Last updated: 2025-05-08
This Acceptable Use Policy defines rules and responsibilities for the appropriate use of digital systems, networks, devices, and services provided by Le Régent International School. It aims to promote a secure, respectful, and legally compliant digital environment for all members of the school community.
This policy applies to all users accessing school IT systems, including but not limited to staff, students, contractors, and guests. It covers all digital resources provided or accessed through school infrastructure, whether used on or off premises.
- 💼 Use IT systems only for legitimate educational or professional purposes.
- 📜 Comply with Swiss law, including data protection laws (LPD, GDPR) and cantonal regulations.
- ✅ Agree to this policy by using school IT resources.
All users are responsible for maintaining the security of their network accounts, devices, and passwords.
✔️ Password Requirements:
- Must be at least 12 characters long.
- Must include a combination of lowercase and uppercase letters, numbers, and special characters.
- Must be changed every 180 days (for staff and students).
- Multi-Factor Authentication (MFA) is mandatory for staff and strongly encouraged for students.
🚨 Users must:
- Keep login credentials confidential and never share passwords.
- Log out of shared devices when finished using them.
- Lock or shut down devices when unattended.
- Use only their assigned accounts and never attempt to access another user’s account.
- Access is granted according to the principle of least privilege.
- Requests for elevated access must be justified and approved.
- Temporary access must be clearly scoped and time-bound.
- Account activity is monitored to detect anomalies or misuse.
- Inactive or compromised accounts may be disabled.
Users may NOT:
- ❌ Use IT resources for illegal, harassing, discriminatory, obscene, or defamatory purposes.
- 📥 Download, share, or distribute copyrighted content without proper rights.
- 🧑💻 Attempt to bypass or disable security features or gain unauthorized access.
- 💳 Subscribe to paid or external services without prior approval.
- 🧱 Access or distribute inappropriate web content.
- 💡 Always act respectfully and responsibly online.
- 📌 Treat digital interactions as extensions of in-person conduct standards.
- Only connect to the school’s Guest Network.
- Ensure personal devices are fully updated and protected by security software.
- Do not attempt to access internal systems or services unless explicitly authorized.
- Avoid use of unauthorized applications or syncing tools.
- Use Google Drive or secure email to transfer school-related data.
¶ 🔹 Data Handling Principles
- 👁️ Access only data for which you are authorized.
- 🎯 Collect and process personal data for lawful, limited, and specific purposes.
- 📉 Avoid over-collection or unnecessary duplication of personal data.
- 🔐 Encrypt communications involving sensitive or confidential data.
- 🧹 Regularly review and delete outdated or unnecessary data.
- 🧾 Ensure compliance with data protection laws (LPD, GDPR).
- Use email and messaging systems professionally and respectfully.
- Do not send offensive, spam, or chain messages.
- Never use school systems for mass mailings without permission.
- Do not open suspicious links or attachments.
- Report phishing or suspect communications to IT Support.
- Encrypt sensitive emails when possible.
- Use the internet primarily for educational or professional activities.
- Occasional personal browsing is permitted if it does not disrupt network operations.
- Visiting inappropriate websites (e.g., violent, adult, hate content).
- Streaming or downloading large media files for personal use.
- Bypassing content filters or network controls.
- Devices issued by the school must be used responsibly and remain in good condition.
- 🔁 Return all devices when changing role or leaving the school.
- 📣 Report theft, loss, or damage immediately.
- 💸 The school or the user will assume responsibility for repairing or replacing the equipment. Any loss or theft must be reported promptly so that access to sensitive data or systems can be secured. Any costs incurred to repair or replace the hardware will be billed to the user. In the event of negligence or non-compliance with this policy, additional sanctions may apply.
- Suspicious emails, system anomalies, security breaches.
- Lost or stolen devices.
- Internet and system use is logged.
- Monitoring ensures system performance and legal compliance.
- Monitoring is proportional, justified, and respects user privacy under Swiss law.
- Mandatory training for staff and students on IT security and safe digital behavior.
- Refresher courses provided regularly.
- Disciplinary action (access restrictions, warnings, suspension, or legal consequences).
- Determined based on severity, intent, and recurrence.
- 📌 Director General: Policy oversight.
- 🖥️ IT Department: Day-to-day enforcement, support, and updates.
- 👥 All Users: Must comply and report issues.
- 🗓️ This policy is reviewed at least once a year.
- Last update: 2025-05-08
| Date |
Version |
Changes |
| 2025-01-29 |
v1.0 |
Previous official version PDF |
| 2025-05-08 |
v2.0 |
✳️ Full rewrite with clearer structure and icons |
🔒 Strengthened account and data security
📥 Tighter rules on personal and shared devices
📬 Added incident reporting and update tracking |
If you witness or suspect a violation of this policy:
- 📧 Email: itsupport@regentschool.ch
- 🧾 Describe what happened, when, and how it was discovered.
- 🚫 Do NOT delete any relevant files or communications.
- 🧍♂️ Your identity will be protected when reporting in good faith.