Page 60 - My Clinic Employee Handbook Draft V.1
P. 60
3.17.6 How does the Company protect data about me if it is transferred out of Europe?
Countries in the European Economic Area (EEA) are required to have a similar standard of protection of personal
data. This is not always the case outside that area. If we are required to transfer data outside the EEA, before
doing so we will take the necessary steps to ensure that there is adequate protection, as required by the GDPR.
3.17.7 How can I find out what personal information the Company holds about me and
change it if inaccurate?
If you want to know what personal information the Company holds about you, you can obtain it by making your
specific request in writing to the nominated Data Protection Officer.
We will confirm your request within 72 hours of receipt and process your request within one-month of receipt.
If the information we hold about you is inaccurate, please let us know and we will make the necessary
amendments and confirm that these have been made.
3.18 ELECTRONIC COMMUNICATIONS POLICY
The Company is committed to the correct and proper use of its electronic communications, email, and internet
services.
The inappropriate use of electronic communications, email or internet could expose the organisation to risks
ranging from virus attacks, theft and disclosure of information, disruption of network systems and services,
litigation and reputational damage to the Company. The purpose of this policy is to define acceptable use of the
Company’s electronic communications, email, internet and intranet services.
This policy is mandatory and by using any of the Company’s electronic communications, email or internet,
employees are agreeing to abide by the terms of this policy.
This policy applies to:
• All electronic communications, email, internet and intranet services provided by the Company;
• All Information Technology (I.T.) resources provided by the Company;
• All user (employees, students, contractors, sub-contractors and authorised third-party commercial
service providers) of the Company’s electronic communications, email and internet facilities;
• All use (both personal and Company business related) of the Company’s electronic communications,
email and internet facilities;
• All connections to (locally or remotely) the Company’s email, internet and intranet facilities;
• All connections made to external networks through the Company’s broadband network.
Acceptable Use:
The acceptable use of the Company’s electronic communications, email and internet and services is based on
the following principles:
• Access to the Company’s email and internet facilities should be regarded as a business requirement and
not an automatic entitlement.
• Users have a responsibility to ensure that they use Company’s email, internet and intranet facilities at
all times in a manner which is lawful, ethical and efficient.
• Users are expected to respect the rights and property of others, including privacy, confidentiality and
intellectual property.
• Users are expected to respect the integrity and security of the Company’s email, internet, and intranet
facilities.
Monitoring:
The Company reserves the right to routinely monitor, log and record any and all use of its electronic
communications, email and internet facilities for the purpose of:
Page 59 of 75
ORC.MYC.DV1
