1.    Purpose

 The purpose of this policy is to enhance the accessibility, security, and usability of the company’s IT     and information resources by creating a clear structure for how IT should be managed and used, increasing knowledge about IT, and ensuring the security of data, information, and operations.

2.    Definition

IT refers to technologies used to communicate, store, and process electronic information. All employees are required to comply with all laws, regulations, and governmental requirements governing the company’s use and development of IT in all respects.

3.    Scope

 All IT equipment, all systems, as well as both employees and consultants.

4.    Use of IT resources

• The use of the company’s IT resources, including computers, networks, and software, should be for work-related purposes.

• Employees are encouraged to avoid inappropriate or unprofessional behavior on the company’s IT resources and absolutely must not download or distribute illegal material.

• Personal use of the company’s IT resources should be limited and in accordance with the company’s guidelines.

• Employees may not install new programs unless authorized by the IT manager.

5.    Use of Social Media

• The use of social media for work-related purposes is permitted but should be conducted responsibly and in line with the company’s values.
• Employees are encouraged to avoid leaking company-related information or expressing themselves in a way that could harm the company’s reputation on social media. 

• Employees should be aware that their activities on social media can have consequences for the company and that they represent the company even outside of the workplace.

6.    Password Management

7. The use of strong passwords is crucial for ensuring data security. Employees should use unique passwords for different accounts and avoid sharing their passwords with others. Passwords must be at least 12 characters long, preferably longer, and should contain at least three of the four categories: uppercase letter, lowercase letter, number, and special character. Alternatively, one can construct a password using phrases, for example: Soccer20Handball.

• The password must not be related to personal information, such as phone numbers, personal identification numbers, pets, and children.
• Passwords must not be written down on paper or digital notes that may be accessible to unauthorized parties.

• Passwords should be stored in a password manager approved by Asso Produkter AB.

• Employees should be aware of the importance of multi-factor authentication (MFA) and are encouraged to activate this feature when available to further enhance security.

8.    Remote Work

• Do not leave your computer unattended.
• Lock your computer as soon as you are not actively using it.
• Be aware of the risk of eavesdropping when using a mobile phone in public places.

9.    Data Integrity and information Security

• Employees are responsible for protecting the company’s information from accidental loss, theft, or damage.

• Sensitive and confidential information should be handled with care and only shared with authorized parties.

• Employees should be aware of common security risks, such as phishing attacks and malware, and follow security guidelines to minimize risks.

 10.   Copyright and Intellectual Property Rights

• Employees must respect copyright and intellectual property rights when using the company’s IT resources and software.
• Unauthorized downloading, copying, or distribution of copyrighted material is prohibited.

• Employees should be aware that even external programs or content may be subject to copyright and that they must comply with the relevant license terms.

11.   Abuse

• In the case of abuse or suspicion of abuse, monitoring of the use of computers, networks, and the Internet may be conducted. Ultimately, employment may be questioned in the event of violations of this policy. 

• If the checks reveal that the guidelines have been violated, the matter may be investigated by the HR manager. 

• The employer will primarily attempt to achieve correction through verbal warnings or similar procedures. In cases of more serious abuse, disciplinary actions may be taken.

12.   Related standards, polices, and documents. 

ISO 27001

13.   Version control

Version 2.0   2024-05-15  RAN

Fair business principles

Obeying laws

The laws and regulations of every country ASSO Produkter AB operates in must be obeyed.

Fair competition

ASSO Produkter AB acts both ethically and in a fair way when competition in the market. We consider this a precondition for healthy and long-term relationships to customer and suppliers.

Our expectations and our commitment to you are the same.

Anti-corruption, anti-bribery and gift-giving.

ASSO Produkter applies a zero-tolerance for all terms of corruption, including extortion, embezzlement and bribery. We will not accept any type of corruption related to our business and we expect all our suppliers, its employees, and partners in the supply chain to embrace this policy and act accordingly.

Anti-money laundering and anti-financial crime

ASSO Produkter AB is committed to comply with laws against money laundering and terrorism financing which are in place in most countries worldwide.

ASSO Produkter´s sustainability work is an integrated part of our business and environment is an integrated part of our sustainability work.

Environmental principles:

Systematically and continuously reduce the environmental impact by reducing energy consumption, reducing the consumption of raw materials, minimizing waste and increase recycling.

All production facilities shall be certified according to ISO 14001 or strive towards and we shall follow or surpass all applicable environmental laws and regulations.

Show respect and take responsibility for the environment wherever we operate.

GDPR principles

ASSO Produkter complies with the principles of GDPR. The six overall guiding principles are:

• Lawfulness, transparency and fairness
• Purpose limitation
• Data minimization
• Accuracy
• Storage limitation
• Confidentiality and integrity

Your privacy and security is of the utmost importance to us. We will always follow these principles and ask you how you would like us to communicate with us.

Purpose of data storage:

To register you as a new customer.

To register and deliver your order including manage payments, fees and charges.

To manage our relationship with you.

ASSO Produkter AB – is about people

Health and safety at work

ASSO Produkter should provide all its employees with necessary conditions and equipment, including appropriate safety information and training. This shall include monitoring health and safety risk as well as identifying, minimizing, and preventing such risk.

Fire Prevention

ASSO Produkter shall ensure that emergency response plans on fire safety are prepared and communicated. Staff is to be trained and made aware of fire prevention and firefighting procedures including evacuation routines.

Conflict minerals.

Conflict minerals are tin, tantalum, tungsten, and gold (3TG) originated from conflict-affected and high-risk areas.

ASSO Produkter expect that products and components we receive from our suppliers are not deemed to be conflict minerals originated from DRC or are conflict free.

A supplier of relevant goods must be able to provide all necessary documentation for proofing its legitimate origins on request.

ASSO Produkter rely on information provided by our suppliers.

Click here to download PDF >>