We protect ofi’s reputation and assets

Protecting our reputation

Everything we say and do can affect our reputation therefore it is essential that you read, understand, and comply with the ofi Code of Conduct and ofi’s policies.

If you are ever in doubt as to what the right thing to do is, you should contact LEGAL for advice.

Control of ofi information

Shareholders, financial analysts, the press, and others rely on us to provide them with reliable information regarding the Group’s operations, performance and outlook.

The only individuals authorized to communicate on these matters are members of the ofi Group Board, the Investor Relations team, and Group Communications team.

To protect ofi we will:

• promptly forward all enquiries on these matters to the Investor Relations & Group Communications teams;
• not personally provide information or respond to any external enquiries. 

Using social media

We use social media to raise awareness of the business, engage with our target audiences and increase traffic to our global websites. See ofi Social Media Policy.

To protect ofi we will: 

• only post on behalf of the Group after receiving support and guidance from the Group Comms team. 

To protect ofi we will not: 

• open any social media account in the name of the Group or using any of its brands, without the express permission of the Group Communications team; 
• use any private social media accounts and/or channels to damage ofi’s name and reputation. 

Protecting ofi’s information

Information is held in many different formats, including on paper, electronically in documents, or in IT applications and systems. ofi is committed to only collecting, storing, and using information in compliance with the law and without any violation of another person’s or legal entity’s confidential or proprietary information.

To protect ofi we will: 

• treat ofi information with the appropriate care to ensure its confidentiality, while also adhering to the local law or regulations of each country and cooperating with authorities; 
• only share ofi information with employees or others working for ofi, or authorized third parties, with a genuine business need to access it and with a suitable non-disclosure agreement in place taking care to tailor any templates provided by LEGAL (see section on Legal Consultation); 
• take all necessary steps to protect information in documents and on IT devices away from the workplace and in public places (see section on Intellectual Property); 
• report any concern or suspicion of inappropriate disclosure of ofi information to LEGAL or the ofi Whistleblowing Line. 

If in doubt about how to treat certain information, contact LEGAL.

Financial and other business information

The recording of any business information must be accurate, complete, and timely.

To protect ofi we will: 

• follow all laws, external accounting requirements and ofi procedures for the reporting of all business information; 
• ensure full transparency of financial or other required information and fully cooperate with our internal and external auditors. 

To protect ofi we will not: 

• falsify or destroy ofi accounting or business records; or 
• deliberately report, create, record, or generate false or misleading information.

Personal data & privacy

ofi respects the privacy and personal data of all individuals, including employees and customers. We collect and use personal data in accordance with our values, applicable laws and with respect for privacy as a human right.

To protect ofi we will: 

• only collect data that is adequate and relevant and store it solely for the purpose it was collected for; 
• be transparent with individuals about the collection, use, storage, sharing, and maintenance of personal information; 
• explain the authority which permits the collection of personal information and the specific purpose for which it is intended; 
• as far as is practical, seek individual consent to collect, use, store, share or maintain personal information and provide mechanisms for appropriate access, correction, and redress; 
• as far as is practical, make sure personal information is accurate, relevant, timely and complete, every time it is used; 
• keep personal data confidential and secure, and act responsibly and ethically, in line with our core values; 
• read and make yourself familiar with the ofi Data Privacy Policy. 

To protect ofi we will not: 

• retain personal data for longer than necessary to achieve the business objective or meet minimum legal requirements; 
• transfer personal information across borders, without checking with the Legal & Information Securityteams to make sure that no laws are violated (for any personal information being transferred between entities or with a third party, a Data Processing Agreement or Data Transfer Agreement should be part of the contract or an addendum to the contract); 
• collect and use personal data for purposes that are not reasonably expected by our customers and employees. 

Use of information technology

Employees are provided with ofi systems and equipment to carry out their role and these should be used responsibly. 

To protect ofi we will: 

• make sure ofi equipment is used appropriately, protected from damage, and locked away or put out of sight when left attended for a prolonged period of time or overnight;
• use a password or PIN to lock unattended ofi equipment or any personal device used to access ofi Information; 
• immediately report the loss or theft of any ofi equipment, or personal device used to access ofi information, to the Central IT Service Desk; 
• adhere to all software copyrights and licensing agreements; 
• follow the IT request process to install any software or applications on ofi equipment. 

To protect ofi we will not: 

• use computer software, equipment, and telecommunication services (e.g., internet or email) for illegal or immoral purposes; 
• try to disable, defeat or circumvent ofi security controls, such as firewalls, browser configuration, privileged access, anti-virus and system logs; 
• use ofi systems or equipment to intentionally access, store, send, post or publish material that is pornographic, sexually explicit, indecent or obscene, or promotes violence, hatred, terrorism or intolerance, or breach local, national or international laws; 
• use ofi systems or equipment to intentionally defame, slander or lower the reputation of any person or entity or their goods or services; 
• intentionally write, generate, compile, copy, collect, propagate, execute, or attempt to introduce any computer code designed to self-replicate, damage, or otherwise hinder the performance of or access to any IT assets; 
• forward emails containing non-public ofi information to personal email accounts; 
• share ofi access credentials with anyone else, Including work colleagues, friends, and family; 
• use our ofi email address for online activity not related to ofi business or engage in any form of private business using ofi equipment; 
• intentionally access ofi systems or information that is not intended for them, or access ofi systems or information after leaving ofi employment.

To view the Policies referred to in this section contact the ofi Legal, Compliance and Co Sec function.