This policy explains your responsibilities when you use computers at work for email, the internet and social media, on Company premises, while working for or representing us, or in your own time.

This policy applies to all employees and anyone else working for us.

If you are an employee, this policy does not form part of your employment contract  and we may update it at any time.

 We may monitor your use of Company IT resources and social media. It’s to make sure you are complying with this policy. Whenever you use our IT resources and systems, you give us your consent to monitor your activities.

If you breach this policy you may face disciplinary action. We may require you to remove any social media content that breaches this policy and may invoke our Disciplinary Policy if you don’t do so. You could also face legal proceedings if comments you post about the Company or named individuals are found to have harmed our or their reputation.

Software installation

  • Employees and contractors may not install software on Kentec’s computing devices operated within the Kentec network.
  • Employees and contractors should not delete, destroy or modify existing systems, programs, information or data (except as authorised in the proper performance of your duties).
  • Software requests must first be approved by the requester’s manager and then be made to the IT department in writing or via email.
  • Software must be selected from an approved software list, maintained by the IT department, unless no selection on the list meets the requester’s need.
  • The IT Department will obtain and track the licenses, test new software for conflict and compatibility, and perform the installation.

Use of email

Emails that you intend to send should be checked carefully. The use of email to send or forward messages that are defamatory, obscene or otherwise inappropriate will be treated as misconduct under the appropriate disciplinary procedure.

Equally, if you receive an obscene or defamatory email, whether unwittingly or otherwise and from whatever source, you should not forward it to any other address.

You should not attach any files that may contain a virus to emails, as the organisation could be liable to the recipient for loss suffered. We have virus-checking in place but, if in doubt, you should check with the IT department.

You should exercise extreme care when receiving emails with attachments from third parties, particularly unidentified third parties, as these may contain viruses.

Internal and external e-mail systems and the internet to which you have access are intended to promote effective communication within the office and with other organisations.  They should therefore be used for that purpose only.

 Personal use of email

Although the email system is primarily for business use, the organisation understands that employees may on occasion need to send or receive personal emails using their work address. When sending personal emails, employees should show the same care as when sending work-related emails.

When and how email will be monitored

The organisation considers the following to be valid reasons for checking an employee’s email:

  • If you are absent for any reason and communications must be checked for the smooth running of the business to continue.
  • If we suspect that you have been viewing or sending offensive or illegal material, such as material containing racist terminology or nudity
  • If we suspect that you have been using the email system to send and receive an excessive number of personal communications.
  • If we suspect that you are sending or receiving emails that are detrimental to the organisation.

When monitoring emails, we will, save in exceptional circumstances, confine itself to looking at the address and subject heading of the emails. You should mark any personal emails as such and encourage those who send them to do the same. Where possible, the organisation will avoid opening emails clearly marked as private or personal.

Use of internet

You are allowed access to the internet at work, you are expected to use it sensibly and in such a manner that it does not interfere with the efficient running of the organisation.

We reserve the right to deny internet access to any employee at work, although in such a case it will endeavour to give reasons for doing so.

Personal use of the internet

Although the email system is primarily for business use, the organisation understands that employees may on occasion need to use the internet for personal purposes. You may access the internet at work for personal purposes provided that:

  • such use is limited to unpaid breaks only;
  • the internet is not used to access offensive or illegal material, such as material containing racist terminology or nudity;
  • they do not enter into any contracts or commitments in the name of or on behalf of the organisation; and

When and how internet use will be monitored

We reserve the right to monitor your internet usage, but will endeavour to inform you when this is to happen and the reasons for it. We consider the following to be valid reasons for checking an employee’s internet usage:

  • If we suspect that you have been viewing offensive or illegal material, such as material containing racist terminology or nudity
  • If we suspect that you have been spending an excessive amount of time viewing websites that are not work related.

Monitoring will consist of checking the websites that you have visited and the duration of such visits.

Data protection

Monitoring your email and/or internet use will be conducted in accordance with an impact assessment that we have carried out to ensure that monitoring is necessary and proportionate. Monitoring is in our legitimate interests and is to ensure that this policy on email and internet use is being complied with.

Monitoring will normally be conducted by our IT team. The information obtained through monitoring may be shared internally, including with members of the HR team, your line manager, managers in the business area in which you work and IT staff if access to the data is necessary for performance of their roles. However, information would normally be shared in this way only if we have reasonable grounds to believe that there has been a breach of the rules set out in this policy.

The information gathered through monitoring will be retained only long enough for any breach of this policy to come to light and for any investigation to be conducted. Data is normally securely destroyed after three months.

Information obtained through monitoring will not be disclosed to third parties (unless the organisation is under a duty to report matters to a regulatory authority or for legal purposes).

You have a number of rights in relation to their data, including the right to make a subject access request and the right to have data rectified or erased in some circumstances. You can find further details of these rights and how to exercise them our GDPR policy.


If you are given access to the e ‑ mail system you are responsible for the security of your terminal and you must not allow the terminal to be used by an unauthorised person.

  • You should therefore keep your personal password confidential.
  • When changing your password, you should select one, which does not use personal data.
  • When leaving your terminal unattended or on leaving the office you should ensure you log off the system to prevent unauthorised users using your terminal in your absence.
  • You should also note that it is illegal to make copies of the software, which you use in the course of your duties.
  • Software issued by the company for your use is licensed to the company and is protected by copyright law. You must not make copies of software or distribute software that has been copied.
  • You must not use any software on your computer other than that provided by the company and which you have been authorised to use by your Manager.
  • Misuse of the e-mail system or internet access in breach of this policy statement will be considered to be misconduct and will be dealt with within the framework of the company’s disciplinary procedure.
  • If, in the proper performance of your duties, you need to transfer data from a portable memory device, (disc or memory stick), you must first ensure that the device is virus checked by the company. This rule also applies to any type of portable memory device.
  • If you have to send a portable memory device, (disc or memory stick) to a third party in order to perform your duties, it must be labelled with a disclaimer for virus protection purposes.
  • You must not perform any function with the aim of obtaining unauthorised access to any program or data.

Social Media

What is social media?

Social media is always developing.  It includes websites and applications that allow users to create and share content and/or take part in online networking. The most popular sites include the following (but this policy covers all social media, not just those listed below):

  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Instagram
  • Snapchat
  • Whatsapp
  • TikTok
  • Pinterest
  • Flickr
  • Tumblr
  • Reddit

This policy also covers personal blogs, any posts you might make on other people’s blogs, any podcasts you create or contribute to, and all online forums and noticeboards.

Using social media at work

You must not use Company IT resources to access social media unless you need to do so as part of your job, or unless you are on your break. You also must not use your own IT equipment — your personal phone, for example — to access social media during working hours unless you are on a break or need to do so as part of your job.

You must not post personal content on any Company social media account you are authorised to use, or any account you set up for the purpose of helping you fulfil your employment duties. These accounts belong to us, and your access will be stopped if you abuse this policy in any way. If you leave the Company your access will also be stopped and we will ask for your user names and passwords. We may also ask for them at any other time and in either case you must supply them straightaway.

Your responsibilities when using social media

Always identify yourself, and if the context makes it desirable, make it clear your opinions are your own and you are not speaking on the Company’s behalf. You might consider doing this in a disclaimer. Use a personal email address, not your Company email address, and do not create a social media account that could be mistaken for a corporate account we have set up, or could set up.

It is your duty to protect the Company’s interests and you must not publish anything that could directly or indirectly damage these or compromise our reputation. You must never speak on the Company’s behalf on social media unless authorised to do so and you must always make sure anything you do post is accurate, appropriate and lawful. Always get your colleagues’ permission before posting images of them or any of their personal details.

You must take personal responsibility for your social media content. If you can be identified as working for the Company, you must make sure your profiles, and anything you post, fit with how we expect you to present yourself to customers, business associates and colleagues. Be mindful that even if you do not name us as your employer, people who know you and where you work may still make an association with the Company. If you are in any doubt about what is and is not acceptable, please talk to your manager.

You must always show respect to others when using social media. You must never criticise the Company, our clients, suppliers, business associates, your colleagues or anybody else you come into contact with professionally. Our other policies — in particular our Harassment and Bullying Policy and Equal Opportunities Policy — give guidance on the type of behaviour we consider unacceptable in the workplace, and we expect you to maintain the same high standards when using social media. Specifically, we will not tolerate any of the following:

  • Abusive or threatening language or images;
  • Sexually explicit language or images;
  • Unlawful or disrespectful comments;
  • Trolling (starting or pursuing arguments in an online community with the intention of disrupting normal discussions within that community);
  • False or misleading statements;
  • Impersonating your colleagues or third parties; or
  • Inciting somebody to commit a crime.

If another Company employee is using social media to bully, harass or victimise you, you must follow the process in our Harassment and Bullying Policy.

You must respect Company confidentiality at all times and not use social media to comment on sensitive business matters, including — but not restricted to — the following:

  • Our intellectual property;
  • Our trade secrets;
  • Our current or future trading performance;
  • Any information intended for internal use only;
  • Anything to do with our customers, clients or suppliers; or
  • Anything else that is not already in the public domain.

You must never use our logo, trademark, or other corporate artwork in anything you post or as part of any of your social media profiles.

Always be aware of the public nature of social media. Even content posted on a restricted forum can quickly be shared across other social media, and you must assume that anything you publish anywhere will sooner or later reach the public domain. When you share content posted by others, remember that you may be seen as giving tacit approval to opinions that could bring the Company into disrepute.

You must never air on social media grievances about the Company or any of our activities. You should use our internal process if you want to make a complaint, raising it first with your manager. If the issue remains unresolved, you must then follow our Grievance Policy. You may also want to consider our Whistleblowing Policy.

Other social media guidance

Always respect copyright and other intellectual property rights, and always check whether or not a third party’s content is protected before you reuse or re-post it.

You are not allowed to add the details of business contacts you make through work to any of your personal social media accounts.

The contact details of any business contacts you make while working for the Company belong to us and must remain confidential. When you leave the Company, you must give us this data and delete any copies you have, including any you have added to your social media accounts.

You should contact your manager if you find anything posted to a social media site that breaches this policy or otherwise brings the Company into disrepute.

Ready to get started?

Get in touch. We’re here to help.

Contact us