Your thoughts and feedback matter! Should you have any questions or concerns or require clarification regarding our Code of Conduct, please feel free to reach out to our Risk and Compliance Department:

Email: compliance@ciklum.com

Website: https://www.ciklum.com/risk-and-compliance

Your commitment to doing business ethically and contributing to a positive work environment is greatly appreciated. Together, we ensure the success of Ciklum while maintaining the highest levels of integrity and professionalism.

At Ciklum, we believe that ethical business practices are the foundation of a sustainable and mutually beneficial partnership. This Supplier Code of Conduct is a concise guide that outlines our fundamental expectations for all our valued suppliers.

Our Supplier Code of Conduct, aligned with our internal Code of Conduct, applies to all third-party representatives, including suppliers, vendors, contractors, ambassadors, partners, and their related entities. Suppliers must ensure their employees comply with the principles in this Code, and we encourage them to extend similar principles to their suppliers. This Code does not override existing contracts; contractual terms take precedence in case of conflicts. The Code aims to provide ethical guidance to our suppliers while upholding existing contractual agreements.

At Ciklum, ethical business practices are at the core of our values, and we expect our suppliers to share in this commitment. Upholding ethical conduct is essential to maintaining the trust and integrity of our partnership.

At Ciklum, we are committed to upholding the highest standards of legal and ethical conduct. Compliance with laws and the protection of confidential information are integral to maintaining trust and integrity in our partnership.

At Ciklum, we are committed to fostering a workplace and business environment that celebrates diversity and treats all individuals with respect and dignity. We expect our suppliers to share in this commitment.

At Ciklum we are committed to conducting our operations in an environmentally responsible and sustainable manner whilst prioritising the health and safety of our employees, suppliers, and the communities we serve. Our suppliers are expected to adhere to the highest standards of environmental protection, ensuring minimal impact on the ecosystem. This includes compliance with all applicable environmental laws and regulations, responsible waste management, and the reduction of greenhouse gas emissions. Regarding health and safety, suppliers must provide a safe and healthy workplace, proactively managing risks, and taking precautionary measures against accidents and occupational diseases. Regular training and awareness programs should be implemented to reinforce this commitment.

Suppliers are obligated to promptly inform Ciklum if they suspect or become aware of any unethical behavior or potential violations of the Supplier Code of Conduct, as well as any relevant laws, regulations, or rules. You can report such concerns to your designated business contact or utilise the Ciklum Speak Up Helpline, which is managed by a third-party provider and accessible through online channels. Ciklum does not engage in any form of retaliation against individuals who, in good faith, report suspected or confirmed misconduct. Furthermore, Ciklum strongly condemns any retaliatory actions taken by others.

Ciklum values the partnership with its suppliers and appreciates your dedication to upholding the highest standards of ethical business practices. Together, we reinforce our commitment to conducting business ethically, responsibly, and in a manner that respects the rights and well-being of all stakeholders.

Thank you for being an integral part of our commitment to ethical business practices. Your collaboration is essential in helping us achieve our shared vision of a better, more ethical future.

Bribe and Bribery

Giving or receiving a financial or another advantage in connection with the improper performance of a position of trust or a function expected to be performed impartially or in good faith.

Bribery may represent cash, an actual payment exchanging hands, or gift, lavish treatment on a business trip, tickets to an event, etc. 

Ciklum’s definition of Bribery also includes Facilitation payments. 

Board of Directors

The Board of Directors of Ciklum Group Limited, BVI

Ciklum, Ciklum Group

Ciklum or Ciklum Group is a group of companies that are under the common control of Ciklum Group Limited, BVI, and operating under Ciklum’s trademark

Ciklumers 

Employees of Ciklum, and others performing work for or on behalf of Ciklum

Conflict of interest

Circumstances when the personal interests of a Ciklumer interfere with the best interests of Ciklum

Corruption

Corrupt conduct or the abuse of entrusted power for one’s gain

Donation

A voluntary provision of anything of value with no return benefits to an NGO or an individual to support a charitable cause and generate goodwill

Entertainment

Attendance of social, cultural, or sporting events with officials or people who have, can have, or can help the creation of a business relationship with Ciklum

Facilitation payments

Payments to Public officials to ensure or speed up the performance of routine and non‐discretionary governmental actions such as processing a visa application, securing a mail service, or connecting utilities. Ciklum forbids Facilitation payments.

Regulatory and legal violations

A variety of unlawful acts committed in defiance of established rules, laws, and regulations. This includes acts such as fraud, bribery, corruption, embezzlement, insider trading, and any other actions that breach internal regulations or legal standards. The motive behind these violations can vary, but they often involve unethical practices, financial manipulation, or attempts to gain unfair advantages.

Fraud

An intentional deceptive action to provide the perpetrator with an unlawful gain; an illegal or unethical gain obtained by a Ciklumer by deceiving Ciklum or Ciklumers

Gift

Gifts, including personal gifts to and from Third-Parties who have, can have or can help in establishing a business relationship with Ciklum 

Hospitality

Meals, drinks, lodging, and travel expenses to or from Third-Parties who have, can have or can help in establishing a business relationship with Ciklum

Management

Top Management, C-level officers, Vice Presidents, Directors, Heads of Departments, etc.

Money Laundering 

Money Laundering involves taking criminal proceeds and disguising their illegal source in anticipation of using the criminal proceeds to perform legal and illegal activities

Politically Exposed Persons

Individuals that have been entrusted with a prominent public function, their family members and close associates

Public authority

Governmental and municipal entities, government-controlled companies and organizations, political parties, candidates for public office, and charitable organizations acting in their favor

Public officials

Employees and private persons acting for any Public authorities

Sanctions

An official action against a government/companies/individuals to force them to behave in a particular way or as punishment for not doing so

Sponsorship

A contribution in cash, cash equivalent, or in services to an external organization to support an event, activity, individual, or organization in return for benefits for Ciklum, usually connected to an advertisement of the Ciklum brand 

Third-Party

An entity or an individual involved in an interaction with Ciklum: a vendor, an ambassador, a customer, a partner, etc.

Top Management

The person(s) who direct(s) and control(s) Ciklum at the highest level.

Background

Ciklum upholds the principles of transparency and integrity and does not tolerate regulatory and legal violations, including bribery, corruption, and unethical behavior. This Policy applies to all Ciklum’s employees and Third-Parties acting on behalf of Ciklum, including agents, consultants, and contractors.

The Compliance function, overseen by the designated officer, is responsible for owning and maintaining this Policy. It undergoes regular review and updates to address operational, legal, and regulatory developments and risks.

Changes to this Policy require approval from the Board of Directors before being communicated to Ciklum’s employees. A version log is maintained to track adjustments, including the date and the person responsible for the change.

Purpose of this Policy

This Policy guides Ciklum’s employees, upholding transparency and integrity. Its primary objectives are to manage compliance risks, protect stakeholders' interests, and ensure sustainable growth. Ciklum achieves this by identifying, assessing, and mitigating compliance risks, monitoring regulatory changes, providing support and guidance to employees.

Compliance risk

Also known as Regulatory and Legal violations risk, is an integral part of Ciklum's risk management. It encompasses the risk of non-compliance with laws, rules, the Ciklum Code of Conduct, and internal policies. Compliance risk is closely tied to integrity as it impacts the Company's reputation.

Prompt identification, assessment, management, monitoring, and reporting of compliance risk are essential to safeguard Ciklum from potential damages, including legal or regulatory enforcement, financial losses, and reputational damage, which could ultimately harm shareholder value.

Compliance Principles

Ciklumers must adhere to the following principles while performing their duties at Ciklum to manage the risk of violating laws or Ciklum’s rules.

Compliance with Laws, Rules, and Regulations

Ciklumers are required to adhere to laws, rules, regulations, and Ciklum’s policies, including those pertaining to anti-bribery, anti-money laundering, and sanctions. By doing so, they safeguard Ciklum's reputation and fulfill the expectations of stakeholders, customers, and regulatory bodies.  Anti-bribery, anti-money laundering, and sanctions regulations from the EU, UN, US, and UK are considered the highest standards in combating regulatory and legal violations. Violations can result in penalties and disciplinary actions, including termination of employment or contracts.

Promote and Engage in Ethical Conduct

Ciklumers must carry out their duties with good faith and integrity, respecting the Ciklum Code of Conduct. They must perform duties as described in their contracts and job descriptions, avoid misusing their authority, not engage in any unethical or illegal activities, and act with full transparency and diligence.

Avoid any Conflict of Interest

Ciklumers should act in the best interests of Ciklum without giving preference to any third party based on personal considerations, ensuring that their private matters do not interfere with Ciklum's interests.

Protect Confidentiality

Ciklumers must maintain the confidentiality of Ciklum and its clients' information unless disclosure is authorized or required by law, even after leaving the Company.

Protect Ciklum’s Assets

Ciklumers should protect and use Ciklum's property and assets for legitimate business purposes.

Act in the Customer’s Best Interest

Ciklumers should provide services to Ciklum's customers with care, honesty, and fairness, avoiding manipulation or unfair dealings. Ciklum will review customers' complaints and process them on time.

Raise Issues or Concerns

Ciklumers are encouraged to report violations of Ciklum's policies, Code of Conduct, potential violations of applicable laws and regulations, and other types of misconduct. Ciklum protects Ciklumers against retaliation for reporting potential violations in good faith.

Ciklum's compliance governance approach is based on clear roles and responsibilities overseen by the Board of Directors and Top Management. Their roles and responsibilities are described below.

The Board of Directors 

• Establishing and approving this Policy 
• Ensuring commitment to compliance and addressing non-compliance
• Incorporating compliance responsibilities into Top Management position statements
• Appointing the Compliance function with authority and responsibility for the design, consistency, and integrity of the compliance management system
• Having direct access to senior decision-makers and all levels of the business, along with expert advice on relevant laws, regulations, codes, and standards
• Ensuring the independence and authority of the Compliance function, free from conflicting priorities
• Empowering the Compliance function to exercise countervailing power by demonstrating the consequences of non-compliance in decision-making processes.

Top Management

• Allocating resources for the compliance management system
• Assigning and communicating compliance responsibilities and authorities
• Implementing systems for reporting and measuring compliance performance
• Reporting compliance-related matters to the Board of Directors
• Integrating compliance obligations in employees’ job descriptions and performance appraisals
• Overseeing compliance in outsourcing arrangements.

Compliance function

• Identifying and managing compliance risks
• Integrating compliance obligations into policies and procedures
• Addressing regulatory and legal violations, Code of Conduct failures, and ethical issues
• Providing training and resources on compliance matters
• Ensuring compliance responsibilities in job descriptions and performance management
• Managing complaints through the Speak Up helpline
• Monitoring compliance performance
• Reviewing the compliance management system
• Providing guidance and professional advice on compliance matters.

The Compliance function must demonstrate integrity, commitment, communication skills, relevant competence, and no conflicts of interest. These preconditions enable effective compliance management and promote a culture of compliance.

Management

The Company's Management is responsible for compliance within their area of responsibility. This includes:

• Support and cooperate with the Compliance function
• Comply with policies, procedures, and processes, and attend compliance training
• Integrate compliance obligations into their business practices
• Identify and communicate compliance risks and oversee outsourcing compliance
• Mentor, coach and supervise Ciklumers for compliant behavior
• Develop awareness of compliance obligations and meet training requirements
• Encourage raising compliance concerns and participate in incident management
• Ensure compliance factors into job descriptions, performance appraisals, and promotions
• Collaborate with the Compliance function for corrective action as needed.

Ciklumers

All Ciklumers should:

• Adhere to relevant compliance obligations based on their position and duties
• Participate in training under the compliance management system
• Use available compliance resources
• Report compliance concerns, issues, and failures.

These responsibilities ensure that compliance is a shared responsibility across the Company.

Annual Compliance Plan

The Compliance Function operates according to the Annual Compliance Plan, a risk-based roadmap for planned activities. The plan is overseen by the Compliance function officer to ensure adequate coverage and coordination. It is regularly reviewed by Top Management and the Board of Directors to ensure effective compliance and risk management.

Risk appetite statement 

Ciklum has zero tolerance for regulatory and legal violations.

Company-Wide compliance risk assessment

Ciklum conducts an annual firm-wide compliance risk assessment, considering inherent risks of services, operations, and third parties, as well as risks in jurisdictions of operations. Other events may trigger the need to review the risk assessment.

Third-Party Due Diligence

Ciklum follows a risk-based approach when engaging Third-Parties to prevent reputation damage and regulatory issues. Due diligence verifies the identity, relationships, and reputation of potential Third-Parties, with special attention to Politically Exposed Persons. The level of due diligence corresponds to the risk profile. Documentation is maintained throughout the process to ensure compliance. Ongoing Third-Party risk reviews are conducted based on their risk rating. For more detailed guidelines, please refer to the Third Party Due Diligence Procedure.

Specific due diligence measures are employed during business acquisition and divestment. Refer to the Compliance Procedure for Mergers and Acquisitions for more information.

Gifts, Entertainment, and Hospitality 

To foster positive and constructive business relationships, it is encouraged to engage in appropriate Gift-giving, Entertainment, and Hospitality practices. Ciklumers have the freedom to give and receive Gifts and Hospitality that are proportionate to the context, without any expectation or obligation on the recipient. For more detailed guidelines, please refer to the Gifts, Entertainment, and Hospitality Procedure.

Political Contributions and Appointments

Political contributions or Donations on behalf of Ciklum are strictly prohibited without prior approval from the Board of Directors. When considering a Donation, the Board of Directors ensures that there are no conflicts of interest that could impact related transactions and safeguard the Company's reputation. Ciklumers seeking or holding appointments in a Public Authority must obtain approval from the Board of Directors before doing so.

Sponsorship and Donations 

Sponsorships and Donations at Ciklum must have a legitimate purpose and align with appropriate reasons. They should be reasonable in amount and frequency, provided transparently on behalf of the Company. Approvals from the Company’s Management and Compliance function are necessary. Ciklumers involved must ensure proper use of resources and avoid improper purposes. Due Diligence is conducted to assess organizations' integrity before extending sponsorships or donations. Refer to the Donation and Sponsorship Procedure for detailed guidelines.

Conflict of Interest

Ciklumers must avoid conflicts of interest. Any personal interests or interests of immediate family members related to Ciklum's business must be disclosed in the Ethics Declaration on the corporate portal. In the event of a Conflict of interest, Ciklumers should disclose the matter and refrain from taking actions until receiving guidance. Failure to disclose a Conflict of interest or perceived conflict violates the Ciklum Code of Conduct and this Policy. Ciklumers are encouraged to consult with the Compliance function regarding any concerns about conflicts of interest. For more detailed information, please refer to the Conflict of Interest Procedure.

Facilitation payments

Ciklum strictly prohibits Facilitation payments, considering them as Bribes regardless of local practices. 

Anti-Money Laundering and Terrorist Financing

Ciklum prohibits accepting or processing funds from criminal activities. We engage only with reputable clients and ensure their funds are from legitimate sources. Our third-party due diligence considers Money Laundering risks and any identified concerns are reported to the Compliance function. For details, see the Third Party Due Diligence Procedure.

Sanctions

Before contracting with a Third-Party, their executive body, beneficial owners, and transaction details are screened against sanctions regulations. Ciklumers are responsible for providing beneficial ownership information upon request. Any potential sanctions-related restrictions must be reported promptly to the Compliance function. For details, see the Third Party Due Diligence Procedure and Sanctions Compliance Procedure.

Suspicious Activity Reporting

Ciklum maintains a process for reporting suspicious activity. Ciklumers are responsible for promptly reporting any suspicions of potentially illegal activities that may impact Ciklum to the Compliance function. External reporting obligations of suspected or actual regulatory and legal violations are managed by the Compliance function in collaboration with Ciklum Legal function and Top Management. Tipping-off, namely disclosing or providing information that could alert someone suspected of engaging in illegal activities that they are being investigated or reported to authorities, or/and sharing information that could hinder or obstruct an ongoing investigation or compromise its effectiveness is strictly prohibited.

Monitoring

The Compliance function continually monitors and assesses the effectiveness of compliance controls to ensure the adequacy of policies and procedures. This monitoring framework involves measuring and analyzing activities and controls, as well as following up on evaluation recommendations for improvement.

For more detailed information, please refer to the Compliance Monitoring Procedure.

Ciklumers comply with record-keeping requirements, maintaining accurate records of payments, Gifts, benefits provided, and other dealings with Third-Parties. Off-book accounts to conceal improper payments are strictly prohibited. These records are maintained to ensure accessibility and retrieval in response to law enforcement, regulatory, or audit requests, promoting transparency and accountability.

Ciklum's compliance with anti-bribery and accounting regulations is guided by financial and accounting rules and obligations, including:

• All transactions are accurately and timely reflected in the official books of the Company
• The Board of Directors and relevant officers may conduct periodic internal reviews of the Company's books, records, and controls
• Compliance monitoring includes a thorough review and reconciliation of transactions with higher Corruption risk to support documentation
• Ciklume does not falsify accounting and business records
• Bank accounts are opened under prior written Management’s  approval
• Expenses are supported by reasonable and accurate written documentation
• Cash payments are minimized
• Fictitious invoices, over-invoices, and misleading documentation are strictly prohibited
• Payments for services rendered by Public officials are made via transfers to the relevant Public authority
• Ciklumers promptly report suspicions of bribery, kickbacks, or any payments contrary to the law or this Policy to the Compliance function
• Personal or third-party funds are not used to circumvent policy rules.

By adhering to these rules and obligations, Ciklum ensures compliance with anti-bribery and accounting regulations, promoting transparency and integrity in its financial operations.

Ciklumers suspecting a violation of this Policy should promptly report it to the Company’s Management and the Compliance Function. Anonymous reports can be submitted through the Speak Up Helpline. Ciklum encourages asking questions, raising concerns in good faith, and seeking guidance. Discrimination against individuals reporting concerns in good faith will not be tolerated.

Examples of compliance red flags that may require raising concerns include:

• Requests for Bribes or abnormal payments
• Payments to different companies or through offshore centers without proper justification
• Undocumented or unreported payments to Third-parties
• Unusually close relationships with government officials
• Refusal to certify compliance with this Policy.

Ciklum will review all reports on violations of the Code of Conduct and this Policy. Cooperation with the investigation is expected rather than investigating by yourself. For more details, please refer to the Internal Investigation Procedure.

The Compliance function maintains a tailored compliance training plan for Ciklumers, ensuring they have sufficient awareness to manage risks. Ciklumers undergo annual compliance training, including a test to assess understanding, and the training activity is documented. Those exposed to higher compliance risk receive customized instructor-led training. Specific measures for training and awareness are included in the Ciklum process for business acquisitions. Please refer to the Compliance Procedure for Mergers and Acquisitions for details.

Breaches of this Policy or related rules must be promptly reported to the Compliance function. The designated officer in charge of the Compliance function assesses the materiality of the breach and determines if escalation is necessary.

Failure to report a known violation or violating the law or the Company’s policies may result in disciplinary or remedial action, up to and including termination of the relationship with Ciklum. Such actions are carried out under Ciklum’s procedures and legal requirements.

1.1 Dignity and Respect at Work Policy and Procedure (hereinafter – the “Policy”) confirms Ciklum Group arrangements and commitment to providing equal opportunities to all persons and outlines standards of behavior to a working environment which is comfortable to work in and which deplores all forms of discriminatory or offensive behavior. 

1.2 This Policy sets out the organization’s position on equal opportunity and respectful treatment in all aspects of the Personnel engagement by giving guidance and encouragement to the Personnel at all levels to act fairly and prevent discrimination. 

1.3 This policy will be applied fairly and consistently to all Ciklum Group Personnel based on Ciklum sites, customer sites and includes business trips and events where the occasion is considered to be work-related (e.g. Christmas parties, farewell functions and other general personnel functions). 

1.4 This document is directly applicable and addressed to all Ciklum Group, which shall be expected to apply these principles and guidelines in compliance with legal requirements and regulations locally in force. Should some of these principles be less restrictive than the requirements of local law, in each case, the Group Company will adopt principles and guidelines that conform to local law. 

1.5 This policy is not intended to be contractual in nature and is not implied or otherwise incorporated into any employment contract or contractor agreement. Ciklum may from time to time, at its absolute discretion, amend, replace, or withdraw from this Policy, or depart from some or all of any procedure in this Policy. 

1.6 All Personnel of the Group Companies should be made aware of the provisions of this Policy. 2. 2.

2.1 With reference to the general legal framework on equal opportunities and diversity and for the purposes of this Policy, the terms mentioned herein shall have the following meanings: 

2.1.1 Ciklum Group – a group of companies which directly or indirectly are under common control (i.e. share mother company, a subsidiary of affiliate relationship) and operating under Ciklum Trademark. 

2.1.2 Group Company – a legal entity duly established and operating under the laws of the country, where Ciklum has legal presence, and which is a part of Ciklum Group. 

2.1.3 Protected Characteristics – a list of personal characteristics, discrimination against which is forbidden and may constitute a breach of this Policy. For the purposes of this Policy the list of Protected Characteristics shall include: 

2.1.3.1 Age 

2.1.3.2 Disability or impairment 

2.1.3.3 Gender reassignment

2.1.3.4 Marital or civil partnership status, family/career responsibilities 

2.1.3.5 Pregnancy and maternity/paternity status 

2.1.3.6 Race, color, descent, nationality, ethnicity 

2.1.3.7 Political views or activity 

2.1.3.8 Confession or religious beliefs 

2.1.3.9 Sex 

2.1.3.10 Sexual orientation 

2.1.3.11 Profession or occupation 

2.1.3.12 Physical peculiarities 

2.1.3.13 Any other personal feature and background such as geographical origin and location, part-time and fixed term engagement status, professional role, pay rate and level within the organization. 

2.1.4 Personnel or member of the Personnel – for the purposes of this Policy, the definition of ‘Personnel’ or ‘members of the Personnel’ is extended to include: 

2.1.4.1 Job seekers – individuals participating in recruitment process for a vacant job post open with one of the Group Company 

2.1.4.2 Employees – individuals engaged by any of the Group Company with a contract of employment 

2.1.4.3 Workers and agency workers – individuals engaged by any of the Group Company with a contract to do work or provide services 

2.1.4.4 Self-employed – individuals, where they have to personally perform the work 

2.1.5 Employment – for the purposes of this Policy, the definition of ‘employment’ shall include all types of the Personnel engagement whether on employment agreement, or contractor agreement. 

2.1.6 Discrimination – less favorable treatment of a person because of a Protected Characteristic. 

2.1.7 Act of Discrimination – a type of prohibited conduct that is defined to include, but not limited to: 

2.1.7.1 Direct discrimination – occurs where someone is treated less favorably because of one and/or several of the Protected Characteristics

2.1.7.2 Indirect discrimination – occurs where an individual is subject to an unjustified provision, criterion or practice that also puts others with the 

same Protected Characteristics at a particular disadvantage unless 

this criterion can be objectively justified 

2.1.7.3 Harassment – occurs when there is unwanted conduct which has the purpose or effect of violating an individual’s dignity or creating an interrogating, degrading, hostile offensive or humiliating environment for the member of the Personnel in question. 

2.1.7.4 Bullying – occurs as a result of repeated, unreasonable behavior by one or more persons directed towards one or more members of the Personnel in the workplace that create a risk to health and safety of the recipient of that behavior 

2.1.7.5 Vilification – occurs as a result of a public act that could incite or encourage hatred, serious contempt or severe ridicule towards individuals or groups because of their Protected Characteristics 

2.1.7.6 Victimization – occurs when someone is treated less favorably than others because they tried to make, or made, a complaint about discrimination.

3.1 Ciklum Group is committed to recognizing equal opportunities and a right to be treated with dignity and respect of all members of the Personnel regardless of the Protected Characteristics. 

3.2 This policy aims to ensure that no job applicant or member of the Personnel receives less favorable treatment on any of the Protected Characteristics, or is disadvantaged by conditions or requirements that cannot be shown to be justifiable. 

3.3 Ciklum Group recognizes the harmful effect discrimination, harassment, bullying, vilification and/or victimization can have on individuals and is committed to ensuring that the environment at work is not conducive to unprofessional, unacceptable and unpleasant behavior and any instances of humiliation and intimidation are fully investigated with appropriate action taken. 

3.4 Ciklum Group states that adhering to the Policy, combined with relevant engagement policies and practices, maximizes the effective use of individuals in both the company’s and Personnel member’s best interests. Ciklum Group recognizes the great benefits in having a diverse workforce with different backgrounds, solely engaged on ability. 

3.5 This Policy and guidelines on equal opportunities and dignity at work stated below should be applied to all human resources processes and practices adopted across the Ciklum Group in order to encourage a level playing field on which all Personnel can unlock their potential on the basis of job requirements or specification of the services rendered and the individual’s ability and merits. The areas to be covered are: 

3.5.1 Recruitment 

3.5.2 Employment

3.5.3 Compensation and Benefits / Remuneration 

3.5.4 Facilities and Services 

3.5.5 Promotion 

3.5.6 Training and Professional Development 

3.5.7 Termination and References 

3.5.8 Grievance 

3.6 The purpose of this Policy is to enable complaints of unacceptable behavior to be consistently and appropriately dealt with. 

3.7 This Policy is not exhaustive in defining acceptable and unacceptable behavior.

4.1 Advertisements for posts regardless of whether circulated externally or internally will give sufficiently clear and accurate information to enable potential applicants to assess their own suitability for the post. Information about vacant posts will be provided in such a manner that does not restrict its audience in terms of any of the Protected Characteristics. 

4.2 Recruitment literature will not imply a preference for one group of applicants unless there is a genuine occupational qualification which limits the post to this particular group, in which case this must be clearly stated. 

4.3 All descriptions and specifications for posts will include only requirements that are necessary and justifiable for the effective performance of the job. 

4.4 All selection will be thorough, conducted against defined criteria and will deal only with the applicant’s suitability for the job. Where it is necessary to ask questions relating to personal circumstances, these will be related purely to job requirements and asked all candidates. 

4.5 All Ciklum Group are committed to ensuring that external partners active in the recruitment process, including but not limited to temporary agencies, recruitment agencies, public job agencies and executive search companies, are made aware of the principles and approaches of this Policy, and the Ciklum Group commitment to implementing its goals.

5.1 Terms and conditions of employment with any of the Group Company shall be drawn up with reference to this Policy. 

5.2 Ciklum Group takes care to ensure that our policies and procedures operate fairly and consistently and in a non-discriminatory way against any of the Protected Characteristics. 

5.3 Members of the Personnel who have a disability are encouraged to tell their Line manager about their condition, in order that the Group Company may consult with them about possible adjustments. 

5.4 Group Company’s fixed-term and part-time members of the Personnel shall be offered appropriate access to benefits, training, promotion and permanent employment opportunities. 

5.5 Any reasonable adjustments to working conditions which would assist member of the Personnel in performance of his/her duties will be considered and will be accommodated where possible and proportionate to the needs of the job. Each Group Company shall ensure that requests to alter working hours are dealt with appropriately. 

5.6 If the Group Company considers that a particular adjustment would not be reasonable, the reasons for this have to be explained to the Employee and the Group Company shall aim to find an alternative solution (where possible).

6.1 The remuneration system of the Ciklum Group defines the total compensation / remuneration of the Personnel on the basis of the role covered, the scope of responsibilities, performance outcomes and the overall quality of the contribution to business results. 

6.2 Within the existing remuneration framework, the Ciklum Group is committed to ensuring fair treatment in terms of compensation and benefits / remuneration without relation to any of the Protected Characteristics.

7.1 The Group Company’s conditions of facilities and service will be available to all members of the Personnel who should have access to them and there should be no unlawful obstacles to accessing them. 

7.2 Where such arrangements put the member of the Personnel at a substantial disadvantage, the Group Company will consider whether adjustments are possible and appropriate in order to eliminate the disadvantage.

8.1 Assessment criteria for performance and development reviews, as well as any of the talent management processes, will be based on merit and the needs of the job and will not be unlawfully discriminatory.

8.2 Where arrangements in relation to promotion or transfer may put the member of the Personnel at a substantial disadvantage, the Group Company will consider whether adjustments are possible and appropriate in order to eliminate the disadvantage.

9.1 The Ciklum Group is committed to promoting the goal of equal opportunities by ensuring that all members of the Personnel receive adequate education and training in this area and that “equal treatment” is included in existing and future training, induction programs and other forms of education and communication as appropriate. 

9.2 All members of the Personnel will be encouraged to discuss their career prospects and training needs with their Line Manager or dedicated HR Business Partner / People Partner.

9.3 The Ciklum Group is committed to ensuring that external partners active in training and professional development process, including but not limited to consulting agencies and training centers, are made aware of the principles and approaches of this Policy, and the Ciklum Group commitment to implement its goals.

10.1 Each member of the Personnel is to be protected from discrimination through to the last day of engagement with the Group Company and beyond to include references regardless of the termination reason. 

10.2 Any of the Group Company’s internal policies and procedures will be applied without unlawful discrimination, whether they result in the giving of sanctions, dismissal or other disciplinary action. 

10.3 Redundancy criteria and procedures will be fair and objective and will not include criteria which are contrary to the aims of this Policy and may be considered as discrimination against the Protected Characteristics.

11.1 Ciklum Group actively promotes equal opportunity and working relationships based upon mutual respect and valuing diversity. 

11.2 In line with this Policy the following Acts of Discrimination shall not be tolerated in the workplace: 

11.2.1 Unlawful Discrimination (direct and indirect) 

11.2.1.1 Group Company Personnel shall not engage in acts of unlawful discrimination being either of the following: 

11.2.1.2 Direct Discrimination – occurs where someone is treated less favorably because of one and/or several of the Protected Characteristics 

11.2.1.3 Indirect discrimination – occurs where an individual is subject to an unjustified provision, criterion or practice that also puts others with the same Protected Characteristics at a particular disadvantage unless this criterion can be objectively justified 

11.2.1.4 Intention or motivation of the person who engages in unlawful discriminatory behavior is irrelevant.

11.2.1.5 Act of discrimination shall be deemed unlawful if: 

(a) It happens at work or on work related business (including all human resources processes and procedures covering the following areas according to Dignity and Respect at Work Policy: recruitment, employment, decisions on compensation and benefits, facilities and services, promotions, training and professional development, termination and references, grievance, as well as in the course of providing or receiving goods and services) 

(b) It is based on or happens because of, one of the grounds or reasons which the law sets out as unlawful 11.2.1.6 Ciklum Group takes care to ensure that our policies and procedures operate fairly and consistently and in a non-discriminatory way against any of the Protected Characteristics. 

11.2.2 Harassment 

11.2.2.1 Group Company Personnel shall not engage in any forms of harassment. 

11.2.2.2 Harassment occurs when there is unwanted and/or unreciprocated conduct which has the purpose or effect of violating an individual’s dignity or creating an interrogating, degrading, hostile offensive, humiliating, insulting or intimidating environment for the Personnel member in question and which the harasser knew or should have known was likely to cause offence to the victim. 

11.2.2.3 For the purposes of this Policy harassment may include but is not limited to the following: 

(a) Unwanted non-verbal, verbal or physical abuse which is derogatory, potentially offensive, embarrassing, humiliating or intimidating 

(b) Inappropriate, suggestive or uninvited comments 

(c) Displays of offensive images, literature and pictures 

(d) Unwelcome propositions, both verbal and physical 

(e) Repeated unwelcome invitations 

(f) Offensive, insensitive and/or intrusive quips and jokes related to a person’s Protected Characteristic 

(g) Questions, taunting, name calling, innuendo and any exchange intended to offend on the basis of stereotyped characteristics 

(h) Stalking 

(i) Persecution. 

11.2.2.4 Sexual harassment occurs if there is an unwelcome act or unwelcome conduct of a sexual nature where a reasonable person, having regard to all the circumstances, would have anticipated the possibility that the person on the receiving end of that act or conduct would be offended, humiliated or intimidated by it. 11.2.2.5 Sexual Harassment may include but is not limited to the following: 

(a) Sexual propositions or advances

(b) Unnecessary familiarity, e.g. brushing up against or constantly staring at a person 

(c) Unwanted physical contact 

(d) Offensive sexual gestures, innuendos or sexual jokes 

(e) Unwelcome comments, questions and/or teasing about a person’s private life 

(f) Display or circulation of sexual material, including emails, magazines, posters 

(g) Sexual assault. 

11.2.2.6 Sexual harassment may occur even if the person engaging in the unwelcome act or conduct did not intend to sexually harass. A single act is enough to constitute sexual harassment. 

11.2.2.7 The mutual attraction between members of the Personnel and personal workplace relationships where behavior is consensual and lawful, do not fall within the constraints of this Policy, however where they interfere with working practices and requirements they will become a Group Company concern. 

11.2.2.8 Some forms of harassment are also criminal offences and may incur prosecution under the local legislation.

11.2.3 Bullying 

11.2.3.1 Group Company Personnel shall not engage in any form of bullying behavior. 

11.2.3.2 Bullying occurs as a result of repeated, unreasonable behavior by one or more persons directed towards one or more members of the Personnel or other persons in the workplace that create a risk to health and safety of the recipient of that behavior. 

11.2.3.3 Unreasonable behavior means behavior by a person that a reasonable person, having regard to the circumstances, would see as unreasonable, including behavior that victimizes, humiliates, intimidates, threatens, undermines or demeans another person. 

11.2.3.4 Bullying can range from seemingly trivial banter to explicit abuse against an individual. It often involves, but is not limited to, a misuse of power, position or knowledge to criticize, humiliate or seriously undermine an individual.

11.2.3.5 Bullying may include but is not limited to the following: (a) Deliberately and repeatedly excluding, isolating or marginalizing someone from normal work activities

(b) Unwanted non-verbal, verbal or physical abuse which is derogatory, potentially offensive 

(c) Aggressive, threatening or hostile behavior 

(d) Embarrassing, humiliating or intimidating 

(e) Verbal abuse to include shouting and physical gestures used to frighten or intimidate. 

11.2.3.6 Bullying can occur even if the person who engaged in the behavior did not intend to bully or was not motivated by malice. 

11.2.3.7 Bullying shall not include reasonable management action carried out in a reasonable manner including, for example: 

(a) Genuine and reasonable disciplinary action 

(b) Constructively delivered feedback and/or performance counselling. 

11.2.4 Vilification 

11.2.4.1 Group Company Personnel must not vilify others in the workplace. 

11.2.4.2 Vilification is a public act that could incite or encourage hatred, serious contempt or severe ridicule towards individuals or groups because of their Protected Characteristics. 

11.2.5 Victimization 

11.2.5.1 All Group Personnel shall not be victimized or treated less favorably for making a complaint under this Policy in good faith. 

11.2.5.2 Victimization includes any unfavorable treatment of a person who has made a complaint or been involved in the enquiry or investigation of a complaint, with respect to allegations of discrimination, harassment, bullying, and/or vilification. 

11.2.5.3 Each Group Company shall take all reasonable steps to ensure that Personnel are protected against victimization or retaliation. It will be regarded as a disciplinary offence to victimize or retaliate against a member of the Personnel for bringing a complaint in accordance with this Policy.

12.1 This Policy is designed to encourage and define acceptable and unacceptable standards of behavior and detail the steps that can be taken if an individual feels they are being unlawfully harassed, discriminated against or bullied in the workplace. The aim is to ensure consistent and fair treatment for all Personnel. 

12.2 Disciplinary action will be taken against any member of the Personnel who is found to have committed an Act of Discrimination contrary to this Policy under the Group Company’s Disciplinary and Grievance Procedure. Such behavior may constitute gross misconduct and, therefore, may result in dismissal. The Ciklum Group takes a strict approach to serious breaches of this Policy. 

12.3 Group Companies’ Personnel may consider the following options to remedy the case: 

12.3.1 Informal Action 

12.3.1.1 In some instances, it will be sufficient for the recipient to raise the problem informally with the person who is creating it, pointing out that their conduct is unwelcome, offensive or is interfering with their work. 

12.3.1.2 A member of the Personnel who finds it intimidating or embarrassing to raise the problem direct with the person creating the problem may seek advice or support from their Line Manager and/or dedicated HR Business Partner / People Partner 

12.3.1.3 It is advisable to keep a record (including times and dates) of any conversations you may have with the person causing the problem 

during any informal attempts to rectify the situation. 

12.3.2 Formal Action 

12.3.2.1 This will generally be appropriate when informal action has proved ineffective or in any of serious instances of discrimination, harassment, bullying, vilification and/or victimization. In these circumstances, the Group Company’s Disciplinary and Grievance Procedure should be followed. An investigating manager shall carry out a thorough and timely investigation of the complaint taking into account the rights of the complainant and the alleged perpetrator, who will receive clear details of the complaint. 

12.3.2.2 The investigation shall involve taking witness statements from other members of the Personnel who were witnesses to the alleged act(s). In the event disciplinary action is to be taken against the instigator, all witness statements will be disclosed and the perpetrator will be progressed through the Group Company’s Disciplinary and Grievance Procedure. 

12.3.2.3 The Company will aim to maintain confidentiality for all parties throughout any investigations wherever practicable and will deal with all matters sensitively. 

12.3.2.4 At every stage, the member of the Personnel who believes that she/he is being treated unacceptably, and the alleged instigator, have the right to be accompanied and/or represented by a work colleague and/or other legal representatives (if any). The exercising or waiving of this right will be recorded in the documentation.

12.3.2.5 If the allegations are founded, then the appropriate response will be invoked through the Group Company’s Disciplinary and Grievance Procedure. 

12.4 Any complaints made by Group Companies Personnel in bad faith (malicious and vexatious allegations) will be dealt with as a disciplinary matter in accordance with the Group Company’s Disciplinary and Grievance Procedure.

13.1 This Policy is expected to affect the corporate culture and to embed equality, diversity and respect at all levels of the Ciklum Group. Therefore, all Personnel play an active role and are responsible for the Policy application. However, specific functions play key roles in the process, as outlined below. 

13.2 The Organizational Development and Internal HR Division defines, sponsors and approves the overall equal opportunities strategy / approach, and will establish specific objectives linked to the strategy. Within its accountability the Organizational Development and Internal HR Division is responsible for: 

13.2.1 Leading the design of the equal opportunities and respect at work strategy 

13.2.2 Monitoring the strategy implementation and related achievements and improvements on regular basis 

13.2.3 Ensuring that the strategy is embodied in every HR process and action 

13.2.4 Making recommendations to management in relation to the objectives for achieving the status of equal opportunities and diversity employer and the initiatives supporting these objectives 

13.2.5 Updating and amending this Policy, if necessary, based on its effectiveness. 

13.3 All managers and heads of organizational structures of the Group Company’s level are accountable for managing HR processes (selection of candidates, appointments, promotions, development initiatives) on the basis of individual merit and competence, personal aspirations and fit the open position with the support of HR function. In the execution of their role they have to ensure: 

13.3.1 The Policy is applied consistently to all Ciklum Group Personnel 

13.3.1 Team members are aware and fully understand principles set forth in this Policy 

13.3.2 Any complaints raised in respect of this Policy are properly investigated and responded to. All such offences, without exception, will be thoroughly investigated in a timely manner and may be regarded as gross misconduct which carries an ultimate penalty of dismissal for the perpetrator 

13.3.3 Members of the Personnel feel able to raise concerns in the knowledge that no individual will be penalized or victimized for raising such a concern

13.3.4 Ensuring that local HR functions are involved where there is a requirement to progress an individual through the Group Company’s Disciplinary and Grievance Procedure for failing to adhere to this Policy. 

13.4 All Group Companies’ Personnel are requested to: 

13.4.1 Behave in accordance with this Policy 

13.4.2 Treat colleagues with sensitivity, respect and courtesy at all times 

13.4.3 Draw matters of concern to the attention of the appropriate level of management 

13.4.4 Consider the impact of their behavior towards another person and remember individualization means what is offensive to one person may not be offensive to another 

13.4.5 Respect confidentiality if engaged into complaint resolution process to ensure that the integrity of the investigation process is maintained at all times and to protect the privacy of the persons involved in the complaint 

13.4.6 Not to discuss with any other members of the Personnel or with any other external third party the allegations, the matters that were discussed during the investigation, and responses to allegations or any matters raised during the investigation if engaged into complaint resolution process 

13.4.7 Promote a culture of inclusion, the spirit of the policy on equality and respect at work and highlighting controversial cases at SpeakUp@ciklum.com.

14.1 All Group Companies’ Personnel and new hires must become familiar with this Policy through various initiatives that include, among others, internal communication and news on local intranets. In order to reach the widest audience possible, when appropriate or necessary, the present Policy may be translated into the local languages of the countries in which our Group operates and communicated to the trade union organizations in relevant jurisdictions (if any). 

14.2 Each of the Group Companies shall be accountable for circulation of this Policy to its suppliers and subcontractors. 

14.3 For clarifications on the content of this Policy or for support on operational aspects of the process disciplined by the regulation itself, the interested functions/ legal entities can refer to the Group Company’s local HR Professional and/or Global HR Support Department at hr_support@cikum.com.

Ciklum is committed to leading by example, integrating environmental stewardship into every facet of our operations. Our Environmental Policy outlines a framework for sustainable practices that complies with environmental regulations, reduces our ecological footprint, and fosters environmental awareness amongst our stakeholders. 

This policy applies to Ciklum UK, its affiliates and subsidiaries, and all of their directors, offices, employees and contractors.

In pursuit of environmental responsibility, we focus on maximising resource efficiency in our office operation. This commitment is reflected in our strategic approach to office infrastructure and daily practices such as fitting our offices with energy-saving appliances, lighting and HVAC systems, and giving preference to buildings with green certifications like LEED or BREEAM. 

We also commit to sustainable IT practices, reducing energy consumption, and achieving cost-efficiency in our IT operations. We do this by; prioritising the virtualisation of servers to consolidate hardware, implementing efficient data centre layouts, consolidating servers and decommissioning underutilised servers, and enabling power management features on servers and workstations. 

Our commitment to reducing our environmental impact encompasses diligent waste management practices. We have instituted a series of measures to minimise waste and promote recycling throughout our organisation. We provide designated bins for waste sorting and recycling, use water coolers connected directly to the water supply to reduce the use of plastic water bottles, have collection points for the recycling of batteries, toner and printer cartridges, and when furniture or equipment reaches the end of its lifecycle, we sell it for reuse or recycling.

We set specific targets for reducing carbon emissions and regularly monitor our progress to ensure continuous improvement. We are committed to offsetting our remaining carbon emissions by collaborating with external parties engaged in carbon offsetting projects. Through these partnerships, we contribute to initiatives that support environmental sustainability and biodiversity conservation. Ciklum has joined the GreenPerk program, a VERRA certified carbon-neutral business travel solution allowing us to calculate and offset CO₂ emissions from our travel directly through the platform. 

Understanding that education is the cornerstone of effective environmental management, we develop and implement comprehensive training programmes for our specialists. These programmes focus on raising awareness of environmental issues relevant to our industry. They equip our people with the knowledge and skills to implement our environmental policy effectively.

We initiate and sustain ongoing campaigns to maintain a high level of environmental awareness within our organisation. These campaigns are designed to keep the environment at the forefront of our corporate culture and operational mindset. They include activities such as internal newsletters, environmental challenges, and recognition programs for outstanding contributions to our environmental goals. Through these campaigns, we aim to embed sustainability into the DNA of our organisation, empowering every employee to act as an environmental steward. 

• Comply with all relevant environmental legislation and regulations, as well as any other requirements to which the company subscribes that relate to its environmental aspects.
• Monitor essential targets applicable to Ciklum and/or its Affiliate to oversee and manage their environmental performance. 
• Receive routine reports on electricity consumption to track the effectiveness of our environmental impact prevention efforts. 
• Monitor the implementation, compliance, complaints and incidents regarding this policy.
• We collaborate with stakeholders to raise environmental awareness and promote sustainable practices. 

This Environmental Policy and its associated procedures will be reviewed as part of our services’ policy review cycle. 

This Slavery and Human Trafficking Statement is made on behalf of Ciklum Holding UK Limited (the “Company"), Ciklum UK Limited, Ciklum Operations UK Limited, and other subsidiaries under the Company’s control, and operating under Ciklum’s trademarks worldwide (collectively -“Ciklum”). 

Modern slavery encompasses unlawful and immoral practices where individuals are exploited for personal or business benefits. This includes slavery, servitude, human trafficking, and coerced labor. Ciklum maintains a zero-tolerance approach to modern slavery and remains firmly committed to ethical business conduct across our global operations and supply chains.

The Company, along with its subsidiaries, is dedicated to establishing robust systems and controls to prevent modern slavery. We are committed to ensuring that such practices do not occur within our business activities or within our supply chain.

Ciklum stands as a leading global provider of product engineering and digital services, catering to a diverse clientele that includes Fortune 500 companies as well as fast-growing firms in the United Kingdom, European Union, and the United States. Headquartered in the United Kingdom, Ciklum's operations in the UK are primarily driven by Ciklum UK Limited and Ciklum Operations UK Limited. These entities frequently collaborate with other group companies to optimize service delivery. Overseeing the global network of Ciklum entities is the ultimate parent company, Ciklum Group Limited, which is registered in the British Virgin Islands.

Ciklum boasts a global workforce of over 3,500 professionals, including software developers, designers, product managers, data scientists, and support staff. This skilled team is committed to crafting customized digital solutions using advanced technologies. Specializing in driving digital transformation for prominent players in the digital economy, Ciklum takes pride in empowering both its clients and employees to exceed their potential and achieve their most aspirational objectives.

As a professional services group, Ciklum places immense value on its workforce, recognizing our employees as the cornerstone of our operations. Our commitment lies in cultivating a diverse and inclusive work environment while attracting and retaining top talent to deliver exceptional service to our clients. Despite the IT industry's relatively lower risk of bonded labor, we maintain a proactive stance against modern slavery. We are vigilant in avoiding partnerships with suppliers who might engage in such practices.

Annually, Ciklum entities conduct thorough reviews of potential slavery risks across our various locations. This process includes interviews with local HR personnel and the examination of information from open sources. We have established a specific due diligence process focused on modern slavery within our global supply chain. This involves identifying and steering clear of high-risk suppliers. Our strategy is centered on clearly communicating our anti-slavery standards and expectations to our suppliers and taking firm actions to ensure that modern slavery is not present in any part of our supply chain.

Tone at the Top 

At Ciklum, our Code of Conduct serves as a guiding principle, urging employees to adhere to all relevant laws and regulations, Ciklum’s internal guidelines, and to uphold human rights with utmost respect. Employees who suspect any human rights infringements have clear channels for reporting these concerns, as detailed in the Code of Conduct. This document is publicly available and is applicable to every Ciklum employee worldwide. On joining the company, each employee is required to familiarize themselves with and agree to the Code of Conduct.

Human rights, particularly in labor practices, are a top priority in our global operations. We ensure that every employee, regardless of location, receives fair wages and works hours in compliance with local legislation. Discrimination of any sort is strictly prohibited in our workplaces. We staunchly oppose the use of child labor (defined as employing individuals below the legally permissible age) and forced labor (including forced prison, indentured, bonded, military, or slave labor), and we do not condone any form of human trafficking. We strictly avoid partnering with any third parties involved in such practices. Our Dignity and Respect Policy and Human Rights Policy underscores our dedication to protecting human rights globally and is available for public viewing on our website. 

Due Diligence of third parties 

Our steadfast dedication is to conduct ourselves with ethical principles and utmost honesty in all our dealings, and we anticipate that our counterparties will adhere to the same standards. Our Risk and Compliance department meticulously carries out comprehensive due diligence processes concerning all candidates for employment, potential business partners, their beneficiaries, and top executives to ensure compliance with applicable employment laws, anti-corruption, AML, and sanctions regulations. The due diligence procedure encompasses scrutinizing counterparties for any instances of bribery, corruption, money laundering, sanctions violations, or any other misconduct. Additionally, we conduct a comprehensive examination of any adverse publicity and implement a targeted keyword search that concentrates on issues related to slavery and human trafficking. 

Ciklum’s Risk and Compliance team conducted due diligence on almost 3,000 new and existing counterparties in 2024 including clients, vendors, business partners, contracts, job candidates etc.

Where risks were identified, suppliers were either rejected or asked to implement corrective measures prior to onboarding.

To further safeguard against modern slavery risks, Ciklum complements its due diligence process with periodic targeted spot checks of existing suppliers and third parties. These assessments are conducted based on a risk-based methodology, taking into account factors such as geography, industry sector, and the nature of the services provided. Findings from these checks inform our continued business relationship and may result in remediation plans, contract modifications, or termination of engagement in cases of non-compliance.

These ongoing reviews reinforce our commitment to ethical sourcing and promote greater accountability and transparency within our extended supply chain.

Suppliers Code of Conduct 

Ciklum maintains a comprehensive Suppliers Code of Conduct, a testament to our commitment to ethical business practices and social responsibility. This code outlines the standards and expectations we hold for our suppliers, emphasizing the importance of legal compliance, ethical behavior, and respect for human rights. Key vendors and partners are required to acknowledge and accept this code as a condition of our collaboration.

This ensures that our business relationships are aligned with our core values and ethical standards. The Suppliers Code of Conduct is a public document, readily accessible on our website. It serves as a cornerstone of our approach to responsible sourcing and reflects our dedication to fostering a transparent, accountable, and socially responsible supply chain.

Speak Up for reporting concerns 

We have implemented a robust Whistleblowing Policy that provides various channels of both anonymous and non-anonymous reporting. This policy is available on our website for all interested parties. Our Whistleblowing Policy permits Ciklumers to express their concerns about possible misconduct or violations of the law, including but not limited to modern slavery laws, via Ciklum’s Speak Up helpline confidentially and securely, without the apprehension of facing disciplinary action. All reports are taken seriously and investigated by the company. 

In 2024:

• No confirmed cases of modern slavery or human trafficking were reported.
• All reports received were investigated promptly and fairly.

Training and Awareness 

Ciklum recognizes the importance of upholding ethical and lawful business practices, and we demonstrate our commitment to this principle by obliging all Ciklumers to complete our annual Compliance training and Human Rights training. These comprehensive training covers a wide range of topics essential for maintaining compliance with laws and regulations, preventing bribery and corruption,ensuring sanctions and anti-slavery compliance, promoting ethical behaviors, and creating a global business environment that respects and upholds human rights principles. We firmly believe that adhering to high ethical and compliance  standards is our choice and an essential aspect of our commitment to excellence and being a model corporate citizen. To reinforce this commitment, we aim for 100% completion of all mandatory training, including those focused on Compliance, DEI and Human Rights.

We are fully dedicated to upholding our uncompromising position against modern slavery and human trafficking. We will remain vigilant in our assessment of the efficacy of our endeavors in this field. 

Our forthcoming strategies could potentially comprise the following measures: 

• Focused Awareness Initiatives: To enhance awareness about modern slavery, we will execute targeted communication strategies. This will involve publishing informative content in the corporate media and integrating relevant discussions into company-wide meetings. These initiatives aim to deepen understanding regarding modern slavery issues within our organization.
• Policy Review and Update: Periodically review and update our policies to ensure they remain relevant, effective in the rapidly evolving IT sector, and aligned with current legal standards and best practices.
  
• Collaboration with Industry Bodies: Engage with IT industry groups to stay informed about leading ethical practices and risks specific to the IT sector.
• Responsibility Reporting:  We continue to track and report key performance indicators (KPIs), including:
• % of new suppliers screened for human rights risks: 100%
• % of strategic suppliers signed to Supplier Code: 100%
• % of staff completing compliance training: 98%

We will Include a section on modern slavery in our annual ESG report, disclosing efforts and progress made in this area.

This statement complies with section 54(1) of the UK Modern Slavery Act 2015 and serves as Ciklum's modern slavery and human trafficking statement for the fiscal year ending December 31, 2024. 

This statement is being reviewed annually and made available on our website. 

Ciklum Holding UK Limited 

___________________________ 

Mr. Samuel Edward Rapley 

Director 

Board of Directors
Board of Directors of Ciklum Group Limited, BVI

Ciklum, Ciklum Group, the Company, the Group
Ciklum or Ciklum Group, the Company, the Group is a group of companies under the control of Ciklum Group Limited, BVI, and operating under Ciklum Trademark

Corruption
Corrupt conduct or corruption is the abuse of entrusted power for one’s gain

Ciklumers
Employees of Ciklum, and others performing work for, or on behalf of, Ciklum

Management
Top management, C-level officers, Vice Presidents, Directors, Heads of Departments

Top management
The person(s) who direct(s) and control(s) Ciklum at the highest level.

Whistleblower
A whistleblower is any individual reporting on unlawful activities, fraud, or misconduct. Whistleblowers can become aware of the misconduct through witnessing or being told about it both in and outside Ciklum.

Ciklum is committed to upholding the highest standards of integrity and compliance with regulations, actively combating corruption, fraud, discrimination, unethical behavior, and any forms of anti-competitive behavior. As part of this commitment, Ciklum maintains and continually improves a comprehensive compliance system.

To ensure transparency and accountability, individuals who become aware of any wrongdoing are encouraged to come forward and disclose their concerns to Ciklum. For this purpose, Ciklum provides a whistleblower helpline, which serves as a secure communication channel for whistleblowers to report misconduct and unethical behavior without fear of retaliation.

The primary objective of this Policy is to establish a well-defined framework and process for the collection and handling of information received from whistleblowers. This ensures that all reports are thoroughly assessed, investigated, and addressed appropriately.

Adherence to this Policy is mandatory for all members of the Ciklum community, who are referred to as "Ciklumers." The ownership of this Policy rests with the officer responsible for overseeing the Compliance function. Additionally, Ciklum's Top Management plays a pivotal role in supporting and ensuring the effectiveness of this Policy.

As part of their commitment to maintaining a culture of integrity and transparency, Ciklum's Top Management actively participates in the review of whistleblower reports and the implementation of necessary mitigation measures. This active involvement reinforces the organization's dedication to addressing any reported misconduct and unethical behavior promptly and appropriately.

By involving Top Management in the review and implementation process, Ciklum emphasizes the significance of this Policy and demonstrates the highest level of commitment to upholding ethical standards and fostering a safe and accountable work environment for all Ciklumers.

The whistleblowing information is being collected through the following channels:

1. reporting to a line manager at Ciklum, verbal or written
2. reporting to the Compliance function - verbally to the Compliance team or in writing to compliance@ciklum.com.

All Ciklumers and third parties have 24/7/365 direct access to the Speak Up  platform either with or without providing the name through

3. Reporting to the secure and confidential email ciklum@integritycounts.ca
4. Accessing the Speak Up web platform at  https://www.integritycounts.ca/org/ciklum.

Messages incoming through the above channels are registered and managed by the Compliance function at Speak Up reporting platform.

The external provider supports managing and storing all the Speak Up reports through the above channels. The messages are being transferred for handling by the Compliance function.

In drafting a message, a reporter can exclude its undesirable recipients. If a reporter excludes the Compliance function from the notification, the message proceeds to the officer in charge of Human Resources.

Upon receiving a message, the Compliance function determines whether to initiate an investigation or direct the message to the appropriate department based on its content. 

The Compliance function handles inquiries related to fraud, bribery, violations of the Code of Conduct, financial crime, and other compliance risks as outlined in the Compliance Policy. 

The officer responsible for the Compliance function verifies the findings, collaborates with relevant stakeholders to explore corrective measures and grants approval for an internal investigation report. 

Incidents involving senior management, bribery or corruption, significant reputation risks, or financial harm are promptly reported to the Board of Directors.

Guidance on internal investigations is set in the Ciklum Internal Investigation Procedure that defines:

• decision-making to investigate;
• preparing and handling investigations;
• investigation conclusions and reporting;
• enforcement of corrective measures.

The Compliance function ensures that the reporter receives acknowledgment of the report within seven days of receipt. Subsequently, the results of the investigation, management actions taken, or any other relevant information are communicated to the reporter no later than one month after the initial receipt of the report.

The Compliance function is responsible for ensuring that all Ciklumers are aware of this Policy, the available reporting methods, and the protection from retaliation when reporting in good faith.

To make this information easily accessible, the Policy and Speak Up reporting channels are available on both internal and external websites, accessible to all parties involved.

Additionally, all Ciklumers are required to complete an Annual online Compliance course, which includes a section dedicated to educating them about the Speak Up policy and its importance. This helps reinforce a culture of compliance and encourages employees to come forward if they encounter any compliance-related concerns or issues.

The Speak Up helpline is intended solely for reporting genuine concerns or issues related to compliance and ethics. It should not be misused to provide knowingly false information or to seek revenge against others. Ciklum retains the right to take disciplinary actions against any Ciklumer found engaging in such unethical behaviors.

Ciklum strictly prohibits any form of discrimination or retaliation against individuals who report concerns in good faith. Any violation of this policy will result in disciplinary action, and potential termination of the working relationship, and may also lead to civil, criminal, or administrative penalties as appropriate. Upholding a culture of integrity and protecting those who raise legitimate concerns is of utmost importance to Ciklum.

If you have any questions regarding your personal data, feel free to contact our Data Protection Officer via data.privacy@ciklum.com.

Ciklum collects and processes information that

1. you personally provided to us in hard copies, sent by email or through messengers to our representatives;
2. we generate internally during performance of a contract between you and Ciklum;
3. you provide during interaction with our web sites, through cookies (please see Cookie policy for details) and web forms;
4. we obtain from third parties, integrated services or recruitment agencies;
5. we obtain from open sources, social media sources, public web sites or press releases.
   
   

Ciklum will not process your personal data if such is prohibited by applicable data protection laws or regulations.

Ciklum processes your personal data linked to particular purposes and corresponding legal bases outlined below:

• purposes to which you agree in a consent form;
• for the fulfilment of the contract as further specified in our contracts with employees, clients and consultants;
• in order to comply with legal obligations specified in a particular law or regulation;
• legitimate interests pursued by Ciklum group members, except where such interests are overridden by your interests or fundamental rights and freedoms.

Please expand the relevant section below for further information. Please consider that you may belong to more than one category. If you need further assistance, please contact our Data Protection Officer via data.privacy@ciklum.com.

In case Ciklum is planning to change the purpose of processing to such that is incompatible with the original one, we will contact you to provide you with further information on purposes for processing prior to it taking place, at all times ensuring appropriate legal basis for processing, which may include asking for your additional consent.

Ciklum does not process your personal data for automated decision-making, including profiling. For cases where automatic processing is performed, Ciklum will inform you additionally in the relevant section of this notice.

Ciklum Group consists of the following entities: Ciklum Holding UK Limited (UK), Ciklum UK Limited (UK), Ciklum Operations UK Limited (UK), Ciklum SA (Switzerland), Ciklum APS (Denmark), , Ciklum Inc. (USA) , Ciklum Services Ltd. (Israel), Ciklum GmbH (Germany), Ciklum LLC (Ukraine), Ciklum Ukraine LLC (Ukraine), Ciklum Pakistan (Private) Limited (Pakistan),  CIKLUM INDIA PRIVATE LIMITED (India), CIKLUM IT SPAIN, S.L. (Spain), Ciklum Bulgaria LTD (Bulgaria), CIKLUM SP. Z O.O. (Poland), CN Group CZ a.s. (Czech Republic) and CN GROUP RO S.R.L. (Romania).

All your personal data will be kept strictly confidential and will not be disclosed to unauthorized third parties or made public without your prior notification by this notice or in person. Ciklum will not transfer your personal data internationally without reasonably ensuring that the rights and freedoms of you as the data subject are protected.

We never sell your data or share it with other third parties in order to obtain direct or indirect financial gains.

To obtain information about third-party recipients of your personal data, please expand the relevant section below. Please consider that you may belong to more than one category. If you need further assistance, please contact our Data Protection Officer via data.privacy@ciklum.com.

We use a variety of security technologies and procedures to help protect your personal data from unauthorized access, use or disclosure. We secure the personal data you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure. All personal data is protected using appropriate physical, technical and organizational measures. Ciklum entities are certified with ISO27001 and regularly updated to comply with industry standards.

Please mind that transmission of information via the Internet (including by email) is not completely secure, and, although Ciklum will do its best to protect your personal data, we cannot guarantee the security of your data in transfer. Accordingly, please proceed with any such transmission at your own risk.

Ciklum uses third party service providers, some of which are located outside of the European Union. This means that we may transfer personal information to countries outside of the European Union. When we do, we ensure that an adequate level of protection is provided for the information by following the requirements of the European Commission, local data protection legislations and the GDPR in the countries where Ciklum has offices:

• We may transfer personal information to countries that have privacy laws that have been recognised by the country from which the data are transferred as providing similar protections for the data (‘adequacy decision’);
• We may enter into written agreements, such as Standard Contractual Clauses and other data transfer agreements, that require the recipients to provide the same level of protection;
• We may rely on other transfer mechanisms approved by authorities in the country from which the data are transferred;
• We may seek your consent for transfers of your personal information for specific purposes.

When we transfer your information outside of the European Union, we make sure that service provider is maintaining appropriate security measures to protect your personal information. Following Brexit the GDPR is no longer apply domestically to the UK any longer, when processing operations of Ciklum fall within the applicability of UK data protection law (Data Protection Act 2018 and UK-GDPR) we ensure that we stay compliant and follow guidelines of Information Commissioner’s Office. When we transfer your data to third countries we ensure it is done in accordance with updated international transfer rulings, which may include entering into International Data Transfer Agreement.

We store your personal data for a limited period of time, which varies depending on type of data, the purposes of processing, legal requirements and duration of contractual relationship with Ciklum.

To obtain information about the storage period of your personal data, please expand the relevant section below. Please consider that you may belong to more than one category. If you need further assistance, please contact our Data Protection Officer via data.privacy@ciklum.com.

As a data subject you have the following rights:

• right to obtain information in relation to your personal data;
• right to access your personal data;
• right to data portability;
• right to withdraw the consent;
• right to correct mistakes in your personal data;
• right to stop the unwarranted processing;
• right to be forgotten (erase your personal data);
• right to be aware of the existence of the automated individual decision-making and to object in this regard;
• right to lodge a complaint to a supervisory authority.

This Policy applies to any websites or branded pages (hereinafter, “Sites” or “Ciklum Sites”) which are operated by or on behalf of Ciklum.

Cookies are files or pieces of information that may be stored on your computers (or other devices, such as smartphones or tablets) when you visit Ciklum Sites. This allows Ciklum Sites to operate properly, distinguish real users from bots to protect our website, remember your choices and preferences and provide you with targeted advertisements. A cookie will usually contain the name of the website the cookie has come from, the lifetime of the cookie (i.e. how long it will stay on your device), and the value, which is usually a randomly generated unique number. You may delete cookies from your device manually at any time.

Ciklum Sites use cookies to identify your device and your interests, to remember your preferences, and to track how you use our Sites. We also use cookies and other tracking technologies to control access to certain content on our Sites, protect the Sites, and process any requests you make to us. To administer our Sites and for research purposes, Ciklum Sites also incorporates third-party services to track and analyse statistical usage and volume of information from users of the Sites. These third-party services use persistent cookies to help us improve user experience, manage the content of the Sites, as well as analyse how users navigate and use the Sites.

Our cookies are used for the following purposes:

Ciklum Sites use the following types of cookies:

1. Ciklum Human Rights Policy Introduction

Ciklum is dedicated to creating a global business environment that respects and upholds the principles of human rights. As a responsible corporate citizen, we understand the significance of fostering a workplace culture that values and protects the rights and dignity of all individuals associated with our operations, including employees, contractors, suppliers, and the communities in which we operate.

We commit to align our business practices with the Universal Declaration of Human Rights, United Nations Guiding Principles on Business and Human Rights (UNGPs), the Ten Principles of the UN Global Compact, the International Labour Organisation's Fundamental Principles and Rights at Work, and other relevant international human rights standards. We aim to conduct our business ethically and in compliance with applicable laws and regulations worldwide.

This sets out our position with respect to human rights and modern slavery and sits alongside our Dignity and Respect policy, Wellbeing policy, Health and Safety Policy, Anti-slavery and Anti-Human Trafficking Statements, Code of Conduct, and Suppliers Code of Conduct.                 

Our statements below draw upon the International Bill of Human Rights and the ILO Declaration on Fundamental Principles and Rights at Work:

Our human rights due diligence approach is aligned with the United Nations Guiding

Principles on Business and Human Rights. This includes policy controls, impact assessments, mitigation and monitoring, tracking our performance, employee training and stakeholder communication.

We are committed to conducting thorough and ongoing human rights due diligence to identify, prevent, and mitigate any adverse impacts associated with our business activities. 

• Internal Assessments: Our internal assessments involve a systematic review of policies, processes, and practices to identify areas where human rights may be at risk. This includes evaluations of recruitment and employment practices, workplace conditions, diversity and inclusion initiatives, and employee well-being.
  
  
• External Stakeholder Engagement: We regularly engage with external stakeholders, including non-governmental organisations, and industry and legal experts, to gain insights into global and industry-specific human rights risks. This collaborative approach helps us stay informed about evolving challenges and best practices.

Upon identifying potential human rights risks, we are committed to implementing effective mitigation measures to address and prevent adverse impacts.

• Remediation Plans: In instances where human rights risks are identified, remediation plans are to be developed and implemented promptly. These plans are designed to rectify issues, prevent recurrence, and ensure continuous improvement.
  
  
• Training and Awareness: We provide ongoing training to Ciklumers to raise awareness of human rights issues. Training programs include information on our policies, international standards, and practical guidance to ensure a shared understanding of our commitment to human rights.
  
  
• Leadership communication: Our Leadership team is dedicated to championing the principles outlined in our Human Rights Policy. Their commitment sets the tone for the entire organisation, emphasising the importance of human rights considerations in all business activities. Top management actively engages in transparent communication regarding our human rights due diligence efforts. Ciklum leadership team provides the necessary support and allocates resources to facilitate comprehensive human rights due diligence.

Ciklum encourages everyone to report human rights violations as soon as possible. 

Grievances and other issues related to human rights violations should be reported according to the respective corporate grievance policies in person, in writing, or by contacting Ciklum’s helpline Speak Up anonymously or non-anonymously. Speak Up operates under a non-retaliatory policy, meaning that everyone who raises a concern in good faith is treated fairly, with no negative consequence for their employment with Ciklum. 

Where a human rights violation is identified, Ciklum shall conduct an investigation and introduce corrective measures in accordance with corporate investigation procedures. 

The approach of Ciklum’s Human Rights Policy governance is based on clear roles and responsibilities for Senior Management, the Human Resources Department, and all Ciklumers. 

We recognise the critical importance of upholding human rights across our entire organisational spectrum. To ensure the effective implementation of our Human Rights Policy, all stakeholders must play a defined role in championing these principles.

Roles and Responsibilities:

• Senior Management: Our senior management team is entrusted with the leadership and oversight of human rights practices within the organisation. They are responsible for setting the tone at the top, fostering a culture of respect and inclusion, and allocating resources to support the implementation of this policy.
  
  
• Talent Fulfilment: The Talent Fulfilment department plays a crucial role in upholding human right policy. They are ensuring recruitment processes free from discrimination based on race, gender, ethnicity, religion, or any other protected characteristics; promoting equal opportunities for all candidates, regardless of background; implementing measures to make the recruitments process accessible to individuals with disabilities and providing reasonable accommodations; ensuring that all recruitment activities comply with local and international human rights laws and regulations; ensuring that Ciklum`s talent sourcing practices do not involve exploitation, forced labour, or any violation of human rights; providing training to recruitment staff on human rights principles and fostering awareness of the importance of diversity and inclusion.
  
  
• Human Resources: The Human Resources department is instrumental in translating our commitment to human rights into actionable initiatives. They play a key role in educating employees about their rights and responsibilities, providing channels for reporting concerns, and collaborating with other departments to address and mitigate potential human rights risks.
  
  
• Ciklumers: Every member of our organisation, regardless of their role or level, shares the responsibility of upholding human rights principles. This includes treating colleagues, clients, and partners with dignity and respect, fostering an inclusive work environment, and promptly reporting any observed or experienced violations of human rights.
  
  
• Compliance: The Compliance department ensures that Ciklum adheres to established ethical standards and legal requirements. They monitor, assess, and oversee internal processes to guarantee that Ciklum operates in accordance with established human rights standards, laws and ethical principles. They also investigate and address any issues that may arise to foster a workplace environment that respects and upholds human rights.

Integration with Business Practices:

We understand that the commitment to human rights is not a standalone endeavour but an integral part of our overall business strategy. At Ciklum, human rights considerations are seamlessly embedded into our decision-making processes, daily operations, and supply chain management.

• Business Decisions: Human rights considerations are systematically factored into our strategic and operational decisions. Whether it's entering into partnerships, launching new products, or expanding into new markets, we assess the potential human rights impacts and take proactive measures to mitigate risks.
  
  
• Operations: In our day-to-day operations, we are committed to creating a workplace that respects and values diversity. This commitment is reflected in our policies, practices, and training programs, ensuring that human rights are not just a policy statement but a lived experience for all employees.
  
  
• Supply Chain Management: We extend our commitment to human rights to our supply chain, working collaboratively with suppliers to ensure fair labour practices, ethical sourcing, and adherence to human rights standards. We believe in fostering relationships that reflect our values and contribute to the well-being of communities worldwide.

Ciklum is committed to improving our human rights performance. We regularly review and update our policies and practices to align with evolving standards and best practices. This includes soliciting feedback from stakeholders and incorporating lessons learned into our ongoing efforts to enhance human rights protection.

The Chief Operating Officer is responsible for this Policy. The Policy must be reviewed and updated on an as-needed basis. New operational, legal, and regulatory requirements might trigger a review and update of the policy.

The Policy is available to Ciklumers at the external corporate site and internal knowledge storage space Confluence in the section of Global HR Policies

Supporting Documents:

• Ciklum Dignity and Respect policy 
• Ciklum Anti-slavery and Anti-Human Trafficking Statements
• Ciklum Code of Conduct
• Supplier Code of Conduct
• Speak Up tool

Legal References:

• Universal Declaration of Human Rights
• United Nations Guiding Principles on Business and Human Rights (UNGPs)
• the Ten Principles of the UN Global Compact
• the International Labour Organisation's Fundamental Principles and Rights at Work