What does this mean to me as an employee?
I am careful when I work with personal data. I always respect the privacy of the individuals and use their data lawfully.
I am especially careful when I share personal data. I do so only if there is a legitimate business reason. If I am in doubt, I seek guidance from the local or regional Legal Counsel.
I only use secure and approved IT solutions to collect, use, store and share personal data or other information. I keep my devices and documents protected and I maintain strong and secure passwords for accessing IT systems, websites and other information assets (JTI assets are anything that is owned or paid for by JTI).
I take extra care when working outside of JTI premises to ensure unauthorized people cannot overhear, see or access JTI information (including passwords).
If I receive any information and I am unsure of its origin or intended purpose, I speak to my line manager. I never respond to suspicious messages requesting any information and I do not open links or attachments contained in such messages.
I immediately report any suspected data breach (such as loss of confidentiality or misuse of any information) to my local or regional Legal Counsel or a member of Corporate Compliance or IT Teams.