Last updated: January 01, 2023
The purpose of this Security Policy is to safeguard information belonging to CAMEA within a secure environment.
This Policy informs CAMEA staff and other individuals entitled to use CAMEA facilities, of the principles governing the holding, use and disposal of information.
Information will be protected against unauthorised access or misuse.
Confidentiality of information will be secured.
Integrity of information will be maintained.
Availability of information / information systems is maintained for service delivery.
Business continuity planning processes will be maintained.
Regulatory, contractual and legal requirements will be complied with.
Physical, logical, environmental and communications security will be maintained.
Infringement of this Policy may result in disciplinary action or criminal prosecution.
When information is no longer of use, it is disposed of in a suitable manner.
Electronic information systems (software, computers, and peripherals) owned by CAMEA whether deployed or accessed on or off site.
CAMEA computer network used either directly or indirectly.
Hardware, software and data owned by CAMEA.
Paper-based materials.
Electronic recording devices (video, audio, CCTV systems).
CAMEA requires all users to exercise a duty of care in relation to the operation and use of its information systems.
Authorised users of information systems with the exception of information published for public consumption, all users of CAMEA information systems must be formally authorised by appointment as a member of staff or contractor.
Authorised users will pay due care and attention to protect CAMEA information in their personal possession. Confidential, personal or private information must not be copied or transported without consideration of:
Permission of the information owner.
The risks associated with loss or falling into the wrong hands.
How the information will be secured during transport and at its destination.
Acceptable use of information systems use of CAMEA information systems by authorised users will be lawful, honest and decent and shall have regard to the rights and sensitivities of other people.
CAMEA Information System Directors who are responsible for information systems are required to ensure that:
Systems are adequately protected from unauthorised access.
Systems are secured against theft and damage to a level that is cost-effective.
Adequate steps are taken to ensure the availability of the information system, commensurate with its importance (Business Continuity).
Electronic data can be recovered in the event of loss of the primary source. I.e. failure or loss of a computer system. It is incumbent on all system owners to backup data and to be able to restore data to a level commensurate with its importance (Disaster Recovery).
Data is maintained with a high degree of accuracy.
Systems are used for their intended purpose and that procedures are in place to rectify discovered or notified misuse.
Any electronic access logs are only retained for a justifiable period to ensure compliance with the data protection, investigatory powers and freedom of information acts.
Any third parties entrusted with CAMEA data understand their responsibilities with respect to maintaining its security.
Authorised users of information systems are not given rights of privacy in relation to their use of CAMEA information systems. Duly authorised officers of CAMEA may access or monitor personal data contained in any CAMEA information system (mailboxes, web access logs, audit logs, file-store etc).
Individuals in breach of this policy are subject to disciplinary procedures at the instigation of the Directors with responsibility for the relevant information system, including referral to the Police where appropriate.
CAMEA will take legal action to ensure that its information systems are not used by unauthorised persons.
This Security Policy may have been translated if We have made them available to You on our Service. You agree that the original English text shall prevail in the case of a dispute.
We may update Our Security Policy from time to time. We will notify You of any changes by posting the new Security Policy on this page.
We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the "Last updated" date at the top of this Security Policy.
You are advised to review this Security Policy periodically for any changes. Changes to this Security Policy are effective when they are posted on this page.
If you have any questions about this Security Policy, You can contact us:
By email: camea@camea.cz
By visiting this page on our website: https://www.cameatechnology.com/contacts