Article (7)
Effective from 27/4/2020When managing the website, the Company shall comply with the following:
- The Company shall establish an IT department that shall be responsible for the managing of the official website.
- The Company shall obtain the Authority's prior approval before assigning the management of the website to any other party, and must verify the compliance of the contracting party with the provisions of the Regulations herein and related legislation.
- The Company shall appoint of a Communication Officer with the organization to which the management of the website was outsourced. The Communication Officer’s responsibility shall - include but not limited to - monitoring the contents of the website, responding to the enquiries and requests of customers, verifying that the other party is adhering to application of the outsource contract terms and conditions, verifying the commitment and adherence of the other party to the Regulation hereunder and other related legislation.
- Companies and related professions shall regularly conduct tests for Illegal Access and assessing vulnerabilities for the website or smart application to guarantee the soundness of such and to fill any potential gaps (if any).
- Compliance with cyber security standards and requirements issued by the Competent Authorities, to protect data, systems and networks issued by the Competent Authorities.
- Take the necessary measures, adhere to the data confidentiality of customer and visitor, adhere to the laws related to privacy as soon as they are issued, and put in place the necessary technical measures to prevent the leak of customer or visitor data, whether such thing happened intentionally or unintentionally.