Cielo Costa encourages its employees to use email and the internet at work where this can save time and expense. We do however need to ensure that we we are clear in terms of what is expected in how we use and monitor the use of technology. It is a term of each employee's contract that they comply with these rules, and any serious breach could lead to dismissal. Any employee who is unsure about whether or not something they propose to do might breach this email and internet policy should seek advice from their manager.
Although we encourage the use of email and the internet where appropriate, their use entails some risks. For example, employees must take care not to introduce viruses to the system and must take proper account of the security advice below. Employees must also ensure that they do not send untrue statements about others in emails as we could face legal action for libel and be liable for damages.
These rules are designed to minimise the legal risks to us when our employees use email at work and access the internet. Where something is not specifically covered in this policy, employees should seek advice from their manager.
Technology and the law change regularly and this policy will be updated to account for changes as and when necessary. Employees will be informed when the policy has changed, but it is their responsibility to read the latest version of this document.
Use of email
Contents of emails
Emails that employees intend to send should be checked carefully. The use of email to send or forward messages that are defamatory, obscene or otherwise inappropriate will be treated as misconduct under the appropriate disciplinary procedure. In serious cases, this could be regarded as gross misconduct and lead to summary dismissal.
Equally, if an employee receives an obscene or defamatory email, whether unwittingly or otherwise and from whatever source, they should not forward it to any other address.
Statements to avoid in emails include those criticising our competitors or our staff, those stating that there are quality problems with goods or services of suppliers or customers, and those stating that anyone is incompetent.
Corporate information to be included in emails
Employees should ensure that official corporate information is given on any emails that they send. An example of the email layout is provided below:
Company No. 08611809
Suite 7, Unit 6a, Oakham Enterprise Park, Rutland, Oakham LE15 7TU
Tel (+44) 20 8133 3393
This message is intended for the use of only the person(s) ("intended recipient") to whom it is addressed. It may contain information that is privileged and confidential. Accordingly, any dissemination, distribution, copying or other use of this message or any of its content by any person other than the intended recipient may constitute a breach of civil or criminal law and is strictly prohibited. If you are not the intended recipient, please contact the sender as soon as possible.
Employees should exercise care not to copy emails automatically to all those copied in to the original message to which they are replying. Doing so may result in disclosure of confidential information to the wrong person.
Employees should not attach any files that may contain a virus to emails, as we could be liable to the recipient for loss suffered. Cielo Costa has virus-checking in place but, if in doubt, employees should check with the IT department or the person responsible for IT in the organisation.
Employees should exercise extreme care when receiving emails with attachments from third parties, particularly unidentified third parties, as these may contain viruses.
Personal use of email
Although the email system is primarily for business use, we understand that employees may on occasion need to send or receive personal emails using their work address. When sending personal emails, employees should show the same care as when sending work-related emails.
When and how email will be monitored
We consider the following to be valid reasons for checking an employee's email:
- If the employee is absent for any reason and communications must be checked for the smooth running of the business to continue.
- If we suspect that the employee has been viewing or sending offensive or illegal material, such as material containing racist terminology or nudity (although we understand that it is possible for employees inadvertently to receive such material and they will have the opportunity to explain if this is the case).
- If we suspect that an employee has been using the email system to send and receive an excessive number of personal communications.
- If we suspect that the employee is sending or receiving emails that are detrimental to the organisation.
When monitoring emails, we will, except in exceptional circumstances, confine monitoring to looking at the address and subject heading of the emails. Employees should mark any personal emails as such and encourage those who send them to do the same. Where possible, we will avoid opening emails clearly marked as private or personal.
Use of internet
Sensible internet use
Where employees are allowed access to the internet at work, they are expected to use it sensibly and in such a manner that it does not interfere with the efficient running of the organisation.
Employees may be called upon to justify the amount of time they have spent on the internet or the sites that they have visited.
We do not currently impose any time limitation on work-related internet use. We trust employees not to abuse the latitude given to them, but if this trust is abused we reserve the right to alter the policy in this respect.
Removing internet access
We reserve the right to deny internet access to any employee at work, although in such a case we will endeavor to give reasons for doing so.
Downloading files and software
Employees should download files on to only computers with virus-checking software and should check how long the download will take. If there is any uncertainty as to whether the software is virus-free or whether the time the download will take is reasonable, the relevant manager and / or the organisation’s IT department / support should be consulted.
Personal use of the internet
Although the email system is primarily for business use, we understand that employees may on occasion need to use the internet for personal purposes.
Employees may access the internet at work for personal purposes provided that:
- such use is reasonable and does not impair the employee’s ability to complete their work requirements each day;
- the internet is not used to access offensive or illegal material, such as material containing racist terminology or nudity;
- they do not enter into any contracts or commitments in the name of or on behalf of Cielo Costa; and
- they do not arrange for any goods ordered on the internet to be delivered to Cielo Costa’s address or order them in our name.
Employees should not use the internet for personal purposes before working hours begin or after they end (or during breaks). We have security concerns about staff arriving early and leaving late and it is harder to monitor use of the internet at such times.
When and how internet use will be monitored
We reserve the right to monitor employees' internet usage but will endeavor to inform an affected employee when this is to happen and the reasons for it.
We consider the following to be valid reasons for checking an employee's internet usage:
- If we suspect that the employee has been viewing offensive or illegal material, such as material containing racist terminology or nudity (although we understand that it is possible for employees inadvertently to view such material and they will have the opportunity to explain if this is the case).
- If we suspect that the employee has been spending an excessive amount of time viewing websites that are not work related.
Monitoring will consist of checking the websites that an employee has visited and the duration of such visits.
Use of Mobile Phones
Work mobile telephones
Work mobile telephones are provided at the discretion of the organisation on the basis of business need, and must be returned to the organisation on the last day of your employment.
Work mobile telephones may be used for private calls. All personal calls will be at your expense and you will be sent an itemised bill for your personal calls. The costs of the calls will be deducted from your salary/wages.
The safeguarding of your work mobile telephone is your responsibility. Do not leave it in a visible place such as in an unattended car. Loss of a work mobile telephone should be reported to your manager.
Use during working hours
Mobile telephones may be used for private purposes during working hours, but such use must be kept to a minimum, be reasonable and in no way interfere with your work.
Be considerate in your use of your mobile telephone. Turn it off when its use could be distracting, for example during meetings and training sessions.
Observe any restrictions imposed by other organisations on the use of mobile telephones, including requests to turn them off.
Drivers should concentrate on driving and avoid distractions. Answering and making telephone calls, sending text messages and accessing the internet are all distractions and in certain circumstances could amount to the offence of driving without care and attention or even dangerous driving.
It is a criminal offence to use a hand-held mobile telephone or similar device while driving. Use of hand-held mobile telephones while driving is permitted only in an emergency.
Any mobile telephone that is or must be held at any time while in use is a hand-held telephone. The use of an ear piece does not make a telephone hands free. To be hands free the telephone must be fixed or in a cradle. Two-way radios are not hand-held instruments and are exempt.
All hand-held mobile telephones should be switched off/placed in silent mode and not answered until you reach your destination or have stopped in a safe place.
If the telephone or equipment is hands free you may press buttons to send and receive messages. However, even the use of hands-free telephones can be dangerous. Wherever possible you should wait until the vehicle is stationary and in a safe place before using a hands-free telephone.
The organisation may monitor the use of its mobile telephones. Should this be required a privacy impact assessment will be completed to ensure that monitoring is necessary and proportionate. Monitoring is in the organisation's legitimate interests and is for the purpose of ensuring that workers are using mobile telephones in accordance with this policy.
The information gathered through monitoring will be retained only long enough for any breach of this policy to come to light and for any investigation to be conducted. Data is normally securely destroyed after 3 months following the investigation.
Information obtained through monitoring will not be disclosed to third parties (unless the organisation is under a duty to report matters to a regulatory authority or to a law enforcement agency).
Employees have a number of rights in relation to their data, including the right to make a subject access request and the right to have data rectified or erased in some circumstances. You can find further details of these rights and how to exercise them in the organisation's data protection policy.
If employees believe that the organisation has not complied with their data protection rights, they can complain to the Information Commissioner.
Breach of this policy
Breach of this policy will be treated as misconduct. Whether it is minor or gross misconduct will depend on the circumstances, but you should expect breach of the driving provisions to be gross misconduct.
If you have been issued with a mobile telephone, breach of the policy could result in its being withdrawn.
Monitoring of an employee's email and/or internet use will be conducted in accordance with an impact assessment that we will carry out at the appropriate time to ensure that monitoring is necessary and proportionate. Monitoring is in our legitimate interests and is to ensure that this policy on email and internet use is being complied with.
Monitoring will normally be conducted by a senior manager of Cielo Costa in conjunction with the IT support team, which may be an outsourced organisation.
The information obtained through monitoring may be shared internally, including with members of the HR team or outsourced HR support organisation, an employee's manager, managers in the business area in which the employee works and IT staff (who may be from an outsourced IT support provider) if access to the data is necessary for performance of their roles. However, information would normally be shared in this way only if we have reasonable grounds to believe that there has been a breach of the rules set out in this policy.
The information gathered through monitoring will be retained only long enough for any breach of this policy to come to light and for any investigation to be conducted. Data is normally securely destroyed as outlined in our data retention policy.
Information obtained through monitoring will not be disclosed to third parties (unless Cielo Costa) is under a duty to report matters to a regulatory authority or to a law enforcement agency) or an outsourced service provider is used (IT / HR / Data Protection Officer) and it is necessary for them to be informed of the data.
Workers have a number of rights in relation to their data, including the right to make a subject access request and the right to have data rectified or erased in some circumstances.
You can find further details of these rights and how to exercise them in our data protection policy. If workers believe that we have not complied with their data protection rights, they can complain to the Information Commissioner.
The aim of these rules is to be helpful, and to set guidelines on the use of email and the internet at work for the smooth and efficient running of the business.
If there is anything in these rules that an employee considers to be unworkable or does not understand, they should notify their manager.
Self-employed contractors, agency workers or any other individuals working temporarily in Cielo Costa should be made aware of the rules regarding the use of email and the internet.
New members of staff should be shown this policy as part of their induction.