Code of Conduct of the G DATA Group

The law forms the foundation of all our business activities and partnerships. Our Code of Conduct underscores this commitment and reflects our shared values. A key factor in the long-term success of G DATA CyberDefense is treating everyone involved in our business relationships with respect and responsibility – whether they are employees, customers, shareholders, or the general public. The Code strengthens the trust of our stakeholders and ensures that we always act in accordance with applicable laws.

Scope of Application

This Code of Conduct applies to all companies and employees of the G DATA Group. The G DATA Group (hereinafter “G DATA”) includes, in particular, G DATA CyberDefense AG and all companies affiliated with G DATA CyberDefense AG under corporate law.

Corruption

Corruption hinders progress and innovation, distorts competition, and can cause significant harm to G DATA. Therefore, G DATA rejects and combats all forms of corruption. Corrupt behavior is often directly linked to the granting of benefits to and from business partners (invitations, gifts, donations, etc.).

It is prohibited to influence decisions by granting benefits of any kind. This applies both to public officials and to employees of other companies and other institutions in Germany and abroad.

Fair Competition and Procurement

Fair and free competition is protected by national and international competition and antitrust laws. G DATA aims to win customers over through the quality of its services and to offer them at competitive prices. We are committed to fair competition and reject any unlawful agreements that restrict competition.

G DATA maintains a wide range of business relationships with suppliers and service providers. G DATA selects suppliers and service providers carefully and exclusively based on their performance and reliability.

Avoiding Conflicts of Interest

G DATA relies on the performance of its employees in its day-to-day business operations. Successful business operations are therefore only possible if employees act in the best interests of G DATA. G DATA trusts that all employees make their decisions based solely on objective criteria and do not allow personal interests or relationships to influence their business decisions. Should conflicts of interest nevertheless arise in individual cases between an employee’s personal interests and the interests of G DATA, those involved must disclose them to their supervisors. The respective supervisor will review the conflicts of interest and decide how to proceed.

Fair Employment

G DATA is committed to fair employment conditions and combats the illegal employment of workers. The protection of children is a fundamental pillar of international human rights. G DATA is committed to these fundamental rights and rejects any form of child labor.

Protection of Company Assets and Confidential Information

G DATA’s company assets are intended to help achieve G DATA’s business objectives. They may be used exclusively for business purposes; their use for non-business purposes is expressly prohibited. G DATA expects its employees to handle company assets with care and in the best interests of G DATA. Every employee is responsible for ensuring that company assets are not damaged, misused, or wasted.

G DATA possesses valuable know-how and extensive trade and business secrets. This knowledge is the foundation of our business success and is therefore subject to special protection. Confidential information must not be misused by employees or disclosed to third parties without authorization.

G DATA unreservedly recognizes the intellectual property of competitors and business partners. Every employee is obligated to keep the know-how and trade or business secrets of third parties confidential and to use them only for authorized business purposes.

Data Protection and Data Security

There are specific legal regulations in place to protect personal data. G DATA is fully committed to complying with these regulations. Personal data of all kinds must therefore be carefully protected against unauthorized access and misuse.

Digital information processing is the foundation of G DATA’s business. G DATA takes the risks associated with this very seriously and addresses any vulnerabilities immediately upon their discovery. G DATA employees are required to familiarize themselves with applicable IT and data protection guidelines and to adhere to the requirements contained therein.

Equal Opportunity, Equal Treatment, and Mutual Respect

We recognize the principles of respectful, fair, and loyal interaction with one another. In particular, the principles of equal opportunity, equal treatment, and mutual respect play a paramount role. All employees are offered equal opportunities upon hiring and throughout their continued employment at G DATA. G DATA rejects any form of discrimination and takes action against it. No one may be disadvantaged or harassed on the basis of their origin, gender, sexual orientation, religion or belief, disability, or age. Instead, we expect our employees to treat one another with tolerance, courtesy, and respect, thereby contributing to a productive and pleasant work environment.

Dealing with Business Partners

G DATA expects its business partners to act in a lawful and ethical manner. Within our supply chain, we work to ensure compliance with our applicable standards. G DATA strives to ensure that all of its subcontractors acknowledge this Code of Conduct, support its principles, and effectively enforce their own corresponding rules of conduct.

Compliance Organization

Compliance is a responsibility at G DATA that must be shared equally by managers and employees. In addition to serving as role models, managers have the specific responsibility to ensure that all employees within their area of responsibility are familiar with this Code of Conduct and adhere to it.

Should there be any indications at G DATA of a violation of this Code of Conduct, we expect all employees—if necessary, anonymously via G DATA’s designated representatives or through our whistleblower system—to report such incidents to their supervisor, the relevant management, or G DATA’s Chief Compliance Officer.

G DATA investigates all suspected compliance violations impartially. Where appropriate, G DATA cooperates with authorities or third parties in this regard. Where necessary, the relevant representatives are involved in the respective investigations in a timely manner.

G DATA conducts training sessions and informational events at regular intervals on the contents of this Code of Conduct and the associated compliance guidelines.

G DATA monitors compliance with this Code of Conduct, with external support if necessary.

Bochum, 2024

G DATA CyberDefense AG