Information Technology (IT) Policy
​
​
Effective Date: 01-April-2022
Last Updated: 01-October-2024
1. Purpose The purpose of this IT policy is to outline guidelines and best practices for the use of information technology resources at Agile Advisors. This policy aims to ensure the security, integrity, and efficient utilization of IT assets while supporting the organization's objectives.
2. Scope This policy applies to all employees, contractors, consultants, and third-party vendors who have access to Agile Advisors' information technology resources, including but not limited to hardware, software, networks, and data.
3. Acceptable Use
3.1. Employees are expected to use IT resources responsibly and for business purposes only.
3.2. Unauthorized use of IT resources for activities such as gambling, downloading illegal content, or engaging in activities that may compromise security or violate laws or regulations is strictly prohibited.
3.3. Personal use of IT resources should be limited and must not interfere with work responsibilities.
4. Security
4.1. All employees are responsible for safeguarding Agile Advisors' IT resources against unauthorized access, disclosure, alteration, or destruction.
4.2. Passwords must be strong, unique, and kept confidential. They should be changed regularly, and employees must not share their passwords with others.
4.3. Employees must adhere to security protocols, including encryption standards, access controls, and data backup procedures.
4.4. Any suspected security incidents or breaches must be reported immediately to the IT department or designated security personnel.
5. Confidentiality
5.1. Employees must maintain the confidentiality of sensitive information, including but not limited to proprietary data, customer information, financial records, and trade secrets.
5.2. Confidential information should only be accessed on a need-to-know basis and should not be disclosed to unauthorized individuals or entities.
5.3. When handling confidential information, employees must follow established procedures to ensure its protection, including encryption, secure transmission methods, and secure storage practices.
​
6. Data Management
6.1. Employees must follow data handling procedures to ensure the confidentiality, integrity, and availability of sensitive information.
6.2. Data should be classified based on its sensitivity level, and appropriate security measures should be applied accordingly.
6.3. Personal data must be collected, processed, and stored in compliance with relevant privacy laws and regulations.
6.4. Data backup procedures should be regularly performed to prevent data loss in the event of system failures or disasters.
7. Software and Hardware Usage
7.1. Employees should only install licensed software on company-owned devices, and unauthorized software installations are prohibited. 7.2. IT equipment and software should be used efficiently, and employees are encouraged to report any issues or concerns to the IT department for resolution.
8. Compliance
8.1. Employees are expected to comply with all applicable laws, regulations, and industry standards related to IT usage, including but not limited to copyright laws, intellectual property rights, and export control regulations.
8.2. Violations of this IT policy may result in disciplinary action, up to and including termination of employment, as well as legal consequences if warranted.
9. Training and Awareness
9.1. Agile Advisors will provide regular training and awareness programs to educate employees on IT policies, procedures, and best practices.
9.2. Employees are encouraged to stay informed about emerging IT threats and security vulnerabilities to mitigate risks effectively.
10. Policy Review and Updates
10.1. This IT policy will be reviewed periodically to ensure its effectiveness and relevance.
10.2. Updates or revisions to the policy will be communicated to all employees, and their feedback may be solicited to improve the policy further.
11. Confidentiality and Data Protection Privacy Policy
11.1 Introduction
Agile Advisors respects your privacy and is committed to protecting your personal information. This privacy policy outlines the types of data we collect, how we use it, and the choices available to you regarding our use of your information.
11.2 Information We Collect
We collect different types of information to provide and improve our services, including:
a. Personal Information
ï‚· Identifiers: Full name, email address, phone number, physical address.
b. Automatically Collected Information
ï‚· Cookies and Tracking Technologies: Information collected through cookies, web beacons, and similar technologies.
ï‚· Usage Data: IP address, browser type, access times, pages viewed, and the link clicked.
c. Information You Provide
ï‚· Customer Service: Details you provide through communication with our customer service.
ï‚· Surveys and Feedback: Information from surveys or feedback forms.
d. Information from Third Parties
ï‚· Third-Party Services: Information we receive from partners, service providers, and platforms where you may link accounts.
11.3 How We Use Your Information
We use your information for a variety of purposes, including but not limited to:
a. Service Delivery
ï‚· To provide, personalize, and improve our services.
ï‚· To process payments and transactions.
b. Communication
ï‚· To send you important updates, notifications, and respond to your inquiries.
ï‚· To send you promotional offers and newsletters (with your consent).
c. Analytics and Improvement
ï‚· To understand and analyse user behaviour to improve service quality and experience.
ï‚· To diagnose technical issues and maintain security.
d. Legal Compliance
ï‚· To fulfil legal obligations and respond to lawful requests from government authorities.
11.4 Cookies and Tracking Technologies
We use cookies and similar tracking technologies to:
a. Essential Cookies
ï‚· Required for the website to function correctly.
b. Performance and Analytics Cookies
ï‚· Help us analyse how our site is used and improve performance.
c. Marketing Cookies
ï‚· Used to provide personalized ads and promotions.
d. Sharing Your Information
We may share your information as follows:
ï‚· Service Providers We share your information with third-party service providers who assist in our business operations (e.g., payment processors, marketing partners).
ï‚· Business Transfers In the event of a merger, acquisition, or sale of all or part of our assets, your information may be transferred as part of that transaction.
ï‚· Legal Requirements We may disclose your personal data if required to do so by law, in response to valid requests from public authorities, or to protect the rights and safety of our company.
11.5 Your Data Protection Rights
You have the following rights concerning your personal data:
a. Access: Request access to your data. b. Rectification: Request correction of inaccurate information. c. Erasure: Request deletion of your data under certain circumstances. d. Restriction: Request that we limit the processing of your data. e. Data Portability: Request a copy of your data in a portable format. f. Object: Object to the processing of your data for specific purposes, such as marketing.
To exercise these rights, please contact us at info@agilemea.com.
11.6 Security Measures
We implement appropriate technical and organizational security measures to protect your information from unauthorized access, disclosure, alteration, or destruction. Despite our efforts, please note that no security measures are entirely foolproof.
11.7 Data Retention
We will retain your personal data only as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, or reporting requirements.
11.8 Third-Party Links
Our website may contain links to third-party websites. We are not responsible for the content or privacy practices of these sites. We encourage users to read the privacy policies of each website they visit.
11.9 Children's Privacy
Our services are not directed at individuals under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have inadvertently gathered data from a child under 13, we will delete such information promptly.
11.10 Changes to This Privacy Policy
We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will notify users of significant changes by posting the updated policy on our website with a new effective date.
​
Business Continuity Management System (BCMS) Policy
​
​
Effective Date: 01-Jun-2025
Last Updated: 01-Jun-2025
Policy Statement:
Establishing, implementing, operating, maintaining, exercising, and continuously improving BCMS to reach the required level of resilience is crucial for Agile Advisors to protect its reputation and satisfy stakeholders.
1. BCMS's primary objective is to reduce or eliminate any interruption to the business operations and time-sensitive services of Agile Advisors. The objective in the event of such a disruption is to keep the business running until complete functioning can be restored..
2. At Agile Advisors, "Everyone" oversees business continuity. All employees and third-party professionals participating in the BCMS or any other developed procedures should be aware of the necessary operating actions to be followed in the event of a disruptive occurrence, whether it be man-made or natural, to accomplish a prompt and effective recovery.
3. BCM Steering Committee is ultimately responsible for the business continuity of Agile Advisors. It shall be responsible for the development, implementation, operation, maintenance, exercising and continual improvement of the BCMS..
4. The safety of every employee and person on Agile Advisor’s property shall always come first in the event of an incident..
5. All department heads and Business Continuity (BC) Champions, in coordination with BC Manager shall carry out annual Business Impact Analysis (BIA), Threat Risk Assessment (TRA), Recovery Strategies, Business Continuity Plans (BCPs), Exercise and Performance evaluation.
​
​
6. All time-critical activities shall have recovery plans created based on the established Recovery Time Objective (RTO) and Recovery Point Objective (RPO). Through a BIA exercise, RTOs and RPOs for all time-critical activities will be determined. In accordance with instructions given by the BC Manager, each department head shall be responsible for maintaining and carrying out their recovery plan.
7. Agile Advisors shall ensure the establishment and maintenance of a business continuity culture to increase organizational awareness of business continuity. Awareness and training sessions shall be conducted to ensure all employees are appropriately trained for their roles in Business Continuity Management System (BCMS) and are ready to respond to utilize their plans during an accident. These sessions shall be conducted by the BC Manager in coordination with BC champions regularly throughout the year by using various methods such as training and awareness sessions.
8. Agile Advisors shall evaluate and update the BCMS once a year or if there are significant changes to the organization's structure, services, business procedures, or technological infrastructure.
9. Any exception to this policy shall be requested to the BCM Steering Committee in writing, describing the justifications for requesting an exception for a particular service or process, the time frame for granting the exception, and compensating measures that specify how Agile Advisors will restore that particular service or process in the case of a disruptive incident.
​
​