DIGITAL SECURITY & FRAUD PREVENTION POLICY

Golden Rule Ltd / Wyspa TV / Stars Night Awards

(applicable within England and Wales)

• 1. PURPOSE OF THE POLICY

This Digital Security & Fraud Prevention Policy (“Policy”) sets out the principles governing the protection of IT systems, data and digital processes of Golden Rule Ltd, in particular in relation to:

Ticket sales,
Online voting,
Processing of personal data,
Electronic communication,
Digital payments.
This Policy has been developed in accordance with:
Data Protection Act 2018
UK General Data Protection Regulation (UK GDPR)
Computer Misuse Act 1990
Fraud Act 2006
Bribery Act 2010
Applicable laws of England and Wales

• 2. SCOPE OF APPLICATION

This Policy applies to:

Directors,
Employees and contractors,
Jury members,
IT service providers,
Data processors acting on behalf of Golden Rule Ltd,
Technology partners.
Any person granted access to digital systems must exercise due care.

• 3. SYSTEM SECURITY

Golden Rule Ltd implements proportionate technical and organisational measures, including:

Secured servers and hosting infrastructure,
SSL certificates,
Strong passwords and restricted system access,
Access to data is limited to authorised persons only.
Regular software updates,
Traffic monitoring systems.
Access to administrative panels is restricted on a strict “need-to-know” basis.

• 4. PROTECTION OF THE VOTING PROCESS

To ensure the integrity of voting, Golden Rule Ltd may implement:

Email verification mechanisms,
IP address analysis,
Vote quantity limitations,
Traffic anomaly detection,
Anti-bot tools,
Manual audit of results.

Golden Rule Ltd reserves the right to:

Remove votes deemed fraudulent or unfair,
Disqualify a nominee in the event of manipulation,
Invalidate part or all of the voting process in case of digital interference.

• 5. PREVENTION OF PAYMENT FRAUD

To reduce financial fraud risks:

All transactions are processed via certified payment providers,
Suspicious transactions are monitored,
Acceptance of terms and conditions is recorded,
In the event of unjustified chargebacks, the Organiser may pursue recovery through legal means.
Fraudulent conduct may be reported to relevant financial institutions or law enforcement authorities in accordance with the Fraud Act 2006.

• 6. INCIDENT MANAGEMENT

In the event of a security breach:

Immediate access restriction shall be implemented.
A risk assessment shall be conducted.
Where required, the ICO shall be notified in accordance with UK GDPR (within 72 hours).
Affected individuals may be informed where there is a high risk to their rights and freedoms.

• 7. PROTECTION AGAINST CYBER ATTACKS

Golden Rule Ltd reserves the right to:

Block IP addresses generating abnormal traffic,
Restrict access to the website in the event of a DDoS attack,
Implement additional safeguards during periods of heightened risk.
Unauthorised access to systems may constitute a criminal offence under the Computer Misuse Act 1990.

• 8. TRAINING AND AWARENESS

Persons with access to systems are required to:

Maintain confidentiality of login credentials,
Refrain from sharing access details with third parties,
Avoid using unsecured networks for administrative purposes.

• 9. COOPERATION WITH THIRD PARTIES

IT providers and data processors must:

Ensure an adequate level of security,
Enter into a Data Processing Agreement (DPA),
Implement measures compliant with UK GDPR.

• 10. LIABILITY

Golden Rule Ltd shall not be liable for:

Disruptions caused by third-party providers,
Technical issues on the user’s side,
Loss of access resulting from improper device security by the user.
The Organiser’s liability is limited to the extent permitted by applicable law.

• 11. POLICY REVIEW

This Policy may be periodically updated to reflect technological or legal changes.

• 12. GOVERNING LAW

This Policy is governed by the laws of England and Wales.