Employee Data and Information Exchange (EDIE) Policy

1. Purpose

The purpose of this policy is to establish guidelines for the collection, use, and exchange of employee data within Netro42 Limited. This policy aims to ensure the confidentiality, integrity, and security of employee information in compliance with applicable data protection laws.

2. Scope

This policy applies to all employees, contractors, and third parties who have access to employee data in any format within the organisation.

3. Data Collection and Use

3.1. Consent: Netro42 will obtain explicit consent from employees before collecting and processing their personal data.

3.2. Data Minimisation: Only relevant and necessary employee data will be collected for legitimate business purposes.

3.3. Purpose Limitation: Employee data will be used only for the purposes specified at the time of collection, unless additional consent is obtained.

4. Data Security

4.1. Access Controls: Access to employee data will be restricted to authorized personnel based on their job responsibilities.

4.2. Data Encryption: Employee data in transit and at rest will be encrypted to prevent unauthorized access.

4.3. Data Retention: Employee data will be retained only for the duration necessary for the intended purpose and in compliance with legal requirements.

5. Data Sharing and Disclosure

5.1. Third-Party Vendors: Any third-party vendors handling employee data on behalf of Netro42 Ltd. will be selected based on their ability to ensure data security and compliance.

5.2. Legal Compliance: Employee data will be disclosed in compliance with applicable data protection laws and regulations.

6. Employee Rights

6.1. Access and Rectification: Employees have the right to access and rectify their personal data held by Netro42.

6.2. Data Portability: Upon request, employees will be provided with a copy of their personal data in a commonly used format.

7. Training and Awareness

All employees will receive training on data protection principles and their responsibilities under this policy.

8. Reporting Data Breaches

Any suspected or actual data breaches must be reported immediately to the Managing Director.

9. Review and Update

This policy will be reviewed regularly and updated as necessary to ensure its effectiveness and compliance with changing laws and business requirements.

10. Enforcement

Violations of this policy may result in disciplinary action, up to and including termination of employment or contract.

Updated:  7 February 2023

AWS Partner logo
Shopify Partner logo
Nominet Member logo
Google Cloud logo

This site uses cookies

By using this website, you agree to the storing of cookies on your device to enhance site navigation, analyse site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

Got it