Company Policies
-
In these Terms and Conditions, “you” and “your” refer to any person accessing or using the Website.
“We”, “us”, “our”, and “the Website” refer to the owner(s) and operator(s) of the Website.
Your access to and use of our website (the “Website”) is subject to the following terms and conditions, in addition to any and all applicable laws and regulations in the United Arab Emirates.
By accessing the Website, you agree to these terms and conditions, whether you are a registered user or not. Your browsing and use of the Website means you have unconditionally accepted these terms and conditions.
We reserve the right to amend the terms and conditions of use of this Website and you agree to be bound by these amendments. Please note that other websites and pages linked to this Website may be subject to separate terms and conditions. Please visit the respective websites to view their terms of conditions.
1. Conduct and Behaviour
You agree to access and use the Website for lawful purposes only, and to be fully responsible for your knowledge of and compliance with all laws, regulations, and rules regarding your use of the Website. Just by accessing the Website, you agree not to perform any of the following:
Use of the Website for the purpose of committing a crime or encouraging others to engage in any conduct that would lead to committing a crime or involves civil liability.
Publishing or posting of any unlawful content that includes discrimination, defamation, libel, slander, obscene material, pornographic material, or any other unlawful topic.
Use of the Website to impersonate other parties or entities.
Use of the Website to upload any material containing software virus, Trojans, or any other codes, files, or software that may alter, destroy, or stop the functions of the Website, devices, or software belonging to any other person who may access the Website.
Uploading, entering, emailing, or copying of any material you are not entitled to send under any law or contractual relationship.
Alteration, destruction, or deletion of any content posted on the Website.
Disruption or impedance of normal communication channels in any way possible.
Claiming of a relationship with or representation of any company, association, or organization without being authorized to do the same.
Posting or sending of any advertisements, unwanted marketing material, or any other form of promotion.
Posting of any materials which violate or interfere with the Intellectual Property Rights of others.
Collection or storage of the personal information of others.
2. Login
Some sections of the website are only available to logged users and/or allow users to request support or services online by entering personal information. You hereby agree that any information provided to use such sections is complete and accurate, that you will not log in or attempt to access the Website using the login information of another person, and that you will not adopt a username which we may deem inappropriate.
3. Termination of Access to the Website
We shall be entitled, in our sole discretion, to terminate or suspend your access to or use of this Website without any prior notice or warning, for any reason whatsoever, including the violation of the terms and conditions or any conduct or behaviour which we believe to be, in our sole discretion, unlawful or harmful to others.
In the event of termination of use, you will not be allowed to access the Website again, and we will use the right to resort to any means possible to implement such termination.
4. Content
We reserve the right to monitor any content you add. However, we are not obligated to do so. Although we cannot monitor everything entered on the Website, we reserve the right (without obligation) to delete, remove, or edit any material entered that violates these terms and conditions.
The UAE and foreign copyright laws and international treaties protect the contents of this Website. You agree to be bound by copyright notices that appear on this Website.
4. Indemnification
You agree to indemnify, defend, and hold the Website and all of its, shareholders, directors, employees and agents harmless from and against any and all liability, including attorneys' fees and costs, incurred in connection with any claim arising out of any breach by you of these Terms and Conditions. You hereby undertake to fully cooperate in the defence of any such claim.
5. Limitation of Liability
Under no circumstances whatsoever, will we be liable for any accidental, indirect, special, or punitive damages that may arise as a result of your use or inability to use the Website, including but not limited to the loss of income or expected profits, loss of reputation, loss of business, loss of data, computer malfunction, or any other damages.
6. Intellectual Property
Unless otherwise stated, all Intellectual Property Rights (including trademarks and copyrights) found on this Website are either owned, controlled, or licensed by us. As such, the act of consolidation and arrangement of all content on the Website is our sole property and is protected by copyright laws. We retain all Intellectual Property Rights in all materials on the Website. The names, trademarks, and logos found on the Website and in the materials therein are owned and licensed by us unless otherwise stated. The use of these trademarks is prohibited without permission from us.
-
This Cyber Security Policy includes guidelines and provisions for security measures to help mitigate cyber security risk. It applies to all company employees, contractors, volunteers, and anyone who has permanent or temporary access to the company’s systems and hardware.
CONFIDENTIAL DATA
Confidential data is valuable and is to be kept secret. Company confidential data includes:
Unpublished financial information
Data of customers/partners/vendors
Patents, formulas or new technologies
Customer lists (existing and prospective)
All employees are obliged to protect this data.
PROTECT PERSONAL AND COMPANY DEVICES
When employees use their digital devices to access company emails or accounts, they introduce security risk to company data. Employees are to keep both their personal and company-issued computer, tablet and cell phone secure. To keep these devices secure:
Keep all devices password protected.
Choose and upgrade a complete antivirus software.
Do not leave devices exposed or unattended.
Install security updates of browsers and systems monthly or as soon as updates are available.
Log into company accounts and systems through secure and private networks only.
Employees are advised to avoid accessing internal systems and accounts from other people’s devices or lending their own devices to others.
When new hires receive company-issued equipment, they will receive instructions for:
Disk encryption setup
Password management tool setup
Installation of antivirus/anti-malware software
Employees are to follow instructions to protect their devices and refer to company Security Specialists/Network Engineers with any questions.
SAFEKEEPING EMAILS
Emails can host scams and malicious software. To avoid virus infection or data theft, employees must:
Avoid opening attachments and clicking on links when the content is not adequately explained (e.g. “Watch this video, it’s amazing.”)
Be suspicious of clickbait titles (e.g. offering prizes, advice).
Check email and names of people they received a message from to ensure they are legitimate.
Look for inconsistencies or giveaways (e.g. grammar mistakes, capital letters, excessive number of exclamation marks).
If an employee isn’t sure that an email they received is safe, they can refer to the company Security Specialists.
MANAGING PASSWORDS
Password leaks are dangerous, since they can compromise the company’s entire infrastructure. Not only should passwords be secure so they will not be easily hacked, but they should also remain secret. For this reason, employees are to:
Choose passwords with at least eight characters (including capital and lower-case letters, numbers and symbols) and avoid information that can be easily guessed (e.g. birthdays).
Remember passwords instead of writing them down. If employees need to write their passwords, they are obliged to keep the paper or digital document confidential and destroy it when their work is done.
Exchange credentials only when necessary. When exchanging them in-person is not possible, employees should prefer the phone instead of email, and only if they personally recognize the person they are talking to.
Change their passwords every two months.
The company will purchase the services of a password management tool which generates and stores passwords. Employees are obliged to create a secure password for the tool itself, following the abovementioned advice.
DATA TRANSFERS
Transferring data introduces security risk. Employees must:
Avoid transferring sensitive data (e.g. customer information, employee records) to other devices or accounts unless absolutely necessary. When mass transfer of such data is needed, we request employees to ask the company’s Security Specialists for help.
Share confidential data over the company network/system and not over public Wi-Fi or private connection.
Ensure that the recipients of the data are properly authorized people or organizations and have adequate security policies.
Report scams, privacy breaches and hacking attempts.
Company Security Specialists/Network Engineers need to know about scams, breaches and malware so they can better protect our infrastructure. For this reason, we advise our employees to report perceived attacks, suspicious emails or phishing attempts as soon as possible to our Security Specialists/Network Engineers, who must investigate promptly, resolve the issue and send a companywide alert when necessary.
Security Specialists are responsible for advising employees on how to detect scam emails. We encourage our employees to reach out to them with any questions or concerns.
ADDITIONAL MEASURES
To reduce the likelihood of security breaches, we also instruct our employees to:
Turn off their screens and lock their devices when leaving their desks.
Report stolen or damaged equipment as soon as possible to [HR/IT Department].
Change all account passwords at once when a device is stolen.
Report a perceived threat or possible security weakness in company systems.
Refrain from downloading suspicious, unauthorized or illegal software on their company equipment.
Avoid accessing suspicious websites.
We also expect our employees to comply with our social media and internet usage policy.
Company Security Specialists should:
Install firewalls, anti malware software and access authentication systems.
Arrange for security training for all employees.
Inform employees regularly about new scam emails or viruses and ways to combat them.
Investigate security breaches thoroughly.
Follow these policies provisions as other employees do.
Our company will have all physical and digital shields to protect information.
REMOTE EMPLOYEES
Remote employees must follow the Cyber Security Policy. As remote employees will be accessing the company’s accounts and systems from a distance, they are obliged to follow all data encryption, protection standards and settings, and ensure their private network is secure.
Remote employees are encouraged to seek advice from company Security Specialists/IT Administrators.
DISCIPLINARY ACTION
All employees are to always follow this policy, and those who cause security breaches may face disciplinary action:
First-time, unintentional, small-scale security breach: the company may issue a verbal warning and train the employee on security.
Intentional, repeated or large-scale breaches (which cause severe financial or other damage): the company will invoke more severe disciplinary action up to and including termination.
Each incident will be examined on a case-by-case basis.
Additionally, employees who are observed to disregard the company’s security instructions will face progressive discipline, even if their behavior has not resulted in a security breach.
-
Craighead Kellas (the “Company”) holds an exclusive ownership right of all content, information, logos, trade names, texts, icons, graphics, software, source code and pictures displayed on www.craigheadkellas.com (the “Website”) or any of its webpages. Content of the Website is protected and safeguarded by copyright, design, patent, and trademark laws as applicable in the United Arab Emirates (the “Applicable Laws”). We reserve the right to claim damages for infringement of our intellectual property rights.
1. Copyright
Except as authorized by the Applicable Laws, visitors to the Website shall not copy, sell, rent, reproduce, distribute, modify or publish the content and/or information available without obtaining previous written consent from the Company.
Any visitor who exercises unauthorized use of the content and/or information of the Website may be subject to penalties, and injunctions. His/her infringing content and/or information may also be confiscated and destroyed by the competent authority.
We reserve the right to claim compensation for infringement of our moral and economic rights.
2. Trademarks
The Company retains all ownership rights of its trademarks.
Forging, counterfeiting, and using an identical or confusingly similar logo to the logo of the Website for sale of goods and/or services or any other commercial purpose is strictly prohibited. Individuals who violate trademarks shall be subject to penalties under the Applicable Laws. We shall seek all and any legal remedies available to remedy the infringement of our trademarks.
We possess the right to review, modify, update, or delete any content and/or information available on the Website without incurring any liability.
If you wish to obtain a license to use any intellectual property rights of the Company, you shall email us at enquiries@craigheadkellas.com.
-
This document provides guidelines for resolution and the treatment of complaints made by our customers. Each employee is responsible for reviewing the elements of the policy below. Also, the employee’s signature is required to confirm the reading of the organization’s policy.
POLICY STATEMENT
At Craighead Kellas, we believe that if a customer wishes to file a complaint or express dissatisfaction, it should be easy for them to do so. It is Craighead Kellas's policy to receive complaints and consider them as an opportunity to learn, adapt, improve and provide better service.
In addition, a quick resolution of complaints, in a way that respects and values the person’s feedback, can be one of the most important factors in recovering the person’s confidence about a product/service offered by the company. It can also help prevent further escalation of the complaint. A responsive, efficient, effective and fair complaint management system can assist an organization to achieve this.
The purpose of this policy is to ensure that complaints are handled properly and that all customer complaints or comments are taken seriously. This organization expects staff at all levels to be committed to fair, effective and efficient complaint handling.
PURPOSE
This policy is intended to ensure that Craighead Kellas handles complaints fairly, efficiently and effectively. The company's objective is to ensure that its complaints procedure is properly and effectively implemented, and that complainants feel confident that their complaints and worries are listened to and acted upon promptly and equitably.
Our complaint management system aims to:
allow us to respond to questions raised by people who file complaints in a timely and cost-effective manner
increase customer confidence in our administrative process, and
provide information that we can use to improve the quality of our products [if applicable], services, personnel and complaint handling.
This policy provides guidance to our staff and to individuals who wish to file a complaint about the key principles and concepts of our complaint management system.
SCOPE
This policy applies to all staff receiving or managing complaints from customer made to or about us, regarding our products, services, staff and complaint handling.
WHAT IS A COMPLAINT?
A complaint is any expression of dissatisfaction about the product/services offered by Craighead Kellas or its staff or the action or lack of action taken regarding operations, facilities or services provided by Craighead Kellas or by a person or body acting on behalf of the Company.
A formal complaint means a complaint that has not been successfully resolved through the Complaint Management Process as outlined in this policy. The complainant has chosen to formalize the complaint by completing a Complaint form.
An informal complaint means a complaint that has been received by Craighead Kellas, by telephone, email, regular mail or in person, which has not been submitted on a Complaint Form.
All non-anonymous complaints filed necessitate a response.
COMPLAINT MANAGEMENT SYSTEM
a) Oral Complaints
Craighead Kellas employees who receive a verbal complaint should try to resolve the issue immediately if possible. If staff cannot resolve the problem immediately, they should offer to refer it to the Complaint Manager for resolution. The complaints manager will be the named person who deals with the complaint through the process. When staffs or managers receive an oral complaint, both should listen sincerely to the concerns raised by the complainant. Any contact with the complainant must be polite, courteous and sympathetic. At all times, staffs and managers must remain calm and respectful.
After discussing the problem, each manager or staff member handling the complaint should suggest an action plan to resolve the complaint. If this action plan is acceptable, the staff member should clarify the agreement with the complainant and agree on a way in which the results of the complaint will be communicated to the complainant (i.e. by another meeting or letter).
If the proposed action plan is not acceptable to the complainant, the staff member or manager should ask the complainant to make his or her complaint in writing to Craighead Kellas and provide a copy of the procedure and complaint form to be completed.
In both situation, details of the complaint should be recorded on a complaint form.
b) Written Complaints
When a complaint is received in writing, it must be forwarded to the designated Complaint Manager, who must enter it in the Complaint Register and send an acknowledgment receipt within twoworking days in order to establish a relationship of confidence with the person who filed the complaint.
If necessary, further clarification should be obtained from the complainant. If the complaint is not made by the customer but on his behalf, the customer's consent, preferably in writing, must be obtained in advance from the customer.
After receiving the complaint letter, a copy of the complaint procedure must be given to the customer. Clearly explain to the complainant the complaint process, the time it can take and realistic expectations.
Immediately on receipt of the complaint Craighead Kellas should launch an investigation and within five workingdays should be in a position to provide a full explanation to the complainant, either in writing or by arranging a meeting with the individuals concerned.
Compliant Manager must record all relevant information about the complaint and keep it as simple and accurate as possible.
If the complaint raises potentially serious concerns, legal advice should be obtained. If legal action is taken at this stage, any investigation by Craighead Kellas under the complaint procedure should cease immediately.
If the issues are too complex for the investigation to be completed within five working days, the complainant should be informed of any delays.
If a meeting is organized, the complainant may, if he or she wishes, be accompanied by a friend, relative or representative, such as a lawyer.
At the meeting, a detailed explanation of the results of the investigation should be given and an apology should also be made if deemed appropriate. This type of meeting gives Craighead Kellas the opportunity to show the complainant that the matter has been taken seriously and has been thoroughly investigated.
Finally, the results of the survey and meeting should be documented and any weaknesses in Craighead Kellas's procedures should be identified and modified.
ROLE OF MANAGER
The manager who receives a complaint will evaluate the information to determine whether it falls within the scope of this policy. If so, the manager will collect and review all available information and attempt to resolve the issue informally through discussions with the complainant. The manager may choose to use human resources or other resources as required, if they require assistance or advice. Managers are required to involve their departmental human resources representative before taking any disciplinary action against employees. Managers must ensure that all staff involved in resolving the complaint are aware of their responsibility to maintain the confidentiality of the matter and to respect the privacy rights of all parties involved.
Informal complaint files
Details of informal complaints should be noted as soon as possible and may include information such as when, where and how the alleged issue giving rise to the complaint occurred, who was involved and the names of potential witnesses. These notes may be required if a formal complaint is filed. Complaints that are resolved amicably to the complainant's satisfaction will not be followed up. However, all records relating to the resolution of informal complaints must be kept within each department in accordance with current policies and by-laws. Any disciplinary action resulting from an informal complaint will be maintained in accordance with established human resources procedures and policies.
Unresolved complaints
If the problem cannot be resolved amicably or if the complainant requests a formal investigation into the alleged misconduct, he or she must submit a formal complaint form.
-
INTRODUCTION
Craighead Kellas is committed to protecting the privacy and confidentiality of personal data collected or processed during its business operations. This Data Privacy Policy outlines the principles and practices that govern the collection, use, and disclosure of personal data by the Company.
SCOPE
This Policy applies to all employees, contractors, vendors, and third parties who collect, use, or process personal data on behalf of the Company. It also applies to all personal data collected from customers, clients, partners, and other individuals.
PERSONAL INFORMATION COLLECTION
We may collect personal information, such as name, address, email, phone number, and job title, from customers, employees, and stakeholders. We collect personal information through various channels, such as our website, email, phone, and in-person interactions. We may also collect personal information from third-party sources, such as service providers and business partners.
USE OF PERSONAL INFORMATION
The Company will only use personal data for the purposes for which it was collected or as otherwise permitted by applicable laws and regulations. Personal data may be used for, but not limited to, the following purposes:
Providing products or services requested by individuals;
Communicating with individuals about products, services, or other business-related matters;
Conducting market research, analytics, and improving business operations;
Managing and administering employee or contractor relationships;
Complying with legal or regulatory requirements;
Protecting the rights and interests of the Company or its customers.
DISCLOSURE
The Company may share personal data with third parties for legitimate business purposes, including but not limited to, service providers, vendors, contractors, and business partners. Personal data may also be disclosed to comply with legal or regulatory requirements, or in response to lawful requests from public authorities. The Company will take appropriate measures to ensure that third parties receiving personal data are bound by confidentiality obligations and provide adequate protection to the personal data.
DATA RETENTION
Personal data will be retained for as long as necessary to fulfill the purposes for which it was collected or as required by applicable laws and regulations. When personal data is no longer needed, it will be securely disposed of or anonymized, unless otherwise required by law.
DATA SECURITY AND PROTECTION
Craighead Kellas is committed to maintaining the security and confidentiality of personal data. Appropriate technical, organizational, and administrative measures will be implemented to protect against unauthorized access, loss, or misuse of personal data. Employees, contractors, and third parties who have access to personal data will be trained and required to comply with the Company's data privacy and security policies.
We take appropriate technical and organizational measures to protect personal information from unauthorized access, use, disclosure, alteration, or destruction. We limit access to personal information to authorized employees and third-party service providers who need to know the information to perform their duties. We regularly review and update our security measures to ensure they are effective and appropriate.
RIGHTS
Individuals have the right to access, correct, and delete their personal information, as well as the right to object to the processing of their personal information. Individuals may exercise these rights by contacting our organization's privacy officer at office@craigheadkellas.com. We will respond to all requests in accordance with applicable data protection laws.
POLICY UPDATES
This Data Privacy Policy may be updated from time to time to reflect changes in business operations, legal or regulatory requirements, or industry best practices. The updated Policy will be communicated to employees, contractors, and other relevant parties, and will be made available on the Company's website or other communication channels.
COMPLIANCE
Compliance with this Data Privacy Policy is mandatory for all employees, contractors, and third parties who collect, use, or process personal data on behalf of the Company.
CONTACT
Any questions about this Policy should be referred to Mike Innes (mai@craigheadkellas.com), who is in charge of administering, enforcing and updating this Policy.