Company Intentions and Management Responsibilities

Intentions and Objectives
In the course of its business, it is necessary for Guma Smart Cards Technologies (hereafter ONLY GUMA) to record, store, process, transmit, and otherwise handle private information about individuals. GUMA takes these activities seriously and seeks to provide fair, secure and legal systems for the appropriate handling of this private information. All such activities at GUMA are additionally intended to be consistent with both generally accepted privacy ethics and standard business practices.

Management Responsibilities
To this end, management must take reasonable effort to ensure that all private information maintained by GUMA is reasonably accurate, timely, relevant, and complete. Management must also make reasonable efforts to ensure that all private information is used only as intended, and that precautions preventing misuse are both effective and appropriate. Management is additionally responsible for establishing appropriate controls to ensure that private information is disclosed only to those who have a legitimate business need. Management must furthermore establish and maintain sufficient controls to ensure that all GUMA information is free from a significant risk of undetected alteration.

Data Classification Labels
To identify the information in need of special handling, management (specifically information 'owners') must consistently apply a standard data classification label indicating that information is private. For example, this label must appear on computer screens when private information is displayed, and it must also be stamped on hardcopy versions of private information. This label must follow private information no matter what form it takes, no matter what technology is used to handle it, and no matter where the information resides.

Disclosure of Private Information

Revealing Information about Policies and Procedures
As a general rule, information security policies and procedures should be revealed to GUMA workers and selected outsiders (such as auditors) who have a legitimate business need for this information. A notable exception involves private information about individuals. All such individuals have a right to receive an officially approved statement of GUMA policies and procedures regarding the handling of information about them. In addition, GUMA has a duty to disclose the existence of systems containing private information and the ways that this information is used. With the exception of criminal and policy-violation investigation, there must be no system of personnel records within GUMA whose very existence is kept secret from the human subjects described therein.

Handling Private Information Requests
All requests for private information coming from an outsider must be forwarded to the GUMA intellectual property counsel. Similarly, all requests for private information that fall outside normal business procedures and that come from a GUMA insider must be forwarded to the Human Resources Department. These managers will then decide whether the request will be granted.

Appropriate Handling of Private Information

Collect Only Necessary Information
In general, GUMA may collect, process, store, transmit, and disseminate only that private information which is necessary for the proper functioning of its business. For example, GUMA management must not collect information about worker activities during non-work hours unless these activities are highly likely to influence the involved worker's performance, or unless they could adversely affect the reputation of GUMA.

Destruction of Private Information
When private information is no longer needed, it must be destroyed by shredding or other approved destruction methods. Destruction of private information resident on computer disks and other magnetic media must be accomplished with an overwriting process (a simple 'erase' process is not sufficient). To assure the proper destruction of private and/or confidential information, disposal of computers with embedded hard disk drives or other data storage systems must proceed according to procedures issued by the Information Technology Department.

Removal of Private Information
In general, private and/or confidential information should not be removed from GUMA offices. Permission to take such information off-site may be granted by a departmental manager provided the involved worker has request in writing. Signed third party non-disclosure agreements may additionally be required when private information is removed from GUMA offices.

Preventing Inadvertent Disclosure on Screens
The display screens for all microcomputers (PCs), workstations, and dumb terminals used to process sensitive or valuable data - including private information - must be positioned such that they cannot be readily viewed through a window, by persons walking by a hallway, or by persons waiting in reception and related areas.

Preventing Inadvertent Disclosure via Hardcopy
Whenever a worker is handling private information, if a person who is not authorized to view that information enters the immediate area, steps to conceal the information must promptly be taken. If the information is in physical form, the information can be covered with other material. If the information is displayed on a computer screen, the worker can invoke a screen saver or log-off.

Private Information on Computer and communication Systems

Expectation of Privacy
All messages sent over GUMA internal computer and communications systems are the property of GUMA. To properly maintain and manage this property, management reserves the right to examine all information transmitted through these systems. Examination of such information may take place without prior warning to the parties sending or receiving such information. Since GUMA computer and communications systems must be used for business purposes only, workers should have no expectation of privacy associated with the information they store in or end through these systems.

No Blanket Monitoring
In general terms, GUMA does not engage in blanket monitoring of employee communications. It does, however, reserve the right at any time to monitor, access, retrieve, read, and/or disclose worker communication when:

1. a legitimate business need exists that cannot be satisfied by other means,
2. the involved employee is unavailable and timing is critical to a business activity,
3. there is reasonable cause to suspect criminal activity or policy violation, or
4. monitoring is required by law, regulation, or third party agreement.

Examination of Stored Information
At any time or without prior notice, GUMA management reserves the right to examine archived electronic mail, private file directories, hard disk drive files, and other information stored on GUMA information systems. Such examinations are typically performed to assure compliance with internal policies, support the performance of internal investigations, and assist with the management of GUMA information systems.

Manager Involvement in Monitoring whenever a worker's computer or communications user-ID (account) is monitored for investigative or disciplinary purposes, the involved worker's manger must be promptly informed of this activity. All workers monitoring must itself be logged for subsequent management review and possible use in disciplinary or legal actions.

Department Manager Activity Review
GUMA routinely log web sites visited, files downloaded, and related information exchanges over the Internet. Similarly, GUMA records the numbers dialed for telephone calls placed by each worker. Department managers routinely receive reports detailed the usage of these and other internal information systems, and are responsible for determining that such usage is both reasonable and business-related.

Changing Information Resident on Systems
Management reserves the right to delete, summarizes, or edits any information posted to GUMA computers and/or communication systems. These facilities are privately owned business systems, and not public forums, and as such do not provide First Amendment free-speech guarantees.

Routine Usage of Back-Up Systems
To prevent accidental loss, all files and messages stored on GUMA systems are routinely copied to tape, disk, and other storage media. This means that information stored on GUMA information systems - even if a worker has specifically deleted it - is often recoverable and may be examined at a later date by systems administrators and others designated by management.

Encryption of Electronic Mail
Workers should consider electronic mail to be the computerized equivalent of a postcard. Unless material sent by electronic mail is encrypted, workers must refrain from sending credit card numbers, passwords, research and development information, medical histories, computer programming source code, and other private and/or confidential information via electronic mail.

Links Between Separate Types of Private Data
Without advance consent from the manager of the Information Technology Department, GUMA information systems must not be configured to support new links between private information and other types of information related to the same individual. This review process is intended to verify that new links do not inadvertently create an invasion of privacy or a security problem. One widely used approach for establishing such links is called 'database matching'.

Testing With Sanitized Data
Unless written permission is first obtained from the Information Technology Department manager, all software testing for systems designed to handle private data must be accomplished exclusively with 'sanitised' production information. Sanitised information is production information which no longer contains specific details that might be valuable, critical, sensitive, or private.

Activity Monitoring

Physical Security Systems
Workers may be subject to electronic monitoring (closed circuit TV, intercoms, etc.) of their activities while on GUMA premises. This monitoring is used to measure workers performance as well as to protect workers private property, worker safety, and GUMA property. In areas where there is a reasonable expectation of privacy, such as bathrooms, dressing rooms, and locker rooms, no electronic monitoring will be performed.

Handling Personnel Information

Access to Own Personnel File
Upon written request, every worker must be given access to his or her personnel file. Employees must be permitted to both examine and make one copy of the information appearing in their personnel file. If employees object to the accuracy, relevance, or completeness of information appearing in their personnel file, each year they may add a supplementary statement of up to two hundred (200) words.

Disclosure to Third Parties
Disclosure of private information about GUMA workers to third parties must not take place unless required by law or permitted by explicit consent of the worker. GUMA does not disclose the names, titles, phone numbers, locations, or other contact particulars of its workers unless required for business purposes. Exceptions will be made when such a disclosure is required by law or when the involved persons have previously consented to the disclosure. The preserve of the privacy of personnel information, the reason for termination of workers must not be disclosed to third parties. Two permissible exceptions are the prior approval of a GUMA senior manager or if the disclosure is required by law. Separately, every disclosure of private information to third parties must be recorded by the Human Resources Department and these records must be maintained for at least five (5) years.

Summary of Disclosures
If they request it, workers must be provided with a summary of all disclosures of their private information to third parties. In addition, workers must be given sufficient information to allow them to contact such third parties to rectify errors or supply additional explanatory information.

Change of Status Information
Detailed worker change of status information is strictly confidential, and must not be disclosed to anyone except those people who have a bona fide need-to-know. Detailed change of status information includes the reasons for terminations, retirements, resignations, and leaves of absence, leave of absence pending the result of an investigation, inter-departmental transfers, relocations, and changes to consultant/contractor status.

Private Information from Job Seekers

Gathering Unnecessary Information
Private information about a prospective employee may not be gathered unless it is both necessary to make an employment decision and also relevant to the job and question. This policy addresses marital status, family planning objectives, off-hours activities, political affiliations, and performance on previous jobs, previous employers, Crete history, education, and other personal details.