Code de conduite Anglais 2023

CODE OF CONDUCT GROUPE ADP

CODE OF CONDUCT GROUPE ADP

PÉRIMÈTRE GROUPE ADP

V2 – 07/2023

V2 – 07/2023

SAFEGUARDING PERSONAL DATA AND INFORMATION (CONTINUED)

BEST PRACTICES  Maintain the highest levels of discretion and confidentiality when dealing with company- related data, whether inside or outside the company.  Assess the confidentiality of the information contained in a given document and record its level on that document.  Ensure that you have a secure computer connection that complies with the company's or group's policies.  Maintain traceability of exchanges of the most sensitive documents.  Store and destroy the documents you deal with based on their confidentiality level (reinforced cupboard, shredder, etc.). Protecting personal data:  As soon as you begin a project, identify the personal data you will be dealing with as part of your work.  Protect the confidentiality of data in a manner commensurate with their sensitivity, including in case of dissemination of such data.  Where required by law, keep a register of data processing to detect risks and implement actions to remedy them.  Purge data from your personal storage media as soon as the data is no longer in use.

BE AWARE

Computers and data protection

 Follow Group guidelines and rules when you work at home or away in a mission. Protecting personal data:  Immediately inform your legal division, or data protection officer or correspondent if you suspect or know of data theft or loss (e.g. on a USB stick), or if data have been altered (e.g. hacking). STRICTLY FORBIDDEN  Disclosing information that is not classified as "public" concerning the activity of Groupe ADP and its subsidiaries, in any form, without legitimate reason and without applying appropriate protective measures.  Disclosing specific information on social media about projects you are working on or have worked on. Protecting personal data:  Communicate personal data to persons who are not among the identified recipients.  Keep personal data beyond the period defined in the register, in particular on a hard disk or other mobile support.  Reuse personal data for purposes other than those originally intended.

SAVING AND BACKUPS

1

2

3 UPDATES

PASSWORDS

Use complex passwords, avoid using the same password in several places, never reveal a password.

Only save your work data on the company’s storage media.

Apply any updates required by the IT department on to your devices as soon as possible.

4 FLASH DRIVES

5 EMAIL

6 DOWNLOADING

Avoid the use of flash drives / USB sticks and never use them to store confidential data (high risk of loss or malware propagation); use the sharing platform by existing company tool for file transfers.

Report all suspect messages to your IT department, and examine all links and attachments before clicking on them.

If in doubt, ask your IT department, to check download links for safety.

8 SEPARATING WORK/ PERSONAL USES Keep your work and personal uses separate, including email, devices, storage, etc.

7 ROAMING

9 MALWARE

Never store work data on your PC; always use the storage options provided by the company; use privacy filters on your computer screen.

Immediately turn off your workstation if it behaves oddly and contact IT support.

26

27