PinPoint Acceptable Usage document

This policy has been issued by WSP UK Ltd (‘the Company’) and compliance with its principles is mandatory for all employees of the Company and authorized third party users accessing the PinPoint system owned by WSP. All references in this document to ‘the Company’ shall be deemed to refer to WSP, its successors in title, and to any subsidiary or other company, corporation or organization which it wholly or partly controls.

The policy applies to all PinPoint users accessing the software via devices owned and/or operated by the Company. It extends to the use of PinPoint software via devices that are not owned by the WSP.

Any actual or suspected breaches of this policy within, or affecting, the Company's systems will be thoroughly investigated in accordance with the Company’s disciplinary procedure and may lead to disciplinary action being taken and/or suspension of access to the Company’s systems and software.

Index
  1. Security
  2. Monitoring
  3. Non-Disclosure Undertaking
  4. Acknowledgement

 

1. Security


The Company has put this policy in place to prevent unauthorised access to data and protect the Company’s Intellectual Property.

All PinPoint users will be given a Username and Password; these are unique and must not be shared with others. No user is permitted to log on to any other user’s account. Failure to comply may lead to disciplinary action being taken.

Passwords must not be written down or kept where others might find them.

Passwords must be complex, difficult to guess and consist of 3 of the 4 items listed below:

  • at least one upper case letter (A - Z)
  • at least one lower case letter (a - z)
  • at least one number (0 - 9)
  • Special Characters: Note: The following characters: ~ ! $ % ^ & * () _ = , . / ; [] " <> {} \ | - are allowed. Spaces, @, ', ?, +, : are not allowed.

Passwords should be changed once every six months. The PinPoint Users will be prompted to change their password two weeks before the expiry. Helpdesk will assist in demonstrating how to do this if you are unsure. Our systems are configured to require password changes every six months. Computers logged on to PinPoint should be locked when left unattended. The user logged in at a computer will be considered responsible for all activity undertaken on the PinPoint software from that device.

 

2. Monitoring

The Company reserves the right to monitor PinPoint usage to investigate unauthorized use of the Company’s software, prevent or detect crime, or ascertain compliance with this policy. All monitoring will be authorized by the PinPoint administrative team. Any information obtained will be kept strictly confidential and will be used only for the purpose for which the monitoring was authorised. The Company maintains the right to restrict access to PinPoint at its discretion.

 

3. Non-Disclosure Undertaking

 

‘Confidential Information’ means the following information in any form which is handled or viewed, or which is otherwise obtained in any way because of use of elevated access rights or system administrator privileges.

  • Any information which is either marked as confidential or is identified as such.
  • Information which is by its very nature is clearly confidential.
  • Personal data (as defined in the GDPR and Data Protection act 2018), and
  • Any information relating to the Company’s customers.

 

Recognise that certain information disclosed to them may be confidential and as such must remain confidential and not disclosed to any 3rd parties without the permission of the Company, or of an authorised agent

The classification of CONFIDENTIAL applies to information that is protected by contractual requirements, internal policies or legislation. Unauthorized disclosure could severely impact WSP, employees, clients or business partners and could result in reputational damage, future revenue loss, contractual penalties or regulatory fines.

The confidentiality obligation will survive indefinitely or until they may receive formal notice from the Company, or its authorised agent thereof, of a release therefrom.

Failure to comply with any of the provisions contained in this policy relating to non-disclosure of confidential information will constitute a disciplinary offence which may lead to dismissal and/or suspension of systems access.

4. Acknowledgement

 

I understand that any personal data collected by WSP will be dealt with in accordance with the General Data Protection Regulation (GDPR) and acknowledge that, as a registered PinPoint user, I have responsibilities under that Regulation as well as under WSP’s or my own organization’s policies More information about WSP’s Privacy Policy and WSP’s Privacy Statement may be found at https://intranet.wspgroup.com/en-GB/UK/GDPR/ I hereby confirm that I have read and understood this user agreement.

Signature:
Name:
Date:
;
Last Updated: 29/10/2020