Internal Acceptable Use Policy

This policy specifies requirements related to the use of Parallel Markets’ computing resources and data assets by Parallel team members so as to protect our customers, team members, contractors, company and other partners from harm caused by both deliberate and inadvertent misuse. Our intention in publishing this policy is to outline information security guidelines intended to protect Parallel Markets’ assets, not to impose restrictions.

It is the responsibility of every member of our team to interact with Parallel Markets’ computing resources and data in a secure manner and to that end we provide the following acceptable use standards related to computing resources, company and customer data, mobile and tablet devices, and removable and external media storage devices.

Table of contents

1. Policy Scope
2. Acceptable Use and Security Requirements of Computing Resources
3. Unacceptable Use
   1. Unacceptable System and Network Activities
   2. Unacceptable Email and Communications Activities
4. Return of Parallel-Owned Assets
5. Policy Compliance
6. Related Documents and Handbook Entries

Policy Scope

This policy applies to all Parallel Markets team members, contractors, advisors and contracted parties interacting with Parallel Markets’ computing resources and accessing company or customer data.

Acceptable Use and Security Requirements of Computing Resources

Parallel-managed assets are provided to conduct Parallel business with consideration given for limited personal use. Our company uses global electronic communications and resources as routine parts of our business activities. It is essential that electronic resources used to perform company business are protected to ensure that these resources are accessible for business purposes and operated in a cost-effective manner, that our company’s reputation is protected and that we minimize the potential for legal risk.

Those receiving Parallel-provided assets are responsible for exercising good judgment when using Parallel-managed computers and accessing Parallel-managed data.

Unacceptable Use

Team members and contractors may not use Parallel-managed resources for activities that are illegal or prohibited under applicable law, no matter the circumstances.

Unacceptable System and Network Activities

Prohibited system and network activities include, but are not limited to, the following:

• Violations of the rights of any person or company protected by copyright, trade secret, patent or other intellectual property or similar laws or regulations.
• Unauthorized copying, distribution or use of copyrighted material.
• Exporting software, technical information, encryption software, or technology in violation of international or national export control laws.
• Intentional introduction of malicious programs into Parallel networks or any Parallel-managed computing device.
• Intentional misuse of any Parallel-managed computing device or Parallel networks (e.g. for cryptocurrency mining, botnet control, etc.).
• Sharing your credentials for any Parallel-managed computer or 3rd-party service that Parallel uses with others, or allowing use of your account or a Parallel-managed computer by others. This prohibition does not apply to single-sign-on or similar technologies, the use of which is approved.
• Using a Parallel computing asset to procure or transmit material that is in violation of sexual harassment policies or that creates a hostile workplace.
• Making fraudulent offers of products, items or services originating from any Parallel account.
• Intentionally accessing data or logging into a computer or account that the team member or contractor is not authorized to access, or disrupting network communication, computer processing or access.
• Executing any form of network monitoring that intercepts data not intended for the team member’s or contractor’s computer, except when troubleshooting networking issues for the benefit of Parallel.
• Circumventing user authentication or security of any computer host, network or account used by Parallel Markets.
• Given the potential sensitivity of the data contained in screenshot images, the use of tools that capture and share screenshots to hosted sites online is prohibited without the explicit approval of the Security and Legal Departments. Screenshots should be stored locally or within Google drive folders associated with your ParallelMarkets.com account.
• Allowing any other person to use your Parallel computing asset (Parallel-issued laptop, for example) for any reason. It is possible that someone could unwittingly visit a website with malvertising or one that takes advantage of a browser vulnerability. Hopefully, that risk is mitigated if you are careful to only visit sites that are work related (which can only be assured if you are the only person using company equipment issued to you).

Unacceptable Email and Communications Activities

Forwarding of confidential business emails or documents to personal external email addresses is prohibited.

Note: Parallel Markets may retrieve messages from archives and servers without prior notice if Parallel has sufficient reason to do so. If deemed necessary, this investigation will be conducted with the knowledge and approval of the Security and Legal Departments.

When utilizing social media think about the effects of statements that you make. Keep in mind that these transmissions are permanent and easily transferable, and they can affect our company’s reputation and relationships with team members and customers. When using social media tools like blogs, Facebook, Twitter or wikis, ensure that you do not make comments on behalf of Parallel Markets without proper authorization. Also, you must not disclose our company’s confidential or proprietary information about our business, our suppliers or our customers.

Return of Parallel-Owned Assets

All Parallel-owned computing resources must be returned upon separation from the company.

Policy Compliance

Compliance with this policy will be verified through various methods, including but not limited to, automated reporting, remote monitoring, audits and feedback to the policy owner.

Any team member or contractor found to be in violation of this policy may be subject to disciplinary action, up to and including termination of employment or contractual agreement.

Related Documents and Handbook Entries

See the pages on Devices, Processes and Data Protection for additional requirements for employees and contractors.