The purposes of these rules and regulations are to outline the acceptable use of computers, computer systems, computer networks, computer resources and communication devices of HTCG and provide users of the company with basic knowledge and general guidance for proper, fair, efficient, and effective use of these computer resources.
The company recognizes the importance for employees/users, to be able to access its computers, computer systems, computer networks, computer resources and communication devices and telecommunications network. The company demands respect for working on its administrative resources, while using these resources. Computer resources are made available to users to engage in activities relating to the company’s business only.
As per these rule and regulations regarding the use of company’s computers, computer systems, computer networks, computer resources, and communication devices and its telecommunications network, the company, as owner and manager of its computer resources and telecommunications network, is compelled to ensure that their use conforms to the law.
To elaborates various rules and regulations that are in place and adopted by the HTCG for the use of its computer resources and computer systems.
The present rules and regulations state the conditions for utilization of computer resources of the company by employees/users and are intended to:
(a) promote responsible use of computer resources;
(b) safeguard the company’s reputation as a responsible organization;
(c) deter users from abusive or illegal use of computer resources;
(d) ensure protection of private information;
(e) define the boundaries regarding the private lives of users related to their utilization of computer resources;
(f) minimize risk of destruction or modification of systems or data.
These Rules and Regulations of HTCG are applicable to anyone who has access to HTCG Information Systems including but not limited to all visitors of the website of HTCG, all employees (both old and existing), as also all legal entities with whom HTCG has got business relationship which include suppliers, vendors, sub-vendors, distributors, sub-distributors, agents, dealers and sub-dealers etc.
i. Privilege: Access to computer resources constitutes a privilege and not a right. Only duly authorized users may access and use computer resources of the company and only within the parameters granted to the user by the company. The user may not allow an unauthorized third party to use these resources. Computer resources must be used in a reasonable manner and utilization must not unduly restrict access for other users.
ii. Priorities: Computer resources are made available to users for the purpose of engaging in activities related to the fulfillment of company’s business.
iii. Utilization for computer resources:
Users may use the company’s computer resources, subject to certain conditions, which are as under:
(a) The user respects the terms of the present rules and regulations;
(b) Company’s computer resources shall not be used for personal matters;
(c) Users must accept that the company is obliged to preserve access to any message or transaction performed through its computer resources and consequently, no use for any matters whatsoever cannot be considered private.
Any or all use of the company’s computers, computer systems, computer networks, computer resources and communication devices for unauthorized or illegal matters is strictly forbidden. On the company’s computer resources, it is specifically prohibited to host, display, upload, modify, publish, transmit, update or share any information that:
(a) belongs to another person and to which the user does not have any right to;
(b) is grossly harmful, harassing, blasphemous, defamatory, obscene, pornographic, paedophilic, libellous, invasive of another's privacy, hateful, or racially, ethnically objectionable, disparaging, relating or encouraging money laundering or gambling, or otherwise unlawful in any manner whatever;
(c) harm minors in any way;
(d) infringes any patent, trademark, copyright or other proprietary rights;
(e) violates any law for the time being in force;
(f) deceives or misleads the addressee about the origin of such messages or communicates any information which is grossly offensive or menacing in nature;
(g) impersonate another person;
(h) contains software viruses or any other computer code, files or programs designed to interrupt, destroy or limit the functionality of any computer resource;
(i) threatens the unity, integrity, defence, security or sovereignty of India, friendly relations with foreign states, or public order or causes incitement to the commission of any cognizable offence or prevents investigation of any offence or is insulting any other nation;
(j) tantamount to transmitting advertising, spam or which promotes or conducts transactions for personal business purposes;
(k) refers to the company in personal comments within discussion groups or chat rooms, or to use any other mode of expressing an opinion in such a way as to imply that the opinions expressed are approved by the company, except when the statement is made by a person authorized to do so in the performance of his/her duties.
Any modification or destruction of computer resources is prohibited without the authorization of an authorized person of the company.
It is strictly forbidden to act in such a way as to damage the computer resources of the company, specifically, to engage in hacking or spread computer viruses, or the unauthorized destruction or modification of data or software, or diminishing of value or utility of electronic information residing in a computer resource or affecting it injuriously by any means or unauthorized use of the access code or password of another user, or by any action intended to deactivate, challenge or bypass any company information technology security system.
It is strictly prohibited to access or attempt access to files, data, databases, systems, internal or external networks or computer resources restricted to a specific category of users, unless prior approval of the concerned authorized person of the company has been duly taken in writing.
In a situation of shared resources, the user may not monopolize or abuse computers, computer systems, networks, computer resources and communication devices. It is strictly prohibited, such as, to store an excessive amount of data or to use the Internet and its logical record to listen to the radio or a television programme or any other telephony, unless the context otherwise requires it for the purpose of business activity of the company.
Users must, at all times, respect copyright and other intellectual property rights of others. The following are examples of documents likely to be protected by copyright or other intellectual property rights: contents of an e-mail message; textual, graphic and sound contents of a Web site; music and radio and television programmes transmitted through a Web site; music, photos, or graphics available on the Web; applications downloaded from an FTP site; compilation available on a Web site; use of a logo and trademark. In certain cases, the following actions may contravene copyright or intellectual property rights of the relevant rights owners:
(a) downloading a file;
(b) digitizing a printed document;
(c) retouching a photo or other person’s text;
(d) posting music on the Web;
(e) Posting another person’s art work when the work is protected by copyright.
The Users are strictly prohibited from:
(a) using any illegally copied software or electronic file;
(b) participating, directly or indirectly, in the reproduction of a programme or electronic file;
(c) modifying or destroying a software programme, data bank or electronic file or to access it without the express authorization of its owner;
(d) reproducing documentation relating to a programme, without authorization from the owner of the copyright;
(e) using computer resources to commit or attempt to commit an infraction to copyright and intellectual property;
(f) Reproducing software, software packages, and courseware, which is duly authorized only for purposes of securing back-up copies, or according to the software license terms in force.
(g) Using HTCG facilities for any profit making or commercial activity other than that of company.
(h) Providing information about, or lists of, HTCG employees, to parties outside HTCG is prohibited unless approved by the functional head.
(i) To alter IT hardware in any way unless approved and authorized in writing by HTCG CISO. Users must not extend or re-transmit network services in any way. This means you must not install a router, switch, hub, or wireless access point to the HTCG network without HTCG CISO approval
i. Information contained in computer resources is confidential whenever it is regarded as personal information or information protected by the company under the IT Act and rules made thereunder, respecting access to documents held by public bodies and the protection of personal information or information related to a person’s private life.
ii. Respect for security measures: The user is under obligation to respect regulations enacted by the law prevailing for the time being in force, respecting access to documents held by public bodies and the protection of personal information as regards storage, access, transmission and dissemination of personal information, specifically through computer resources.
iii. Dissemination of personal information: The user may not, without authorization from the persons concerned, disseminate personal information whether by written information, photographs or any other visual documents showing these persons participating in an activity, and allowing them to be identified by name.
iv. The company respects the private life of users. However, in view of the fact that computer resources are made available to users in order to assist the company in fulfilling its business activities, the user’s right to privacy is limited. Thus, equipment, systems and files intended for work-related matters must be accessible at any time to members of administration, substitute employees/users or the network administrator.
v. The company shall not systematically oversee user communications. An investigation shall be conducted if there is reason to believe the systems are being used in inappropriate ways or if it is necessary to trace information otherwise unavailable.
vi. The user loses his right to confidentiality for the files he/she created by using computer resources of the company, including all information in contravention of the present rules and regulations or of instructions enacted by the company intended to ensure its application, or to agreements or Local/State/Union laws. While HTCG desires to provide a reasonable level of privacy, users should be aware that the data/information they create/store on any system/hard copy remains the property of HTCG. Though HTCG will take all measures to protect the company network and systems, management cannot guarantee the confidentiality of individual / personal information stored by the employees on any digital device belonging to the Company. The employee shall take due care and necessary approvals while disposing off/ destroying Confidential Information.
vii. The user is entitled to know that the company may be required, within the framework of a judicial enquiry, to provide as evidence the contents of any document saved on its own computer systems. In that case, the company has the exclusive right to and may enter any system without prior warning, and to inspect and examine all the data, database and information resident therein.
i. The company is not responsible, directly or indirectly, for losses, damages or inconvenience caused to users as a result of their utilization of computer resources, or in the case where, for whatever reason, it must reduce or interrupt service, whatever the duration of these reductions or interruptions may be, or if the services cease.
ii. The company shall inform the users that in case of non-compliance with the present rules and regulations for access or usage of company’s computer resources, the Company has the right to immediately terminate the access or usage rights of the users to its computer resources and remove non-compliant information.
iii. HTCG shall provide sufficient physical and electronic security controls for its computer resources or computer systems or networks.
iv. HTCG shall take all steps necessary to ensure that no user shall, without HTCG 's prior written consent, use, duplicate or reveal to any person or entity any Login IDs, passwords, software, data, material, content or any other information related to or accessible on the computer resources , whether written, verbal or electronic. HTCG shall treat all information as copyrighted and owned by HTCG.
v. HTCG shall cause each of its employees, agents and sub/contractors to safeguard the confidentiality of information pursuant to the present rules and regulations regarding the users’ data or information.
vi. HTCG shall not transfer or disclose the information, directly or indirectly, to any third party (other than its employees who have a need to know such information and are authorized by HTCG to have access to the Computer Systems to perform HTCG's obligations under the present rules and regulations without HTCG's prior written consent,); and
vii. HTCG shall not take any other action with respect to the Information inconsistent with its confidential and proprietary nature. Any user wishing to access the computer resources, computer Systems or network of the company must be authorized and approved by HTCG. Notwithstanding such authorization and approval, HTCG shall permit access to the computer resources, computer Systems or network solely by its employees agreeing in writing to abide by the rules and regulations contained herein.
viii. HTCG shall not knowingly host or publish any information or shall not initiate the transmission, select the receiver of transmission, and select or modify the information which is prohibited under the relevant laws and rules and regulations made thereunder. Removal of access to any offending information, data or communication link by HTCG or its affiliates after such information, data or communication link comes to the actual knowledge of a person authorized by HTCG or pursuant to any order or direction as per the provisions of the Act or expeditiously removing or disabling access to such content by HTCG , shall not amount to hosting, publishing, editing or storing of any such information which is prohibited under applicable laws and rules and regulations made thereunder and also other law for the time being in force.
ix. HTCG, on whose computer systems or computer resources, any contravening information is stored or hosted or published, upon obtaining knowledge by itself or having been brought to actual knowledge by an affected person in writing or through email signed with electronic signature, about any prohibited activities as mentioned in the rules and regulations above, shall act expeditiously and remove or disable access to such content and where applicable, work with user or owner of such information to disable such information that is in contravention of the present rules and regulations and the IT Act and Rules, without vitiating the evidence in any manner.
x. Further HTCG shall preserve such information and associated records for at least ninety days for investigation purposes.
xii. HTCG shall provide information or any such assistance to Government Agencies, as and when required by lawful orders, who are lawfully authorized for investigative, protective, cyber security activity. The information or any such assistance shall be provided for the purpose of verification of identity, or for prevention, detection, and investigation, prosecution of cyber security incidents and punishment of offences under any law for the time being in force, on a request in writing stating clearly the purpose of seeking such information or any such assistance.
xiii. HTCG shall take all reasonable measures to secure its computer resource and information contained therein following the reasonable security practices and procedures
xiv. HTCG shall report cyber security incidents and also share cyber security incidents related information with the relevant authorities.
xv. HTCG shall not knowingly deploy or install or modify the technical configuration of computer resource or become party to any such act which may change or has the potential to change the normal course of operation of the computer resource than what it is supposed to perform thereby circumventing any law for the time being in force but HTCG may develop, produce, distribute or employ technological means for the sole purpose of performing the acts of securing the computer resource and information contained therein.
xvi. HTCG shall address any discrepancies and grievances of any users or any victim, who suffers as a result of access or usage of computer resource by any person in violation of these Rules. Such users and/or victims can notify their complaints against such access or usage of computer resources of HTCG or other matters pertaining to the computer resources made available by HTCG to a Grievance Officer. For this purpose, HTCG shall designate a Grievance Office, whose details are as under:-
Mr. Sujoy Brahmachari
Contact details: 34, Basant Lok, Vihar, New Delhi-110057
Time: Monday to Friday 10AM – 5PM
xvii. The Grievance Officer shall redress the grievances of visitors/users of the HTCG websites, if any, expeditiously but within one month from the date of receipt of grievance.
xviii. HTCG is an ISO 27001:2013 certified compliant company. HTCG has implemented the principles and salient features of IS/ISO/IEC standard 27001:2013 and the codes of best practices for data protection for the purpose of compliance with reasonable security practices and procedures. Further HTCG shall audit its security practices and procedures on a regular basis through an independent auditor, duly approved by the Central Government. The audit of reasonable security practices and procedures shall be carried out by an auditor once a year.
i. The users are responsible for their own actions in the use of company computers, computer systems, computer networks, computer resources and communication devices of the company. Any user who commits an illegal act is subject to legal consequences, including both civil and criminal action. The company shall not be responsible for such an illegal act as the company is an intermediary. The company has exercised due diligence, while discharging its obligations under the applicable laws
ii. The users shall strictly follow the present rules and regulations and also provisions of the applicable laws for the time being in force.
iii. User shall indemnify HTCG and its affiliates and their officers, agents, employees and service providers and hold them harmless in respect of all losses, costs, proceedings, damages, expenses (including reasonable legal costs and expenses) or liabilities howsoever incurred by any of them as a result of any claim by a third party resulting from a breach or non-observance of these rules and regulations and/or of other HTCG policies by the User or breach of any prohibition, or restriction on User's activities contained in these rules and regulations.
The users of computer resources agree to show:
iv. respect towards persons, their private lives, personal or confidential information about them, whether by text, messages or images;
v. respect as regards company objectives;
vi. respect for copyright and intellectual property;
vii. respect for security measures implemented by the company.
While using Electronic Messaging
viii. The user must identify himself as the author of any electronic message sent on the company network and, as the case may be, specify his title or position.
ix. The user must, where applicable, respect the confidentiality of messages sent on the network and refrain from intercepting, reading or modifying any message not intended for him/her.
x. Users are strictly prohibited from:-
(a) Using one or more gimmicks or any other means of transmitting an electronic message anonymously or in the name of another person;
(b) Subscribing to mailing lists not related to the user’s job description;
(c) To send, without authorization, to all staff or to selected groups of employees or other users, messages of a general nature, news of any kind, chain letters and any information not related to company business activities.
i. The company reserves the right to keep a register of transactions performed by way of its computer resources and telecommunications network and the right to analyze information contained in this register in order to detect unauthorized, illicit or illegal activities on its network, whether through conventional technical means or by using emerging technologies like artificial intelligence.
ii. The Network Administrator of the company may proceed to commence any investigation, without prior notice, when an emergency warrants it, such as, detection of the presence of a virus in the network or over utilization of network resources, and may save any or all copies of a document in order to ensure respect for the terms of this rules and regulations enacted by the company.
iii. The company reserves the right to erase from its computer resources any illegal content or content in contravention of the regulations stated in the present rules and regulations.
iv. The authorized person of technology team of the company may put forth instructions and regulations to ensure the security of computer resources and to periodically conduct security checks.
If users believe that a violation of these rules and regulations has occurred, contact the office of HTCG in person or on email being firstname.lastname@example.org immediately. Under no circumstances should the witnesses attempt to look through or access the suspect’s machine in order to conduct their own personal investigation.
Any person found to have violated or violating these rules and regulations might be subject to disciplinary action, up to and including termination of employment. In addition, there may be cases in which a person may be subject to civil or criminal liability. In case of other users they could be liable for civil or criminal liability including exemplary damages, under the provisions of the law prevailing for the time being in force.