CODE OF CONDUCT

TABLE OF CONTENTS

1. Purpose and Applicability
2. Core Standards of Conduct
3. Conflicts of Interest and Gifts
4. Anti-Corruption, Sanctions, and Export Controls
5. Data Privacy and Information Security
6. Workplace Conduct, Harassment, and EEO
7. Health, Safety, and Environment
8. Company Assets and Records
9. Reporting, Non-Retaliation, and Hotline
10. Investigations and Discipline
11. Training and Acknowledgment
12. Governance, Waivers, and Updates

1. PURPOSE AND APPLICABILITY

• Applies to all employees, officers, directors, contractors, and controlled affiliates.
• Sets baseline expectations for lawful, ethical conduct and transparency in reporting concerns.

2. CORE STANDARDS OF CONDUCT

• Act lawfully, honestly, and in the company’s best interest.
• No fraud, bribery, kickbacks, or improper payments.
• Fair dealing with customers, partners, regulators, and competitors.
• Accurate books and records; no undisclosed funds or assets.
• Protect confidential and proprietary information.

3. CONFLICTS OF INTEREST AND GIFTS

• Disclose conflicts: outside employment/board roles, related-party dealings, personal investments with influence, family relationships with vendors/customers.
• Gifts/entertainment: monetary thresholds, frequency caps, and approval workflow; stricter rules for public officials.
• Prohibited: cash/cash equivalents, lavish or indecent entertainment, anything intended to influence decisions.

4. ANTI-CORRUPTION, SANCTIONS, AND EXPORT CONTROLS

• Follow anti-corruption laws (e.g., FCPA/UK Bribery Act/local equivalents); no facilitation payments unless legally required for safety with documented counsel approval.
• Screen counterparties against sanctions; comply with export classification and licensing; no dealings with embargoed parties or prohibited end uses.
• Public official interactions require pre-approval and logging.

5. DATA PRIVACY AND INFORMATION SECURITY

• Collect/use/disclose data consistent with notices, consents, and lawful bases.
• Follow access controls, encryption, secure development, and incident reporting timelines.
• Respect data subject rights (access, deletion, correction) where applicable; limit data to minimum needed.

6. WORKPLACE CONDUCT, HARASSMENT, AND EEO

• Zero tolerance for discrimination, harassment, or retaliation.
• Commit to equal employment opportunity and inclusive workplace behavior.
• Report misconduct; cooperate with investigations.

7. HEALTH, SAFETY, AND ENVIRONMENT

• Follow safety protocols; report hazards and injuries promptly.
• Comply with environmental obligations relevant to operations.

8. COMPANY ASSETS AND RECORDS

• Proper use of company assets, systems, and funds; no unauthorized personal gain.
• Maintain accurate records; comply with retention schedules and legal holds.

9. REPORTING, NON-RETALIATION, AND HOTLINE

• Reporting channels: manager, HR, Compliance, hotline/email [INSERT CHANNELS].
• Non-retaliation: retaliation for good-faith reports is prohibited and will result in discipline.
• Anonymous reporting where permitted by law.

10. INVESTIGATIONS AND DISCIPLINE

• Investigations conducted fairly, promptly, and confidentially to the extent possible.
• Employees must cooperate; obstruction or misrepresentation is prohibited.
• Discipline up to and including termination; remediation and control improvements will follow findings.

11. TRAINING AND ACKNOWLEDGMENT

• Mandatory onboarding and periodic refresher training; role-based modules for higher-risk roles.
• Annual acknowledgment of the Code and key policies.

12. GOVERNANCE, WAIVERS, AND UPDATES

• Ownership: [COMPLIANCE/LEGAL/HR]; Board/Committee approval for material updates.
• Waivers for directors/executives require Board/Committee approval; other waivers require [GC/CCO] approval and documentation.
• Review at least annually or upon material legal/regulatory changes.