| Table of Contents | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Purpose: The purpose of this policy is to establish a fair and transparent disciplinary process for addressing misconduct, policy violations, or non-compliance with the company's standards, particularly in relation to information security, confidentiality, and the handling of sensitive synthetic data and AI technologiessystems. This policy aims to protect the integrity, availability, and confidentiality of information assets while maintaining a professional and ethical workplace across our distributed and remote team.
...
Examples of disciplinary issues related to security and technologymay include, but are not limited to:
Unauthorized access to sensitive data or systems.
Mishandling or misuse of data.
Sharing confidential information outside of authorized channels.
Circumventing security protocols, such as encryption or authentication requirements.
Failure to comply with information security controls.
Misuse of company communication tools.
Unauthorized software installation.
Failure to report security incidents.
2. Initial Investigation
Once a violation is reported or detected, an internal investigation is initiated. This involves:
...
Submitting a formal written appeal to the HR People department within 7 business days of the decision.
An appeal meeting with a different panel (including senior management or external advisors) to review the case and the disciplinary decision.
A final decision will be communicated in writing following the appeal review. The decision of the appeal process is final.
...