Proper protection and use of company resources/assets is the responsibility of each employee. While personal use of certain resources is sometimes permissible, we should never abuse this privilege or assume that we have a right to privacy when using these resources.
4A. Intellectual property
Intellectual property (IP) includes all patents, trademarks, design rights, copyrights or other know-how owned by GS Group. By protecting our IP and the IP rights of others, we ensure that the brands, designs and overall value of our Company remain safe.
How to do it right
DO
- Identify and protect GS Group’s IP
- Ensure that the ownership of new IP is agreed on upfront when working with another company or asking a third party to work on our behalf
- Respect valid patents, copyrighted materials and the protected IP of others
- Comply with the guidelines for use of GS Group’s primary trademarks and trade names
- Seek guidance from the Legal Department before addressing any potential intellectual property infringement
DON’T
- Use or copy the IP rights of others
- Disclose GS Group proprietary information to others
- Allow third parties to use our brands or any other IP without consulting your local Legal department or Group Legal
- Introduce a new product or service, or new product or service name, before checking for patent or trademark infringement
4B. Responsible use of company information technology
Company computers are intended for Company use and limited personal use, not for work outside the office. GS Group reserves all legal rights to access, review and use all communications, records and information created at work or with company resources, including things such as intranet or Internet activities, email, voicemail and telephone conversations and computer files.
How to do it right
DO
- Use company resources appropriately
- Protect company assets from misuse, theft and waste
- Ensure that hardware such as laptops, phones and other handheld devices are never left in public or unsecured locations
- Practice good cybersecurity to avoid ransomware, malware, phishing and social engineering, or other forms of cyberattacks that could put our networks, operations and information at risk.
DON’T
- Provide personal employee information to anyone outside of GS Group without proper authorization
- Misuse company resources, including telephone, email or internet access for personal activities. Consult with IT Department for any questions related to IT Acceptable Use Policy
- Share or reveal your account password/passphrase to others or allow your account to be used by others
- Install any non-GS Group approved or unlicensed software on your computer or download, store or pass on inappropriate material
- Connect any non-GS Group or unauthorized devices to your computer or to the network
4C. Confidentiality and Data Protection
GS Group respects the confidentiality of our employees’ personal information – we ensure it is protected and handled responsibly. This means that access to personal records should be limited to company personnel who have authorization and a clear business need for such information. Employees who have access to personal information must treat it confidentially.
How to do it right
DO
- Ensure that data is securely stored and disposed of properly
- Keep customer and employee information secure and use them only for the purpose for which they were obtained.
- Collect only relevant, accurate and updated customer or staff information
DON’T
- Release information without ensuring that the person you are providing it to is authorized to receive it and, where necessary, that it has been encrypted in accordance with GS Group policy
4D. Financial Statements and Records
Gunung Sewu Group requires honest and accurate recording and reporting of information in order to allow our management to make responsible business decisions regarding our operation. Robust controllership processes are also needed to ensure integrity in disclosures to government agencies and the public.
How to do it right
DO
- Reflect all transactions honestly, accurately and in the proper account, department and period
- Comply with applicable internal and external accounting principles, standards and regulations affecting accounting and financial reporting
- Ensure all reports, disclosures and communications to regulators, investors, and the public are full, fair, clear, accurate and timely
- Cooperate and openly communicate with independent auditors by responding to requests for information in a timely manner.
- Avoid any action that may fraudulently influence, coerce, manipulate or mislead auditors in their work
- Safeguard any records and documents that may be relevant to pending or reasonably foreseeable litigation, audits or investigations
DON’T
- Provide and produce financial results that lack transparency, or a distorted financial records such as inflated travel expenses, inaccurate invoices or any statements that appear to deflect underlying business performance
- Disclose to individuals outside the company financial information or other information concerning the company’s past or anticipated results of operations unless such information has previously been disclosed in an authorized press release or public report
- Discourage suggestions to improve processes and controls to protect assets from risk of loss
- Attempt to bypass internal authorization controls
- Allow a third party vendor to begin work before an authorized purchase order has been issued
- Use alternate accounting treatments without specific justification