PL 04 – Rules of Behavior – Acceptable Use Policy

Reviewer: Steve Lance
Date: 9/30/2020

Introduction:

This Acceptable Use Policy (the “AUP”) applies to the networks and systems (and any data, materials or other content accessed, posted, downloaded/uploaded, submitted/received, created, hosted, stored, processed, transmitted, distributed or otherwise used on, in or through any of the foregoing) (collectively, the “RecVue Network”) of RecVue and to any RecVue products and services that provide or include access to the RecVue Network or Internet, including cloud services, or are provided over the RecVue Network, Internet or any wireless data network (collectively, “Services”). “User” shall mean any employee, customer, client or other user of the Services or any entity or person who accesses or uses the RecVue Network.

By accessing or using the RecVue Network or the Services, User agrees to comply with this Acceptable Use Policy and to ensure and remain responsible for its affiliates’ and its and their users’ compliance with this AUP. RecVue reserves the right to change or modify the terms of the AUP at any time, effective when posted on RecVue’s website (or at such other URL(s) as may be designated by RecVue from time to time). Use of the RecVue Network or Services after changes to the AUP are posted shall constitute acceptance of any changed or additional terms.

Employees are required to sign our Employee Acceptable Use Policy.

Prohibited Activities:

General Prohibitions: The RecVue Network and Services shall not be used in any way that is unlawful, harmful to or interferes with use of the Services, RecVue Network or the network of any other provider, interferes with the use or enjoyment of services received by others, infringes intellectual property rights, results in the publication of threatening or offensive material, or constitutes Spam/E- mail/Usenet abuse, a security risk or a violation of privacy, or constitutes unlawful collection, use, processing or transmission of personal data.

Unlawful Activities: The RecVue Network and Services shall not be used in connection with any violation of any applicable local, state, provincial, federal, national or international law, treaty, court order, ordinance, regulation or administrative rule.

Violation of Intellectual Property Rights: The RecVue Network and Services shall not be used to publish, submit/receive upload/download, post, use, copy or otherwise reproduce, transmit, re-transmit, distribute or store any content/material or to engage in any activity that infringes, misappropriates or otherwise violates the intellectual property rights or privacy or publicity rights of RecVue or any individual, group or entity, including but not limited to any rights protected by any copyright, patent, trademark laws, trade secret, trade dress, right of privacy, right of publicity, moral rights or other intellectual property right now known or later recognized by statute, judicial decision or regulation.

Threatening Material or Content: The RecVue Network and Services shall not be used to host, post, transmit, or re-transmit any content or material (or to create a domain name or operate from a domain name), that harasses, or threatens the health or safety of others. RecVue reserves the right to decline to provide or to suspend or terminate access to and use of the RecVue Network and Services if the content or material is determined by RecVue or its suppliers to be obscene, indecent, hateful, malicious, racist, defamatory, fraudulent, libelous, treasonous, excessively violent or promoting the use of violence or otherwise harmful to others.

Inappropriate Interaction with Minors: Customer shall comply with all applicable laws pertaining to the protection of minors. RecVue or its suppliers may report cases of child exploitation to the appropriate authorities, including but not limited to the U.S. National Center for Missing and Exploited Children. For more information about online safety, visit www.ncmec.org.

Child Pornography: The RecVue Network and Services shall not be used to publish, submit/receive, upload/download, post, use, copy or otherwise produce, transmit, distribute or store child pornography. Suspected violations of this prohibition may be reported to RecVue at the RecVue contact address specified below. RecVue or its suppliers may report any discovered violation of this prohibition to the appropriate authorities (including but not limited to the U.S. National Center for Missing and Exploited Children) and take steps to remove child pornography (or otherwise block access to the content determined to contain child pornography) from its servers.

Spam/E-mail/Usenet Abuse: Violation of the U.S. CAN-SPAM Act of 2003, or any other applicable law, rule or regulation regulating e-mail services, constitutes a violation of this AUP. The RecVue Network and Services shall not be used in any way that constitutes Spam/E-mail or Usenet abuse. Examples of Spam/E- mail or Usenet abuse include but are not limited to the following activities:

  • sending multiple unsolicited electronic mail messages or “mail-bombing” to one or more recipient(s);
  • sending unsolicited commercial e-mail, or unsolicited electronic messages directed primarily at the advertising or promotion of products or services;
  • sending unsolicited electronic messages with petitions for signatures or requests for charitable donations, or sending any chain mail related materials;
  • sending bulk electronic messages without identifying, within the message, a reasonable means of opting out from receiving additional messages from the sender;
  • sending electronic messages, files or other transmissions that exceed contracted for capacity or that create the potential for disruption of the RecVue network or of the networks with which RecVue interconnects, by virtue of quantity, size or otherwise;
  • using another site’s mail server to relay mail without the express permission of that site;
  • using another computer, without authorization, to send multiple e-mail messages or to retransmit e-mail messages for the purpose of misleading recipients as to the origin or to conduct any of the activities prohibited by this AUP;
  • using IP addresses that the Customer does not have a right to use;
  • collecting the responses from unsolicited electronic messages;
  • maintaining a site that is advertised via unsolicited electronic messages, regardless of the origin of the unsolicited electronic messages;
  • sending messages that are harassing or malicious, or otherwise could reasonably be predicted to interfere with another party’s quiet enjoyment of the RecVue Network, Services or the Internet (e.g., through language, frequency, size or otherwise);
  • using distribution lists containing addresses that include those who have opted out;
  • sending electronic messages that do not accurately identify the sender, the sender’s return address, the e-mail address of origin, or other information contained in the subject line or header;
  • falsifying packet header, sender, or user information whether in whole or in part to mask the identity of the sender, originator or point of origin;
  • using redirect links in unsolicited commercial e-mail to advertise a website or service;
  • posting a message to more than ten (10) online forums or newsgroups, that could reasonably be expected to generate complaints;
  • intercepting, redirecting or otherwise interfering or attempting to interfere with e-mail intended for third parties;
  • knowingly deleting any author attributions, legal notices or proprietary designations or labels in a file that the user mails or sends;
  • using, distributing, advertising, transmitting, or otherwise making available any software program, product, or service that is designed to violate this AUP or the AUP of any other Internet Service Provider, including, but not limited to, the facilitation of the means to spam.

 

Security Violations:

User is responsible for ensuring and maintaining security of its systems and the machines that connect to and use the RecVue Network or Service(s), including implementation of necessary patches and operating system updates.  The RecVue Network and Services shall not be used to interfere with, gain unauthorized access to, or otherwise violate the security of RecVue’s (or another party’s) server, network, network access, personal computer or control devices, software or data, or other system, or to attempt to do any of the foregoing. Examples of system or network security violations include but are not limited to:

  • unauthorized monitoring, scanning or probing of  network  or  system  or  any  other  action  aimed  at  the  unauthorized interception of data or harvesting of e-mail addresses;
  • hacking, attacking, gaining access to, breaching, circumventing or testing the vulnerability of the user authentication or security of any host, network, server, personal computer, network access and control devices, software or data without express authorization of the owner of the system or network;
  • impersonating others or secretly or deceptively obtaining personal information of third parties (phishing, etc.);
  • using any program, file, script, command or transmission of any message or content of any kind, designed to interfere with a terminal session, the access to or use of the Internet or any other means of communication;
  • distributing or using tools designed to compromise security (including but not limited to SNMP tools), including cracking tools, password guessing programs, packet sniffers or network probing tools (except in the case of authorized legitimate network security operations);
  • uploading or distributing files that contain viruses, spyware, Trojan horses, worms, time bombs, cancel bots, corrupted files, root kits or any other similar software or programs that may damage the operation of another’s computer, network system or other property, or be used to engage in modem or system hi-jacking;
  • engaging in the transmission of pirated software;
  • with respect to dial-up accounts, using any software or device designed to defeat system time-out limits or to allow Customer’s account to stay logged on while Customer is not actively using the RecVue Network or Services or using such account for the purpose of operating a server of any type;
  • using manual or automated means to avoid any use limitations placed on the RecVue Network or Services;
  • providing guidance, information or assistance with respect to causing damage or security breach to the RecVue Network or Services, or to the network or services of any other service provider;
  • failure to take reasonable security precautions to help prevent violation(s) of this AUP.

 

 

Customer Responsibilities:

Customer remains solely and fully responsible for any data, material or other content posted, hosted, stored, downloaded/uploaded, created, accessed, processed, transmitted or distributed using the RecVue using the RecVue Network or Services.  RecVue has no responsibility for any data, material or other content created on or accessible using the RecVue Network or Services, including content provided on third- party websites linked to the RecVue Network or Services. To the extent that the RecVue Network or Services provide any such third-party web-site links, such third-party website links are provided as Internet navigation tools for informational purposes only, and do not constitute in any way an endorsement by RecVue of the content(s) of such sites. Use of such linked sites is at the sole risk of Customer and its users.

Customer shall comply with all applicable laws, rules and regulations relating to the RecVue Network or Services, including but not limited to those governing data protection and privacy and all export and import laws, rules and regulations of the United States and such other governments as are applicable to any products or services that it may receive from RecVue.  Customer shall not directly or indirectly export, re-export, or transship such products or services, or related information, documentation, materials or media in violation of any applicable laws, rules or regulations.

Customer is responsible for taking prompt corrective action(s) to remedy any violation of this AUP and to help prevent similar future violations. Any actual, indirect or attempted violation of this AUP by any affiliate of Customer or by any user of Customer or any of its affiliates (or by any third-party on behalf of Customer or any of its affiliates, or any of its or their users) shall be considered a violation of this AUP by Customer.

Acceptable Use Enforcement and Notice:

User’s failure to observe the guidelines set forth in this AUP may result in RecVue taking actions anywhere from a warning to a suspension or termination of access to and use of the RecVue Network and Services. When feasible, RecVue may provide User with a notice of an AUP violation via e-mail or otherwise allowing the Customer to promptly correct such violation.

RecVue reserves the right, however, to act immediately and without notice to suspend or terminate access to and use of the RecVue Network or affected Services in response to a court order or government notice that certain conduct must be stopped or when RecVue reasonably determines, that the conduct may: (1) expose RecVue or its suppliers to sanctions, prosecution, civil action or any other liability, (2) cause harm to or interfere with the integrity or normal operations of the RecVue Network or Services or networks with which RecVue is interconnected, (3) interfere with another RecVue customer’s use of the RecVue Network, Services or the Internet, (4) violate any applicable law, rule or regulation, or (5) otherwise present an imminent risk of harm to RecVue or its customers or suppliers.

RecVue has no obligation to monitor any communications or any data, materials or other content processed, hosted, stored, transmitted, distributed or accessed using the RecVue Network or Services. However, RecVue may monitor any such communications, data, materials or content as necessary to comply with applicable laws, regulations or other governmental or judicial requests; or to protect the RecVue Network and Services and RecVue’s customers and suppliers.

Questions, Comments, Complaints, Incident Reporting
Any questions, comments, complaints or incident reports (other than claims of copyright or trademark infringement) regarding this AUP or any violation of this AUP or the use or contemplated use of the RecVue Network or Services should be directed to the following address. Where possible, please include details that would assist RecVue in investigating and resolving such complaint (e.g. expanded headers, IP address(s), a copy of the offending transmission, and any log files).

RecVue Corporation (Attention: Legal)
1731 Embarcadero Road, Suite 230
Palo Alto, CA 94303
Tel: +1-212-757-90
E-mail:  vincent.castiglione@recvue.com

Copyright complaints: If you believe that your work has been copied and posted, stored or transmitted using the RecVue Network or Services in a way that constitutes copyright infringement, please submit a notification pursuant to the Digital Millennium Copyright Act (“DMCA”) directed to the designated agent listed above:

Contact Information: Any notification that RecVue sends to its customers relating to this AUP may be sent via e-mail to the e-mail address on file with RecVue, or may be sent in writing to Customer’s address of record. It is Customer’s responsibility to promptly notify RecVue of any change of contact information.

Specific Rules or Behavior for RecVue Employees and Contractors:

While RecVue desires to provide a reasonable level of privacy, users should be aware that the data they create on the corporate systems remains the property of RecVue. Management does not guarantee the confidentiality of information stored on any network or device belonging to RecVue.

Employees are responsible for exercising good judgment regarding the reasonableness of personal use. If there is any uncertainty, employees should consult their supervisor. RecVue requires all employees and contractors to safeguard restricted or sensitive information in electronic and physical form. Personnel are asked to adhere to a clean desk policy to ensure that sensitive information is securely stored, locked away, destroyed or otherwise protected when not in use.

Clean Desk Policy

RecVue’s clean desk policy is an important tool to ensure that all restricted, sensitive and/or confidential materials are removed from an end user’s workspace and locked away when the items are not in use or an employee leaves his/her workstation. RecVue’s clean desk policy is one important strategy to reduce the risk of security breaches in the workplace.  This policy also aims to increase employee’s awareness about protecting sensitive information.

Employees are required to ensure that all sensitive/confidential information in hardcopy or electronic form is secure in their work area throughout and at the end of the day, and when they are expected to be away from their work area for an extended period:

  • Employees are required to secure laptops and mobile devices in a locked drawer, cabinet or office with a locked door at the end of the day, and when they are expected to be away from their work area for an extended period.
  • Computer workstations must be locked when workspace is unoccupied.
  • Computer workstations must be logged off or shut down at the end of the work day.
  • Any restricted or sensitive information must be removed from the desk and locked in a drawer when the desk is unoccupied and at the end of the work day.
  • File cabinets containing restricted or sensitive information must be kept closed and locked when not in use or when not attended.
  • Keys used for access to restricted or sensitive information must not be left at an unattended desk.
  • Passwords or other access credentials may not be left posted on or under a computer, nor may they be left written down in any accessible location.
  • Printouts containing restricted or sensitive information should be immediately removed from the printer.
  • Upon disposal restricted and/or sensitive documents should be shredded or locked up until they can be shredded.
  • Whiteboards containing restricted and/or sensitive information should be erased.
  • Mass storage devices such as CDROM, DVD, USB drives or SD cards are treated as sensitive and must be disposed of after use, secured in a locked drawer, cabinet or office.

Virus Protection

Microsoft Windows-based computers (desktop/laptop) connected to the RecVue data network must run anti-virus software that is configured to scan system memory real-time for viruses and update virus pattern files on a daily basis.  Exceptions must be approved by a Company Executive.

  • Never open any files attached to an email or instant message from an unknown, suspicious or untrustworthy source. Delete these attachments immediately, then “double delete” them by emptying your Trash.
  • Delete spam, chain, and other junk email without forwarding.
  • Never download files from unknown or suspicious sources.
  • Avoid direct disk sharing with read/write access unless there is absolutely a business requirement to do so.
  • Always scan a removable data device from an unknown source for viruses before using it.
  • Back-up critical data and system configurations on a regular basis and store the data in a safe place.
  • Never download freeware, shareware, or other evaluation software from the Internet without express permission of VP Engineering.
  • If a file you receive contains macros that you are unsure about, disable the macros.

Compliance:

RecVue will verify compliance to this policy through various methods, including but not limited to, periodic walk-throughs, business tool reports, internal and external audits, and feedback to the policy owner.

Non-Compliance

An employee found to have violated this policy may be subject to disciplinary action, up to and including termination of employment.

 

Follow Up Items

n/a