A. Intellectual property
B. Responsible use of company IT
C. Confidentiality and data protection
D. Controllership
The proper protection and use of company resources/assets is the responsibility of each employee. While personal use of certain resources is sometimes permissible, we should never abuse this privilege or assume that we have a right to privacy when using these resources.
6A. Intellectual property
Intellectual property (IP) includes all patents, trademarks, design rights, copyrights or other know-how owned by GS Group. By protecting our IP and the IP rights of others, we ensure that the brands, designs and overall value of our company remain safe.
What does it mean for me?
DO
- Identify and protect GS Group’s IP.
- Ensure that the ownership of new IP is agreed on upfront when working with another company or asking a third party to work on our behalf.
- Respect valid patents, copyrighted materials and the protected IP of others.
- Comply with the guidelines for use of GS Group’s primary trademarks and trade names.
DON’T
- Use or copy the IP rights of others.
- Disclose GS Group proprietary information to others.
- Allow third parties to use our brands or any other IP without consulting your local legal department or group legal.
- Introduce a new product or service, or new product or service name, before checking for patent or trademark infringement.
- Threaten anyone suspected of infringing any GS Group IP without first consulting with the company’s chief compliance officer.
6B. Responsible use of company IT
Company computers are intended for company use and limited personal use, not for work outside the office. GS Group reserves all legal rights to access, review and use all communications, records and information created at work or with company resources, including things such as intranet or Internet activities, email, voicemail and telephone conversations and computer files.
What does it mean for me?
DO
- Use company resources appropriately.
- Protect company assets from misuse, theft, and waste.
- Ensure that hardware such as laptops, phones and other handheld devices are never left in public or unsecured locations.
DON’T
- Provide personal employee information to anyone outside of GS Group without proper authorization.
- Misuse company resources, including telephone, email or Internet access for personal activities.
- Share user IDs or passwords.
- Install any non-GS Group approved or unlicensed software on your computer or download, store or pass on inappropriate material.
- Connect any non-GS Group or unauthorized device to your computer or to the network.
6C. Confidentiality and data protection
GS Group respects the confidentiality of our employees’ personal information – we ensure it is protected and handled responsibly. This means that access to personal records should be limited to company personnel who have authorization and a clear business need for such information. Employees who have access to personal information must treat it confidentially.
What does it mean for me?
DO
- Ensure that data is securely stored and disposed of properly.
- Keep customer and employee information secure and use them only for the purpose for which they were obtained.
- Collect only relevant, accurate and updated customer or staff information.
DON’T
- Release information without ensuring that the person you are providing it to is authorized to receive it and, where necessary, that it has been encrypted in accordance with GS Group policy.
6D. Controllership
Robust controllership processes are needed to allow our management to make well-informed decisions regarding our operations and to ensure integrity in disclosures to government agencies and the public.
What does it mean for me?
DO
- Comply with applicable internal and external accounting principles, standards and regulations affecting accounting and financial reporting.
- Make certain that financial and nonfinancial information and operating metrics are reported accurately.
- Keep complete and factual records reflecting all business transactions, expenditures and expenses.
- Protect company assets (physical, financial and IP) from unauthorized access, use or loss.
- Comply with the company’s delegation of authority with respect to the approval and execution of transactions and documents.
- Cooperate and openly communicate with independent auditors by responding to requests for information in a timely manner. Avoid any action that may fraudulently influence, coerce, manipulate or mislead auditors in their work.
- Safeguard documents that may be relevant to pending or reasonably foreseeable litigation, audits or investigations, as directed by the company’s chief compliance officer.
DON’T
- Provide/produce financial results that lack transparency or do not appear to reflect underlying business performance.
- Provide/produce distorted financial records such as inflated travel expense reports, inaccurate overtime reports or invoices.
- Disclose to individuals outside the company financial information or other information concerning the company’s past or anticipated results of operations unless such information has previously been disclosed in an authorized press release or public report.
- Discourage suggestions to improve processes and controls to protect assets from risk of loss.
- Attempt to bypass internal authorization controls.
- Allow a third party vendor to begin work before an authorized purchase order has been issued.
- Use alternate accounting treatments without specific justification.
- Destroy documents (including e-mail) without determining whether the documents are subject to legal preservation requirements.