IT System Access Guidelines
Data security is playing an increasingly important role for companies today. Without security measures, work activities performed by staff members or service providers with remote access to the company network can quickly become a security risk, with decentralised data stored on various end devices creating a particularly critical vulnerability. The use of modern, secure and effective information technology systems in today’s businesses is fundamental to creating a productive work environment. Meeting the company’s IT security needs whilst allowing employees to be effective when performing their duties requires that persons assigned with the appropriate rights and tasks comply with corporate rules and guidelines when accessing and using internet and intranet services of Festo, as well as its internet platforms and network drives (hereinafter jointly referred to as “IT Access”). The signatories of this document are Festo AG & Co. KG staff and freelancers, as well as employees of agents of Festo (hereinafter referred to as “user”).
Access to the company’s IT system is granted exclusively under the conditions set out below; any other access or use is neither possible nor permitted.
- The user(s) must have signed this personal declaration.
- Access to the company’s IT system is granted exclusively for official/contractual purposes. The Internet service provided shall be used exclusively for carrying out the respective task. The user(s) shall not process, disclose or make accessible to a third party any data, or use said data in any other manner for purposes other than those required to carry out the task.
- When accessing the company’s IT system, the user(s) shall comprehensively abide by the basic rules governing proper data processing, IT security and data protection.
- It is prohibited for third parties to dial into or in any other manner access the IT system of Festo AG & Co. KG. The user(s) shall take appropriate security measures to make it impossible for and prevent third parties from dialling into or in any other manner accessing IT system of Festo.
- User(s) shall not give demonstrations of the Festo network or show the use of IT access to third parties.
- The user(s) shall neither in full nor in part copy, change or in any other manner use or sell, or allow a third party to copy, change or in any other manner use or sell licensed software or any other obviously copyrighted document or documentation of any type or of any content, and shall neither in full or in part make software accessible to a third party without the express consent of the authorised person at Festo. The use of unlicensed software or software from illegal or unreliable sources is prohibited when accessing the company’s IT system.
- Uploading private data and software to the IT systems and platforms of Festo is prohibited. Connecting private computers, reproduction or storage devices is also prohibited.
- The user(s) shall not store confidential or strictly confidential data of Festo (such as emails or office documents) on private mobile storage devices.
- The applicable Festo guidelines governing “Workplace, Labour Safety and Fire Protection” (emergency procedures), operation of mobile communications devices, IT security and data protection shall be taken into consideration. These are accessible on the WeNet under “Company -> Guidelines” and can be provided to employees upon request.
- Disclosing, forwarding or using IT system access data is prohibited. If information must be provided or forwarded as part of a service or of carrying out a task, this is possible only with the express consent of the authorised person at Festo.
- The user(s) is (are) aware that electronic access is logged (log data) automatically and evaluated for the purpose of ensuring compliance with IT security regulations, cost control, functionality checks and for preventing unauthorised access. These access logs are deleted no earlier than six months after the date on which they were stored.
- In the event of termination of the contractual relationship between Festo and the staff member or the agent, or of the working relationship between the user(s) and the agent, and in case of a transfer or change of the workplace of the agent or in other cases in which accessing the IT system is no longer absolutely required to perform the task for Festo or for the agent at Festo, immediate notification must be provided to the Festo Global Service Desk and the authorisation of the user(s) must be revoked.
- Access to the IT system is limited to a fixed period of one year and must be requested again if the activity of the user(s) absolutely requires continued access to the IT system.
- Access shall only be granted under Laws of Germany and these guidelines and anything in connection with these guidelines shall be subject solely to the laws of the Federal Republic of Germany to the exclusion of any conflict of laws. Place of jurisdiction shall only be 73732 Esslingen, Germany.
Personal declaration of the signatory
By signing below I confirm that I have fully acknowledged the aforementioned guidelines and that I have understood them with respect to their content as well as part of my activities. I have been expressly informed that failure to abide by these guidelines has legal consequences.
Furthermore, I hereby declare that I agree to Festo analysing log data for the purpose of cost control, functionality checks and for preventing unauthorised access.