Hirett makes email available to its employees where relevant and useful for their jobs.
This email use policy describes the rules governing email use at the company. It also sets out how staff members are expected to behave when using email.
This policy should be read alongside other key policies. In particular, users should also read the company’s data protection and internet use policies.
WHY THIS POLICY EXISTS
Email is a standard way to communicate in business. It’s used widely and is arguably just as important as the telephone.
Like any technology, email can cause difficulties if used incorrectly or inappropriately. This email policy:
- Reduces the security and business risks faced by Hirett
- Lets staff know how they are permitted to use company email
- Ensures employees follow good email etiquette
- Helps the company satisfy its legal obligations regarding email use
- This policy applies to all staff, contractors and volunteers at Hirett who use the company email system.
- It applies no matter where that email use takes place: on company premises, while travelling for business or while working from home.
- It applies to use of company email on any device, no matter whether owned by the company or employee.
GENERAL EMAIL GUIDELINES
BUSINESS EMAIL USE
Hirett recognises that email is a key communication tool. It encourages its employees to use email whenever appropriate.
For instance, staff members may use email to:
- Communicate with customers or suppliers
- Market the company’s products
- Distribute information to colleagues
PERSONAL USE OF EMAIL
The company also recognises that email is an important tool in many people’s daily lives. As such, it allows employees to use their company email account for personal reasons, with the following stipulations:
- Personal email use should be of a reasonable level and restricted to non- work times, such as breaks and during lunch.
- All rules described in this policy apply equally to personal email use. For instance, inappropriate content is always inappropriate, no matter whether it is being sent or received for business or personal reasons.
- Personal email use must not affect the email service available to other users. For instance, sending exceptionally large files by email could slow access for other employees.
- Users may access their own personal email accounts at work, if they can do so via our internet connection. For instance, a staff member may check their Yahoo or Google Mail during their lunch break.
- Only people who have been authorised to use email at Hirett may do so.
- Authorisation is usually provided by an employee’s line manager or the company IT department. It is typically granted when a new employee joins the company and is assigned their login details for the company IT systems.
- Unauthorised use of the company’s email system is prohibited.
- Employees who use company email without authorisation — or who provide access to unauthorised people — may have disciplinary action taken against them.
Used inappropriately, email can be a source of security problems for the company. Users of the company email system must not:
- Open email attachments from unknown sources, in case they contain a virus, Trojan, spyware or other malware.
- Disable security or email scanning software. These tools are essential to protect the business from security problems.
- Send confidential company data via email. The IT department can advise on appropriate tools to use instead.
- Access another user’s company email account. If they require access to a specific message (for instance, while an employee is off sick), they should approach their line manager or the IT department.
- Staff members must always consider the security of the company’s systems and data when using email. If required, help and guidance is available from line managers and the company IT department.
- Users should note that email is not inherently secure. Most emails transmitted over the internet are sent in plain text. This means they are vulnerable to interception.
- Although such interceptions are rare, it’s best to regard email as an open communication system, not suitable for confidential messages and information.
INAPPROPRIATE EMAIL CONTENT AND USE
The company email system must not be used to send or store inappropriate content or materials.
It is important employees understand that viewing or distributing inappropriate content via email is not acceptable under any circumstances.
Users must not:
- Write or send emails that might be defamatory or incur liability for the company.
- Create or distribute any inappropriate content or material via email.
- Inappropriate content includes: pornography, racial or religious slurs, gender-specific comments, information encouraging criminal skills or terrorism, or materials relating to cults, gambling and illegal drugs.
- This definition of inappropriate content or material also covers any text, images or other media that could reasonably offend someone on the basis of race, age, sex, religious or political beliefs, national origin, disability, sexual orientation, or any other characteristic protected by law.
- Use email for any illegal or criminal activities.
- Send offensive or harassing emails to others.
- Send messages or material that could damage Hirett’s image or reputation.
Any user who receives an email they consider to be inappropriate should report this to their line manager or supervisor.
- Hirett respects and operates within copyright laws. Users may not use company email to share any copyrighted software, media or materials owned by third parties, unless permitted by that third party.
- Employees must not use the company’s email system to perform any tasks that may involve breach of copyright law.
- Users should keep in mind that the copyright on letters, files and other documents attached to emails may be owned by the email sender, or by a third party.
- Forwarding such emails on to other people may breach this copyright.
CONTRACTS AND LIABILITY
- Users must be careful about making commitments or agreeing to purchases via email.
- An email message may form a legally-binding contract between Express Remit and the recipient — even if the user has not obtained proper authorisation within the company.
The standard company email template includes an email disclaimer. Users must not remove or change this when they send messages.
EMAIL MARKETING AND BULK EMAIL
- Hirett may use email to market to existing and potential customers. There is significant legislation covering bulk email and use of email for marketing.
- All email campaigns must be authorised by the marketing manager and implemented using the company’s email marketing tool.
- Users must not send bulk emails using the standard business email system.
- All questions about email marketing should be directed to the marketing manager.
EMAIL BEST PRACTICE
Email is often used to communicate with customers, partners and other important contacts. Although a relatively informal medium, staff should be aware that each email they send does affect the company’s image and reputation.
It’s a good idea to follow rules of good email etiquette. Users must:
- Not forward on chain emails or ‘humorous’ messages. These clog up people’s in-boxes and some topics are not appropriate for the
- Always use a meaningful subject line rather than leaving it blank or using a single word like ‘hello’.
- Only use the ‘important message’ setting sparingly, for messages that really are
- Never ask recipients to send a ‘message read’ receipt. Many people find these annoying and not all email services support
- Not use ALL CAPITAL LETTERS in messages or subject lines. This can be perceived as
- Be sparing with group messages, only adding recipients who will find the message genuinely relevant and
- Use the ‘CC’ (carbon copy) field sparingly. If someone really needs to receive a message, they should be included in the ‘to’
- Use the ‘BCC’ (blind carbon copy) field to send group messages where appropriate. It stops an email recipient seeing who else was on the
Email is a valid way to communicate with colleagues. However, it tends to be overused for internal communication.
Users should keep these points in mind when emailing colleagues:
- Would the issue be better addressed via a face-to-face discussion or telephone call?
- Is email the best way to send a document out for discussion? Often, it becomes very hard to keep track of feedback and versions.
- It’s rarely necessary to ‘reply all’. Usually, it’s better to reply and then manually add other people who need to see a message.
MONITORING EMAIL USE
- The company email system and software are provided for legitimate business use. The company therefore reserves the right to monitor employee use of email.
- Any such examinations or monitoring will only be carried out by authorised staff.
- Additionally, all emails sent or received through the company’s email system are part of official [company name] records. The company can be legally compelled to show that information to law enforcement agencies or other parties.
- Users should always ensure that the business information sent via email is accurate, appropriate, ethical, and legal.
EMAIL ARCHIVING & RETENTION
Under the General Data Protection Regulation (GDPR) and Data Protection Act 2018, all personal data, including that stored as a message or in an email system is subject to the GDPR’s/DPA18’s data minimisation and storage limitation principles, which the Company strictly adheres to.
Our general retention periods and destruction and archiving methods are detailed in our Retention & Erasure Policy, to which all emails and archives messages are subject. To ensure that the Company is prepared for a compliant with the new data protection legislation, we have:
- Reviewed this email policy to ensure that security and confidentiality are paramount when accessing, sending and receiving messages containing personal information
- Assessed our existing archives message and email database for all devices, documenting any messages or attachments relating to personal information
- Utilised our Information Audit to identify the legal basis for storing or processing personal information emails and applying our retention and destruction processes to any that are no longer required or where we do not have a legal obligation to retain the message
- Created parameters for filtering, categorising and the destruction of emails that we are not obligated or lawfully allowed to retain
- Emails that we have a lawful obligation or basis to retain are archived and become the responsibility of the [IT Department/DPO] for review on retention periods and setting accurate destruction dates.
- Where any email contains personal information in the form of an attachment (i.e. medical invoices, passports copies, birth certificates etc), these attachments are removed from the email and stored in accordance with our personal information protocols as detailed in our data protection and information security policies.
- Knowingly breaching this email use policy is a serious matter. Users who do so will be subject to disciplinary action, up to and including termination of employment.
- Employees, contractors and other users may also be held personally liable for violating this policy.
- Where appropriate, the company will involve the police or other law enforcement agencies in relation to breaches of this policy.
- However, the company is unlikely to take formal action if a user fails to adhere to the guidelines in the ‘email best practice’ section.