Company Policies

Data Protection and Privacy Policy

Introduction

Wapmass Group, operating across multiple jurisdictions (UK, Ghana, and Nigeria), processes a significant amount of personal and sensitive data. This policy is designed to ensure compliance with international and regional data protection laws, including but not limited to the General Data Protection Regulation (GDPR) for European users, the Data Protection Act (UK), and regional laws in Ghana and Nigeria. This policy sets the foundation for the lawful, transparent, and secure handling of personal data by all Wapmass Group employees, contractors, and third-party partners.

1. Purpose

The purpose of this policy is to ensure that Wapmass Group meets its obligations under applicable data protection laws and adheres to best practices for data privacy. By following this policy, Wapmass protects the rights of data subjects (clients, students, employees) and ensures that the personal data processed by the company is handled securely and lawfully. This policy aims to minimize the risk of data breaches and non-compliance with regulatory obligations.

2. Scope

This policy applies to all employees, contractors, partners, and service providers handling personal data as part of their role in Wapmass Group, regardless of the location in which they operate (UK, Ghana, Nigeria, or elsewhere). It covers all aspects of data processing, including collection, usage, transfer, storage, and destruction of personal data.

3. Data Collection and Processing Principles

Wapmass Group commits to the following principles when handling personal data:

•   Lawfulness, Fairness, and Transparency: Personal data must be processed fairly, lawfully, and in a transparent manner. All data subjects must be informed of how their data is being collected, processed, and for what purpose.
•   Purpose Limitation: Data should only be collected for specified, explicit, and legitimate purposes. It must not be further processed in a manner that is incompatible with those purposes.
•   Data Minimization: Wapmass Group will only collect the data that is necessary for the intended purposes.
•   Accuracy: The personal data collected must be kept accurate and up to date. Wapmass will take every reasonable step to ensure that inaccurate data is rectified without delay.
•   Storage Limitation: Data must not be retained longer than necessary. Wapmass will develop a data retention schedule for all categories of data processed by the company.
•   Integrity and Confidentiality: Data must be processed in a manner that ensures its security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

4. Legal Basis for Processing Personal Data

Wapmass Group ensures that personal data is processed only where a valid legal basis applies. The legal bases include:

•   Consent: Data is processed based on the consent provided by the data subject, such as when a student enrolls in Wapmass Academy.
•   Contractual Necessity: Data is processed as necessary for the performance of a contract to which the data subject is a party, such as employee contracts or client service agreements.
•   Legal Obligations: Data processing may be required to comply with legal obligations in jurisdictions where Wapmass operates (e.g., compliance with UK GDPR).
•   Legitimate Interests: Processing is necessary for the legitimate interests of Wapmass, provided that these interests are not overridden by the data subject’s rights and interests.

5. Rights of Data Subjects

Wapmass Group recognizes and respects the rights of individuals whose data is processed by the company. These rights include:

•   Right to Access: Data subjects have the right to access their personal data and obtain information about how it is processed.
•   Right to Rectification: Individuals have the right to correct inaccurate or incomplete data.
•   Right to Erasure: In certain circumstances, data subjects can request the deletion of their data (right to be forgotten).
•   Right to Restriction of Processing: Data subjects can request that the processing of their data be restricted under specific conditions.
•   Right to Data Portability: Individuals have the right to receive their personal data in a structured, commonly used format and transfer it to another controller.
•   Right to Object: Data subjects can object to the processing of their personal data, particularly in cases of direct marketing.
•   Automated Decision-Making and Profiling: Data subjects have the right not to be subject to decisions based solely on automated processing, including profiling.

6. Data Security Measures

To ensure the security of personal data, Wapmass Group employs the following measures:

•   Encryption: All sensitive personal data is encrypted both in transit and at rest using industry-standard encryption protocols.
•   Access Control: Access to personal data is restricted to authorized personnel only. Wapmass ensures that employees only have access to data necessary for their job role.
•   Regular Audits: Wapmass conducts regular security audits to evaluate the effectiveness of its data protection policies and procedures.
•   Incident Response: A structured incident response plan is in place to address any data breaches, including prompt notification to the affected parties and relevant authorities within 72 hours of discovery.
•   Physical Security: For any physical data centers used by Wapmass, strict access control and monitoring procedures are implemented to prevent unauthorized access.

7. Data Transfer and Sharing

Wapmass Group ensures that personal data is not transferred to third-party organizations unless the recipient has adequate security measures in place. Where transfers involve personal data moving outside the UK, Ghana, or Nigeria, the following measures will be taken:

•   International Data Transfers: Transfers to countries outside the UK or EEA will only occur where adequate safeguards, such as Standard Contractual Clauses (SCCs) or Binding Corporate Rules (BCRs), are in place.
•   Third-Party Processors: Any third-party processors engaged by Wapmass must sign a data processing agreement that complies with GDPR and other relevant data protection laws.

8. Data Retention and Disposal

Wapmass Group retains personal data only for as long as necessary to fulfill the purposes for which it was collected. A clear data retention schedule is maintained, ensuring:

•   Retention Periods: Different categories of data are subject to specific retention periods. For instance, financial data may be retained for seven years as per legal obligations, while marketing data is kept for the duration of consent validity.
•   Data Disposal: When personal data is no longer required, Wapmass securely disposes of it. Electronic records are permanently deleted, and physical records are shredded using certified destruction methods.

9. Training and Awareness

All employees and contractors handling personal data must undergo mandatory data protection training. This training covers:

•   Understanding GDPR and Regional Laws: Employees will be trained on how GDPR, the UK Data Protection Act, and other applicable laws impact Wapmass’s operations.
•   Recognizing Security Threats: Employees will be educated on recognizing and mitigating potential data security threats such as phishing attempts or social engineering.
•   Breach Reporting Procedures: Clear guidelines on how to report suspected or actual data breaches promptly.

10. Data Breach Notification Procedure

In the event of a data breach, Wapmass Group follows a structured procedure to minimize harm:

•   Step 1: Immediate internal reporting to the Data Protection Officer (DPO) or designated team.
•   Step 2: Investigation of the breach to determine the scope, cause, and affected data subjects.
•   Step 3: Notification to the relevant data protection authority within 72 hours of the breach, if required.
•   Step 4: Notification to affected individuals, detailing the nature of the breach, data affected, and measures taken.
•   Step 5: Review and improvement of internal procedures to prevent future incidents.

11. Responsibilities and Compliance

The Data Protection Officer (DPO) is responsible for ensuring the compliance of Wapmass Group with this policy and relevant data protection regulations. Employees are required to sign off on this policy upon completion of their training to ensure they understand and comply with the guidelines.

Failure to adhere to this policy may result in disciplinary action, including termination of employment or contract.

12. Policy Review

This policy will be reviewed annually or in response to significant regulatory changes, incidents, or changes in business practices. Any updates will be communicated to all employees and stakeholders.

This Data Protection and Privacy Policy has been developed and endorsed by Samuel Ofunwa, Director of Wapmass Group, on behalf of the Wapmass International Board.

Completion Sign-Off
Employees must complete this module and confirm their understanding of the Data Protection and Privacy Policy. By signing off, they agree to comply with the requirements outlined in the policy and acknowledge the consequences of non-compliance.

Information Security Policy

Introduction

The Information Security Policy of Wapmass Group is designed to protect the confidentiality, integrity, and availability of all information assets owned or controlled by the organization. This policy outlines the responsibilities of employees, contractors, and third-party partners in safeguarding sensitive information and ensuring compliance with relevant security standards, including ISO/IEC 27001, GDPR, and regional regulations in the UK, Ghana, and Nigeria.

Information security is a critical concern for a remote-first organization like Wapmass Group, which handles vast amounts of digital data across various regions and industries, including education (Wapmass Academy), healthcare (domiciliary care services), IT solutions, and talent management. This policy serves as a foundation for maintaining secure operations across all branches.

1. Objectives

The key objectives of the Information Security Policy are to:

•   Ensure the Confidentiality of Information: Prevent unauthorized access to personal, proprietary, or confidential data.
•   Ensure the Integrity of Information: Safeguard data accuracy and completeness, ensuring that data is not altered by unauthorized personnel.
•   Ensure Availability of Information: Maintain the availability of critical systems and data when needed, ensuring business continuity in the event of disruptions.
•   Compliance: Ensure adherence to applicable international and regional laws, including GDPR, the UK Data Protection Act, and cybersecurity regulations in Ghana and Nigeria.

2. Scope

This policy applies to all employees, contractors, partners, and any external parties who have access to Wapmass Group’s information assets. The policy covers all aspects of information security, including but not limited to:

•   Data systems and infrastructure
•   Network security
•   Endpoint security (laptops, mobile devices, etc.)
•   Access control and identity management
•   Data storage, both cloud-based and on-premises
•   Incident reporting and management

3. Information Classification

To ensure proper handling of information, all data handled by Wapmass Group is classified into the following categories:

•   Confidential: Information that, if disclosed, could harm Wapmass, its employees, or its clients. Examples include personally identifiable information (PII), financial data, and intellectual property.
•   Internal Use Only: Information intended for use within Wapmass Group but that would not have a severe impact if disclosed. This includes operational procedures, non-public business information, and internal communications.
•   Public: Information that is publicly available and does not pose a security risk if shared externally. Examples include marketing materials and public course offerings.

Employees must handle information based on its classification, ensuring that proper access controls and security measures are applied.

4. Access Control and Authentication

To maintain secure access to Wapmass Group’s systems and data, the following access control measures are in place:

•   Role-Based Access Control (RBAC): Employees are only granted access to the data and systems necessary for their specific job roles. Permissions are regularly reviewed and adjusted as needed.
•   Multi-Factor Authentication (MFA): MFA is mandatory for accessing critical systems, including cloud services, employee portals, and any remote work platforms.
•   Password Policy: Employees must follow strict password guidelines, including using complex passwords, changing passwords regularly, and never reusing passwords across systems.
•   Privileged Access Management: Access to sensitive or administrative functions (e.g., system configuration, database management) is limited to a small group of authorized personnel. Such access is closely monitored and audited.

5. Data Encryption

Wapmass Group ensures that all sensitive data, both at rest and in transit, is protected through encryption. The following encryption standards are enforced:

•   Data at Rest: All confidential and internal-use data stored on Wapmass servers or cloud infrastructure must be encrypted using AES-256 encryption or equivalent. This includes backup data and archived files.
•   Data in Transit: Any data transmitted over public networks, such as the internet, must be encrypted using secure protocols such as TLS (Transport Layer Security) or SSL (Secure Socket Layer).

Employees are prohibited from sending unencrypted sensitive data over unsecured channels, including email and messaging applications.

6. Network Security

To protect Wapmass Group’s digital infrastructure from external and internal threats, the following network security measures are implemented:

•   Firewalls and Intrusion Detection: All network traffic is monitored by firewalls and intrusion detection/prevention systems (IDS/IPS) to identify and block suspicious activities.
•   Virtual Private Networks (VPNs): Remote employees are required to use a VPN to securely connect to Wapmass Group’s network. This ensures that data is encrypted and protected from interception.
•   Segmentation: Critical systems are isolated from public networks through network segmentation, reducing the risk of exposure in the event of a security breach.
•   Regular Patching: Wapmass IT teams regularly apply security patches and updates to all systems and applications to mitigate known vulnerabilities.

7. Endpoint Security

With Wapmass Group’s remote workforce relying on various devices, ensuring endpoint security is critical. The following policies apply to all company-issued devices and personal devices used for work purposes:

•   Device Security Software: All devices (laptops, smartphones, tablets) must have up-to-date antivirus, antimalware, and firewall software installed. These tools are essential for detecting and mitigating security threats.
•   Device Encryption: Employees must ensure that any device used to store or access sensitive company information is encrypted. For example, laptops and mobile devices should be encrypted using whole-disk encryption.
•   Remote Wipe Capability: In case a device is lost or stolen, Wapmass Group requires that remote wipe capabilities be enabled. This ensures that company data can be erased remotely, preventing unauthorized access.
•   Device Monitoring: Wapmass IT teams will monitor endpoints for unusual activity or potential breaches. Employees are required to consent to monitoring as a condition of using company devices or accessing company systems from personal devices.
•   Personal Device Usage: Employees who use their personal devices for work must follow the same security protocols as company-issued devices. This includes using secure networks, enabling encryption, and adhering to company policies on data storage and transmission.

8. Data Backup and Recovery

Wapmass Group ensures the protection of its critical business data through regular backups and a robust disaster recovery plan. The following measures are part of this effort:

•   Automated Backups: Data is automatically backed up on a regular schedule (daily for critical systems and weekly for other systems). Backups are stored in secure, encrypted environments, both on-premises and in the cloud.
•   Offsite Backup Storage: In addition to local backups, Wapmass Group uses geographically dispersed offsite backup locations to protect against regional disasters, such as natural disasters or cyberattacks that target local infrastructure.
•   Disaster Recovery Testing: The disaster recovery plan, including the restoration of backups, is tested at least twice a year to ensure that data can be recovered quickly and accurately in the event of a system failure or data loss incident.
•   Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs): For mission-critical systems, Wapmass aims to have an RTO of 4 hours and an RPO of 1 hour, ensuring minimal data loss and system downtime.

9. Security Incident Management

In the event of a security incident, Wapmass Group follows a structured and well-documented incident response process to mitigate damage and prevent recurrence. The incident management plan includes:

•   Incident Reporting: All employees are required to report suspected security incidents (e.g., phishing attacks, unauthorized data access, malware infections) to the IT security team immediately through the designated incident reporting system.
•   Incident Response Team (IRT): Wapmass maintains an IRT comprising IT security experts, legal advisors, and relevant departmental leads. This team is responsible for assessing the severity of the incident, containing the issue, and initiating recovery efforts.
•   Investigation and Documentation: Each incident is thoroughly investigated to determine its root cause. A detailed report is prepared documenting the nature of the incident, the actions taken, and recommendations for preventing similar incidents in the future.
•   Notification of Affected Parties: If personal data is compromised, Wapmass will notify the affected individuals and relevant data protection authorities within 72 hours, as required by GDPR and other applicable laws.
•   Post-Incident Review: Following a security incident, a formal review is conducted to evaluate the effectiveness of the response and to identify any gaps in the current security protocols. Changes are implemented based on the lessons learned.

10. Compliance with Legal and Regulatory Requirements

Wapmass Group is committed to ensuring that its information security practices comply with all applicable laws and regulations. This includes:

•   GDPR Compliance: As part of its operations in the UK and EU, Wapmass ensures compliance with the GDPR, including data breach notification requirements, data subject rights, and the appointment of a Data Protection Officer (DPO).
•   Nigerian Data Protection Regulation (NDPR): For operations in Nigeria, Wapmass adheres to the NDPR, which governs the collection, processing, and storage of personal data within Nigeria.
•   UK Data Protection Act 2018: As a UK-based company, Wapmass complies with the UK Data Protection Act, which incorporates GDPR provisions and additional UK-specific requirements.
•   Ghana Data Protection Act 2012: Wapmass complies with Ghana’s data protection laws, which require data controllers and processors to register with the Data Protection Commission and follow strict guidelines for processing personal data.

11. Security Awareness and Training

Security awareness is essential for preventing breaches caused by human error. Wapmass Group requires all employees and contractors to undergo mandatory information security training at least annually. The training covers:

•   Recognizing Phishing Attacks: Employees learn how to identify and report phishing emails, which are a common vector for cyberattacks.
•   Password Management Best Practices: Training on creating and managing strong passwords, as well as the use of password managers to securely store credentials.
•   Secure Remote Work Practices: Emphasizing the importance of using secure networks, VPNs, and maintaining device security while working remotely.
•   Incident Reporting Procedures: Employees are trained on how to recognize a potential security incident and the steps to report it quickly.

Wapmass Group’s Information Security Policy is reviewed annually and updated as needed to reflect new threats, technologies, and regulatory requirements.

12. Review and Updates

This Information Security Policy will be reviewed and updated regularly, at least once a year, or whenever significant changes occur in the regulatory landscape or Wapmass’s operations. Any updates to this policy will be communicated to all employees, contractors, and partners, and they will be required to acknowledge their understanding and agreement to comply with the updated policy.

This Information Security Policy has been developed by Samuel Ofunwa, Director of Wapmass Group, on behalf of the Wapmass International Board.

Completion Sign-Off
Employees must complete this module and confirm their understanding of the Information Security Policy. By signing off, they agree to comply with the requirements outlined in the policy and acknowledge the consequences of non-compliance.

End of Information Security Policy Module

Health and Safety Policy

Introduction

Wapmass Group is committed to ensuring the health, safety, and well-being of all employees, contractors, and visitors, whether working remotely or in a physical location. This Health and Safety Policy outlines the company’s approach to creating a safe and supportive working environment that complies with relevant health and safety legislation, including the Health and Safety at Work Act (UK), OSHA (USA), and other applicable laws in Ghana and Nigeria.

Given that Wapmass Group operates as a remote-first organization, special emphasis is placed on ensuring the safety and well-being of employees working from home or other remote locations.

1. Purpose

The purpose of this policy is to ensure that Wapmass Group provides a safe working environment for all employees, whether they work remotely, in an office, or in a client’s home (for those working in domiciliary care). The policy also seeks to ensure that all employees take personal responsibility for their safety and the safety of others they may affect through their work activities.

2. Scope

This policy applies to all employees, contractors, and visitors associated with Wapmass Group. It covers all aspects of health and safety, including:

•   Remote work safety
•   Physical office safety (if applicable)
•   Domiciliary care safety for field-based staff
•   Mental health and well-being
•   Fire safety and emergency procedures
•   Reporting accidents and incidents

3. Remote Work Safety

As a remote-first organization, Wapmass Group emphasizes the importance of a safe and ergonomic workspace for remote employees. The following guidelines must be followed by all remote workers:

•   Ergonomic Workstation Setup: Employees must ensure that their home office is set up in a way that minimizes physical strain. This includes using a supportive chair, positioning the monitor at eye level, and using an external keyboard and mouse if working on a laptop.
•   Regular Breaks: Employees are encouraged to take regular breaks to avoid the risk of musculoskeletal issues. A short break every hour is recommended to stretch, move, and rest the eyes.
•   Fire Safety: Employees must ensure that their home working environment meets basic fire safety standards, including having functioning smoke alarms and keeping exits clear.
•   Electrical Safety: Employees must ensure that all electrical equipment used for work (laptops, monitors, etc.) is in good working order and plugged into surge protectors to prevent electrical fires.
•   Privacy and Confidentiality: Remote workers must ensure that confidential company information is not accessible to unauthorized individuals, even in their home environment. This includes using privacy screens and ensuring that sensitive discussions are conducted in private.

4. Physical Office Safety

While Wapmass operates primarily as a remote organization, it maintains certain physical office locations or may require temporary offices for in-person meetings or activities. The following measures apply to all physical office spaces:

•   Risk Assessments: Regular risk assessments are conducted in all Wapmass offices to identify and mitigate potential hazards.
•   Fire Safety Procedures: Fire evacuation procedures must be posted in every office, and fire drills are conducted at least twice a year. Fire extinguishers are inspected regularly, and employees are trained on how to use them.
•   First Aid: All offices are equipped with a fully stocked first aid kit. Designated first aiders are trained and available to assist in the event of a medical emergency.
•   Emergency Exits: Emergency exits must be clearly marked, accessible, and kept free from obstruction at all times.

5. Domiciliary Care Safety

Wapmass Group provides domiciliary care services to vulnerable adults, which means that certaincontinue writing:

5. Domiciliary Care Safety

Wapmass Group provides domiciliary care services to vulnerable adults, which means that certain staff members visit clients’ homes to provide assistance with daily activities and health management. Ensuring the safety of both staff and clients during these visits is a priority.

•   Home Environment Assessments: Before commencing care, a risk assessment of the client’s home environment is conducted to identify any potential hazards (e.g., unsafe stairs, cluttered spaces, or inadequate lighting). The findings are documented, and recommendations are made to address identified risks.
•   Personal Protective Equipment (PPE): Staff members are provided with appropriate PPE when working with clients, particularly in situations where there may be a risk of infection or other health hazards. This includes gloves, masks, and hand sanitizers, especially in the context of infectious diseases like COVID-19.
•   Manual Handling Training: Domiciliary care staff are trained in proper manual handling techniques to avoid injuries when assisting clients with mobility issues. This includes using transfer aids like hoists when necessary.
•   Incident Reporting: Any accidents, near misses, or health-related incidents that occur during domiciliary visits must be reported immediately using the company’s incident reporting procedures. The safety of both the client and the caregiver is paramount, and incidents must be investigated promptly to prevent recurrence.

6. Mental Health and Well-being

Wapmass Group recognizes the importance of mental health, particularly in a remote working environment where employees may experience isolation, burnout, or stress. The company is committed to supporting the mental well-being of all staff members through the following initiatives:

•   Confidential Counseling Services: All employees have access to confidential counseling services, which can be used for any work-related or personal issues. These services are available free of charge and are managed by an independent provider to ensure privacy.
•   Mental Health Training: Managers receive training to identify the early signs of stress, anxiety, or depression in their teams. They are equipped with tools to provide initial support and direct staff to professional help if needed.
•   Flexible Working Hours: Employees are encouraged to maintain a healthy work-life balance. Flexible working arrangements can be made to accommodate personal circumstances, ensuring employees can take time for self-care without compromising their productivity.
•   Regular Check-ins: In addition to performance reviews, managers are encouraged to hold informal check-ins with their teams. These check-ins provide an opportunity to discuss any mental health or well-being concerns and to ensure that workloads are manageable.

7. Fire Safety and Emergency Procedures

For employees working in physical Wapmass offices or for domiciliary care staff visiting clients, fire safety is a critical concern. Wapmass ensures that all employees are trained in fire safety procedures and understand the emergency protocols.

•   Fire Drills: For employees working in Wapmass offices, fire drills are held twice a year. Employees are required to familiarize themselves with the fire exits and evacuation procedures, which are clearly posted throughout the workplace.
•   Fire Extinguishers: Fire extinguishers are available in all Wapmass office locations and domiciliary care staff are trained in their use. Regular maintenance checks ensure that extinguishers are in working order.
•   Client Safety (Domiciliary Care): Care staff are trained in how to assist clients during emergency situations. This includes understanding the safest evacuation routes in a client’s home and having a basic understanding of how to respond to fire or medical emergencies.
•   First Aid and CPR Training: All domiciliary care workers and office-based staff are required to undergo first aid and CPR training, ensuring they can provide immediate assistance in the event of an emergency.

8. Incident Reporting and Investigation

Wapmass Group maintains a robust system for reporting and investigating health and safety incidents, whether they occur in an office, a client’s home, or remotely.

•   Reporting System: Employees and contractors must report any workplace accidents, injuries, or dangerous occurrences immediately using the company’s online reporting system. This applies to physical injuries, mental health crises, and data security breaches.
•   Investigation Procedures: Each incident is thoroughly investigated by a designated safety officer or manager. The goal of the investigation is to determine the root cause of the incident, identify any gaps in current procedures, and recommend corrective actions to prevent future occurrences.
•   Record Keeping: A detailed record of all incidents, investigations, and outcomes is maintained in compliance with health and safety laws in the UK, Ghana, and Nigeria. This information is used for continuous improvement of the company’s safety protocols.

9. Employee Responsibilities

Wapmass Group expects all employees to take personal responsibility for their health and safety, as well as the safety of their colleagues and clients. Employee responsibilities include:

•   Compliance with Safety Procedures: Employees must adhere to all safety protocols outlined in this policy, including those related to remote work, physical office safety, and client care.
•   Reporting Hazards: Employees are required to report any hazards or unsafe conditions immediately to their manager or the health and safety officer. This includes hazards in their home working environment if they are working remotely.
•   Self-Care: Employees are encouraged to take responsibility for their mental and physical well-being. This includes using the resources provided by Wapmass, such as counseling services and mental health support programs.
•   Use of Equipment: Employees must use equipment, including PPE, as instructed. Failure to use equipment properly may result in disciplinary action.

10. Review and Continuous Improvement

The Health and Safety Policy is reviewed annually to ensure it remains effective and compliant with changing regulations and business needs. Feedback from employees and the findings from incident investigations are incorporated into the review process to continually improve safety measures.

Any changes to the policy are communicated to all employees, who are required to complete a refresher course and confirm their understanding and compliance with the updated procedures.

This Health and Safety Policy has been developed by Samuel Ofunwa, Director of Wapmass Group, on behalf of the Wapmass International Board.

Completion Sign-Off
Employees must complete this module and confirm their understanding of the Health and Safety Policy. By signing off, they agree to comply with the requirements outlined in the policy and acknowledge the consequences of non-compliance.

End of Health and Safety Policy Module

Equal Opportunities and Diversity Policy

Introduction

Wapmass Group is committed to promoting equal opportunities for all employees, contractors, students, and clients, irrespective of their background, and ensuring a working and learning environment that is free from discrimination, harassment, and bullying. This policy is aligned with the Equality Act 2010 (UK) and equivalent regulations in Ghana and Nigeria, and it aims to foster diversity and inclusion across all levels of the organization.

1. Purpose

The purpose of this policy is to establish Wapmass Group’s commitment to eliminating discrimination, promoting diversity, and ensuring that all employees, clients, and partners are treated fairly and with respect. The company believes that diversity brings strength to the organization and that everyone should have equal access to opportunities for advancement and development.

2. Scope

This policy applies to all employees, contractors, applicants, students, and clients of Wapmass Group. It covers all aspects of employment, including recruitment, promotion, training, pay and benefits, discipline, and termination, as well as the treatment of clients and students accessing Wapmass Group services.

3. Legal Framework

Wapmass Group operates across multiple jurisdictions, and its Equal Opportunities and Diversity Policy is grounded in key legal frameworks, including:

•   Equality Act 2010 (UK): This act protects individuals from discrimination on the basis of protected characteristics, including age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, and sexual orientation.
•   Labour Act (Ghana): This legislation prohibits discrimination in employment on the grounds of race, sex, or religion and outlines employer responsibilities for fair treatment.
•   National Policy on Gender Equality (Nigeria): This policy focuses on promoting gender equality and ensuring equal access to opportunities for both men and women in the workplace.

Wapmass Group complies with these laws and ensures that its practices are in line with the most stringent global standards.

4. Protected Characteristics

Wapmass Group is committed to protecting individuals from discrimination based on the following characteristics:

•   Age
•   Disability
•   Gender Reassignment
•   Marriage and Civil Partnership
•   Pregnancy and Maternity
•   Race
•   Religion or Belief
•   Sex
•   Sexual Orientation

Discrimination on the grounds of any of these characteristics is strictly prohibited, and individuals are encouraged to report any incidents of discrimination they may experience or witness.

5. Recruitment and Selection

Wapmass Group’s recruitment processes are designed to ensure fairness and transparency at every stage. The company is committed to selecting the best candidate for the role based on merit, and all job applicants are treated equally, regardless of their background.

•   Job Advertisements: All job advertisements are written in a way that does not discriminate against any group. Language is neutral, and all job criteria are relevant to the role.
•   Selection Process: Interviews and assessments are conducted by trained personnel who understand the principles of equal opportunities. Selection criteria are based solely on the candidate’s qualifications, experience, and ability to perform the job.
•   Reasonable Adjustments: Wapmass Group will make reasonable adjustments to the recruitment process for candidates with disabilities, ensuring they have an equal opportunity to succeed.

6. Training and Career Development

Wapmass Group ensures that all employees have equal access to training and development opportunities, regardless of their background. Training programs are designed to enhance employees’ skills and competencies, and career development opportunities are based on merit.

•   Promotion: Promotions6. Training and Career Development

Wapmass Group ensures that all employees have equal access to training and development opportunities, irrespective of their background, enabling them to achieve their full potential. Training programs are designed to enhance skills and competencies, and all career development opportunities are merit-based.

•   Promotion: Promotions are based solely on individual performance, qualifications, and skills. The process is transparent, with employees encouraged to apply for positions in line with their career aspirations.
•   Development Programs: Wapmass provides targeted professional development programs, such as leadership training and technical skills workshops, to promote employee growth across all regions (UK, Ghana, and Nigeria).

7. Harassment and Bullying

Wapmass Group has a zero-tolerance policy towards harassment and bullying. All employees, contractors, and clients are entitled to a workplace free from harassment or discrimination. The company defines harassment as unwanted conduct related to a protected characteristic that has the purpose or effect of violating an individual’s dignity or creating an intimidating, hostile, degrading, or offensive environment.

•   Reporting Incidents: Employees who experience or witness harassment or bullying must report it immediately through Wapmass’s designated channels. Reports are handled with strict confidentiality and are investigated promptly.
•   Support for Victims: Wapmass provides support to victims of harassment and bullying, including counseling and adjustments to their work environment where necessary.

8. Unconscious Bias and Diversity Training

All employees and managers are required to complete unconscious bias training. This training helps staff recognize and mitigate the impact of bias in decision-making, recruitment, and everyday interactions, fostering a more inclusive workplace. Training is delivered both online and in-person, with regular updates to reflect the latest research and best practices in diversity and inclusion.

•   Annual Review: Unconscious bias and diversity training is reviewed annually, ensuring that it remains relevant and effective in promoting an inclusive work environment.

9. Flexible Working and Reasonable Adjustments

Wapmass Group recognizes the importance of work-life balance and supports flexible working arrangements for all employees. This is especially important for an international organization operating remotely across different time zones.

•   Remote Work: Employees can request flexible working hours, part-time schedules, or home-based work to accommodate personal circumstances. These requests are considered on a case-by-case basis, ensuring fairness and operational efficiency.
•   Reasonable Adjustments for Disabilities: Wapmass is committed to providing reasonable adjustments for employees with disabilities, including modifications to the work environment, provision of assistive technologies, and flexible schedules to accommodate medical needs.

10. Monitoring and Reporting

Wapmass Group is committed to monitoring its equal opportunities and diversity practices. The company gathers data on recruitment, promotions, and training participation by gender, race, disability, and other characteristics to identify and address any disparities.

•   Regular Audits: Wapmass conducts regular diversity audits to assess how well the company is performing against its diversity and inclusion goals.
•   Reporting: Employees are encouraged to report any perceived issues with equal opportunities or discriminatory practices. Wapmass ensures a transparent and accountable reporting process, with senior leadership regularly reviewing reports to ensure continuous improvement.

11. Review and Continuous Improvement

This Equal Opportunities and Diversity Policy is reviewed annually to ensure it reflects the latest legal requirements and best practices. Employees are required to complete refresher training upon any significant updates to the policy. Feedback from staff is also considered during policy reviews to ensure that Wapmass continues to promote an inclusive and equitable workplace.

This Equal Opportunities and Diversity Policy has been developed by Samuel Ofunwa, Director of Wapmass Group, on behalf of the Wapmass International Board.

Completion Sign-Off
Employees must complete this module and confirm their understanding of the Equal Opportunities and Diversity Policy. By signing off, they agree to comply with the requirements outlined in the policy and acknowledge the consequences of non-compliance.

End of Equal Opportunities and Diversity Policy Module

Remote Working Policy

Introduction

Wapmass Group operates as a remote-first organization, with employees located across the UK, Ghana, Nigeria, and other regions. This Remote Working Policy provides guidelines for maintaining productivity, communication, and security while working remotely. It also ensures that remote working arrangements align with the company’s operational needs and the well-being of its employees.

1. Purpose

The purpose of this policy is to establish clear expectations and best practices for remote work, ensuring that all employees can perform their duties effectively and securely, regardless of location. This policy also seeks to provide flexibility in work arrangements while maintaining the high standards of performance and security expected at Wapmass Group.

2. Scope

This policy applies to all employees, contractors, and third-party partners working remotely for Wapmass Group. It covers all aspects of remote work, including workspace setup, communication protocols, security measures, and performance expectations.

3. Eligibility for Remote Work

Remote work is the default arrangement for most roles at Wapmass Group, with the exception of specific positions that require in-person presence (e.g., domiciliary care staff). Employees in eligible roles must ensure they have the necessary tools and infrastructure to perform their duties effectively from home or any other remote location.

•   Approval Process: Employees must have formal approval from their manager to work remotely. The approval process includes an assessment of the employee’s role, responsibilities, and access to the necessary technology.

4. Work Hours and Availability

Remote employees must adhere to their contracted work hours and remain available during core business hours. However, flexible working arrangements can be made where necessary, particularly for employees working across different time zones.

•   Core Business Hours: While employees are free to set their own schedules, core business hours (e.g., 9:00 AM to 5:00 PM GMT) are established to ensure overlap for meetings and collaborative work.
•   Availability for Meetings: Employees must be available for virtual meetings and check-ins as required by their manager. Video conferencing tools such as Zoom or Microsoft Teams must be used for all team meetings and client interactions.

5. Communication Protocols

Effective communication is key to the success of remote work. Wapmass Group uses a variety of communication tools to facilitate collaboration and ensure that all employees stay connected.

•   Communication Tools: Employees must use approved communication platforms, including Slack for messaging, Zoom or Microsoft Teams for video calls, and email for formal communication.
•   Response Times: Employees are expected to respond to messages and emails within a reasonable timeframe during working hours. Urgent requests should be prioritized.
•   Team Collaboration: Regular team meetings are scheduled to maintain a sense of collaboration and ensure that all team members are aligned on project goals.

6. Workspace Setup and Equipment

To ensure productivity and well-being while working remotely, employees are required to maintain a dedicated and safe workspace.

•   Ergonomic Setup: Employees must ensure that their workspace is ergonomically sound, with appropriate desk, chair, and lighting setups to reduce physical strain.
•   Technology Requirements: Wapmass Group provides necessary equipment such as laptops, monitors, and software licenses. Employees must ensure they have a reliable internet connection and access to any additional tools required for their role.
•   Security Measures: Employees must use secure Wi-Fi connections and avoid public networks unless connected through a VPN. Company-issued devices must be used for all work-related activities, and personal devices are prohibited unless explicitly authorized.

7. Performance Management

Wapmass Group measures employee performance based on outcomes and deliverables rather than time spent working. Clear performance goals are set, and regular check-ins with managers ensure that progress is tracked and supported.

•   Goal Setting: Employees work with their managers to set clear, measurable performance goals. These goals are aligned with the company’s broader objectives and are reviewed on a regular basis.
•   Feedback and Reviews: Managers conduct regular performance reviews to assess progress, provide feedback, and offer support where needed. Remote employees are encouraged to take ownership of their work and communicate proactively about any challenges.

8. Data Security and Confidentiality

Data security is a top priority for Wapmass Group, particularly in a remote work environment. Employees are required to follow strict data protection protocols to ensure that sensitive information is not compromised.

•   Use of VPNs: All remote employees must use a virtual private network (VPN) to access company systems. This ensures that data is encrypted and protected from unauthorized access.
•   Data Encryption: Employees must ensure that any sensitive data stored on their devices is encrypted. Company-provided encryption software must be installed and used consistently.
•   Confidentiality: Employees must take precautions to ensure that confidential conversations are not overheard by unauthorized individuals. This includes using privacy screens, ensuring that sensitive discussions are held in private spaces, and securely storing physical documents.

9. Work-Life Balance and Mental Health

Wapmass Group recognizes that remote work can blur the boundaries between personal and professional life, which can lead to stress and burnout. The company is committed to supporting the mental health and well-being of its employees.

•   Flexible Hours: Employees are encouraged to maintain a healthy work-life balance by setting boundaries between work and personal time. Flexible working arrangements are available to accommodate personal commitments.
•   Mental Health Support: Wapmass provides access to mental health resources, including counseling services and stress management workshops. Employees are encouraged to seek support if they are struggling with their workload or mental health.
•   Breaks and Time Off: Regular breaks are encouraged to help employees stay focused and energized. Remote employees are entitled to the same leave and holiday entitlements as office-based staff.

10. Compliance and Monitoring

Wapmass Group monitors compliance with this Remote Working Policy to ensure that employees adhere to the guidelines and maintain productivity.

•   Compliance Monitoring: Managers are responsible for ensuring that theiradherence to this policy. This includes ensuring that employees are attending required meetings, meeting performance goals, and following security protocols.
•   Technology Monitoring: Wapmass uses monitoring tools to track the use of company-issued devices and software to ensure that employees are using them appropriately and securely.
•   Performance Audits: Periodic audits are conducted to assess employee performance and compliance with the Remote Working Policy. Non-compliance may result in disciplinary action, including termination of remote working privileges.

11. Policy Review

The Remote Working Policy is reviewed annually or whenever significant changes occur in Wapmass’s operations or regulatory environment. Updates to the policy are communicated to all employees, who are required to complete refresher training and confirm their understanding of the revised guidelines.

This Remote Working Policy has been developed by Samuel Ofunwa, Director of Wapmass Group, on behalf of the Wapmass International Board.

Completion Sign-Off
Employees must complete this module and confirm their understanding of the Remote Working Policy. By signing off, they agree to comply with the requirements outlined in the policy and acknowledge the consequences of non-compliance.

End of Remote Working Policy Module

By providing detailed, comprehensive modules, Wapmass ensures that employees across the UK, Ghana, Nigeria, and other regions are fully equipped with the knowledge and skills needed to work efficiently, securely, and in compliance with international standards.