA ACCESS AND ACCURACY

All Individuals/Service Users have the right to access the information TimRogers holds about them. TimRogers will also take reasonable steps ensure that this information is kept up to date by asking data subjects whether there have been any changes.

In addition, TimRogers will ensure that:
1.-It has a Data Protection Officer with specific responsibility for ensuring compliance with Data Protection
2.-Everyone processing personal information understands that they are contractually responsible for following good data protection practice
3.-Everyone processing personal information is appropriately trained to do so
4.-Everyone processing personal information is appropriately supervised
5.-Anybody wanting to make enquiries about handling personal information knows what to do
6.-It deals promptly and courteously with any enquiries about handling personal information
7.-It describes clearly how it handles personal information
8.-It will regularly review and audit the ways it hold, manage and use personal information
9.-It regularly assesses and evaluates its methods and performance in relation to handling personal information
10.-All staff are aware that a breach of the rules and procedures identified in this policy may lead to disciplinary action being taken against them

DATA TRANSFERS

No data is *transferred* outside the EU, except the use of applications like Microsoft Office, GMail, Hootsuite, GDPR is a key consideration when selecting a service provider and we seek those that confirm that they will keep data private, safe and secure by reference to ISO27001, CyberEssentials or other similar standards.

If the use of Microsoft Office, GMail, Hootsuite, is a concern for clients we can work on the client site, using client systems, and no data will leave the client site. In such circumstances we will operate under the client data-protection, information security or other relevant standards as an explicit term of the contract.

DATA PROTECTION RIGHTS

We will respect Data Protection Rights. Under the GDPR, individuals will have the right to obtain:

• confirmation that their data is being processed;
• access to their personal data; and
• other supplementary information (A.15 https://gdpr-info.eu/art-15-gdpr/)

1.-the purposes of the processing;
2.-the categories of personal data concerned;
3.-the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
4.-where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
5.-the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
6.-the right to lodge a complaint with a supervisory authority;
7.-where the personal data are not collected from the data subject, any available information as to their source;
8.-the existence of automated decision-making, including profiling, referred to in A.22 https://gdpr-info.eu/art-22-gdpr/ (1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

GLOSSARY

Please see

Key definitions of the Data Protection Act

https://ico.org.uk/for-organisations/guide-to-data-protection/key-definitions/

Guide to the General Data Protection Regulation (GDPR)

https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/key-definitions/

GoTop


CYBER SECURITY – INFORMATION SECURITY

POLICY
Our company cyber security policy outlines our guidelines and provisions for preserving the security of our data and technology infrastructure.

The more we rely on technology to collect, store and manage information, the more vulnerable we become to severe security breaches. Human errors, hacker attacks and system malfunctions could cause great financial damage and may jeopardize our company’s reputation.

For this reason, we have implemented a number of security measures. We have also prepared instructions that may help mitigate security risks. We have outlined both provisions in this policy.

SCOPE
This policy applies to all our employees, contractors, volunteers and anyone who has permanent or temporary access to our systems and hardware.

POLICY ELEMENTS
Confidential data
Confidential data is secret and valuable. Common examples are:
1 Unpublished financial information
2 Data of customers/partners/vendors
3 Patents, formulas or new technologies
4 Customer lists (existing and prospective)
All employees are obliged to protect this data. In this policy, we will give our employees instructions on how to avoid security breaches.

PROTECT PERSONAL AND COMPANY DEVICES
When employees use their digital devices to access company emails or accounts, they introduce security risk to our data. We advise our employees to keep both their personal and company-issued computer, tablet and cell phone secure. They can do this if they:
· Keep all devices password protected.
· Choose and upgrade a complete antivirus software.
· Ensure they do not leave their devices exposed or unattended.
· Install security updates of browsers and systems monthly or as soon as updates are available.
· Log into company accounts and systems through secure and private networks only.
We also advise our employees to avoid accessing internal systems and accounts from other people’s devices or lending their own devices to others.
When new hires receive company-issued equipment they will receive instructions for:
· [Disk encryption setup]
· [Password management tool setup]
· [Installation of antivirus/ anti-malware software]
They should follow instructions to protect their devices and refer to our [Security Specialists/ Network Engineers] if they have any questions.

KEEP EMAILS SAFE
Emails often host scams and malicious software (e.g. worms.) To avoid virus infection or data theft, we instruct employees to:
· Avoid opening attachments and clicking on links when the content is not adequately explained (e.g. “watch this video, it’s amazing.”)
· Be suspicious of clickbait titles (e.g. offering prizes, advice.)
· Check email and names of people they received a message from to ensure they are legitimate.
· Look for inconsistencies or give-aways (e.g. grammar mistakes, capital letters, excessive number of exclamation marks.)
If an employee isn’t sure that an email they received is safe, they can refer to our [IT Specialist.]

MANAGE PASSWORDS PROPERLY
Password leaks are dangerous since they can compromise our entire infrastructure. Not only should passwords be secure so they won’t be easily hacked, but they should also remain secret. For this reason, we advice our employees to:
· Choose passwords with at least eight characters (including capital and lower-case letters, numbers and symbols) and avoid information that can be easily guessed (e.g. birthdays.)
· Remember passwords instead of writing them down. If employees need to write their passwords, they are obliged to keep the paper or digital document confidential and destroy it when their work is done.
· Exchange credentials only when absolutely necessary. When exchanging them in-person isn’t possible, employees should prefer the phone instead of email, and only if they personally recognize the person they are talking to.
· Change their passwords every two months.
Remembering a large number of passwords can be daunting. We will purchase the services of a password management tool which generates and stores passwords. Employees are obliged to create a secure password for the tool itself, following the abovementioned advice.

TRANSFER DATA SECURELY
Transferring data introduces security risk. Employees must:
· Avoid transferring sensitive data (e.g. customer information, employee records) to other devices or accounts unless absolutely necessary. When mass transfer of such data is needed, we request employees to ask our [Security Specialists] for help.
· Share confidential data over the company network/ system and not over public Wi-Fi or private connection.
· Ensure that the recipients of the data are properly authorized people or organizations and have adequate security policies.
· Report scams, privacy breaches and hacking attempts
Our [IT Specialists/ Network Engineers] need to know about scams, breaches and malware so they can better protect our infrastructure. For this reason, we advise our employees to report perceived attacks, suspicious emails or phishing attempts as soon as possible to our specialists. Our [IT Specialists/ Network Engineers] must investigate promptly, resolve the issue and send a companywide alert when necessary.
Our Security Specialists are responsible for advising employees on how to detect scam emails. We encourage our employees to reach out to them with any questions or concerns.

ADDITIONAL MEASURES
To reduce the likelihood of security breaches, we also instruct our employees to:
· Turn off their screens and lock their devices when leaving their desks.
· Report stolen or damaged equipment as soon as possible to [HR/ IT Department].
· Change all account passwords at once when a device is stolen.
· Report a perceived threat or possible security weakness in company systems.
· Refrain from downloading suspicious, unauthorized or illegal software on their company equipment.
· Avoid accessing suspicious websites.
We also expect our employees to comply with our social media and internet usage policy.
Our [Security Specialists/ Network Administrators] should:
· Install firewalls, anti malware software and access authentication systems.
· Arrange for security training to all employees.
· Inform employees regularly about new scam emails or viruses and ways to combat them.
· Investigate security breaches thoroughly.
· Follow this policies provisions as other employees do.
Our company will have all physical and digital shields to protect information.

REMOTE EMPLOYEES
Remote employees must follow this policy’s instructions too. Since they will be accessing our company’s accounts and systems from a distance, they are obliged to follow all data encryption, protection standards and settings, and ensure their private network is secure.
We encourage them to seek advice from our [Security Specialists/ IT Administrators.]

DISCIPLINARY ACTION
We expect all our employees to always follow this policy and those who cause security breaches may face disciplinary action:

First-time, unintentional, small-scale security breach: We may issue a verbal warning and train the employee on security.
Intentional, repeated or large scale breaches (which cause severe financial or other damage): We will invoke more severe disciplinary action up to and including termination.
We will examine each incident on a case-by-case basis.
Additionally, employees who are observed to disregard our security instructions will face progressive discipline, even if their behavior hasn’t resulted in a security breach.

TAKE SECURITY SERIOUSLY
Everyone, from our customers and partners to our employees and contractors, should feel that their data is safe. The only way to gain their trust is to proactively protect our systems and databases. We can all contribute to this by being vigilant and keeping cyber security top of mind.

GoTop


CONTACT

If you have any queries or concerns regarding policies, terms, disclaimers, or anything else please contact
tim@timhjrogers.com
timhjrogers@gmail.com
timhjrogers@adaptconsultingcompany.com
Mobile 07797762051
GoTop


ENVIRONMENTAL POLICY

Does your organisation have ISO14001 accreditation?NO
Does your organisation have an environmental management policy?YES
Is your organisation registered with the ECO-ACTIVE Business? YES

We are committed to best practice Environmental Management in the Workplace
Key factors
We not have any employees
Tim Rogers is the appointed Environmental Management Officer and has up-to-date information from the eco-active mailing list
We seek to reduce our costs and improve the environment as much as possible by
1.       Minimising what we print
2.       Minimising car travel
3.       Using energy efficient lighting
4.       Conducting as much of our business electronically as possible
5.       Recycling as much as possible

GoTop


(C)OPYRIGHT TIMHJROGERS ALL RIGHTS RESERVED 22/02/2018