Terms & Privacy
Current update December 02 2022. Please note, in case if terms described in this Privacy Notice are changed, Ciklum will take all reasonable measures in order to inform you prior to implementation of such changes.
Terms of use
CIKLUM’S TERMS & CONDITIONS OF USE
Acceptance of Terms:
PLEASE READ THE FOLLOWING TERMS AND CONDITIONS RELATING TO YOUR USE OF THIS WEBSITE CAREFULLY. BY USING THIS WEBSITE, YOU ARE DEEMED TO HAVE AGREED TO THESE TERMS AND CONDITIONS AND OUR PRIVACY POLICY, WHICH IS INCORPORATED HEREIN BY REFERENCE. WE RESERVE THE RIGHT TO CHANGE THESE TERMS AND CONDITIONS AND THE PRIVACY POLICY AT ANY TIME. YOU SHOULD CHECK THESE TERMS AND CONDITIONS PERIODICALLY FOR CHANGES. BY USING THIS WEBSITE AFTER WE POST ANY CHANGES TO THESE TERMS AND CONDITIONS, YOU AGREE TO ACCEPT THOSE CHANGES, WHETHER OR NOT YOU HAVE REVIEWED THEM. IF AT ANY TIME YOU CHOOSE NOT TO ACCEPT THESE TERMS AND CONDITIONS PLEASE DO NOT USE THIS WEBSITE.
Description and use of this Website:
Ciklum requires that all visitors to this World Wide Website owned, operated, licensed, and controlled by Ciklum (the “Website”) adhere to the following Terms And Conditions of Use. Ciklum may change, suspend or discontinue any aspect of the Website at any time, including the availability of any feature, database or content. Ciklum may also impose limits on certain features and services and/or restrict your access to parts or all of the Website without notice or liability of any kind. To the extent that you and Ciklum have entered into a client’s service/license agreement (“Client Agreement”) for any portion of the Website, the terms and conditions of the Client Agreement will control in the event that of any provisions that may conflict with these Terms and Conditions of Use.
This Website provides authorized users with access to a collection of resources, including access to certain service deliverables, articles, and insights for general informational purposes. The Content (as such term is defined below) is to be used solely as a research tool and not as specific guides for action. YOU UNDERSTAND AND AGREE THAT THIS WEBSITE AND THE CONTENT IS PROVIDED “AS-IS” AND YOU ASSUME FULL RISK FOR ANY AND ALL USE OF THIS WEBSITE AND FOR ANALYSIS OF THE CONTENT. You may not use this Website or the Content for any illegal purpose or in any manner inconsistent with these Terms and Conditions of Use. We make every effort to ensure that the Content on this Website is accurate and up to date, however accuracy cannot be guaranteed.
You are responsible for obtaining access to the Service and that access may involve third party fees (such as Internet service provider or airtime charges). In addition, you must provide and are responsible for all equipment necessary to access the Website. No installation, implementation, customization, consultation, support or similar services are included within the scope of these Terms and Conditions of Use.
Password:
To the extent that your use of this Website is in connection with services received through a Client Agreement, we will request that you select a Password and Screen Name in connection with the operation of this Website. You alone are responsible for maintaining the confidentiality of your Password and Screen Name. You are responsible for all uses of our services with your Password and Screen Name, with or without your consent, by yourself and others.
Forums/Blogs:
You may access certain “forums” or “blogs” through the Website. You may not post on any forum/blog any material that is libelous, defamatory, obscene, abusive, invades a person’s privacy, violates any intellectual property rights, or that would otherwise violate any law. You acknowledge that you are responsible for whatever material you submit, and you, not Ciklum, have full responsibility for the message, including its legality, reliability, appropriateness, originality, and copyright. You may not post material that solicits funds, or that advertises or solicits goods or services. You may not post material known to be false. You may not post or transmit any information, software or other material that contains a virus or other harmful component. We also reserve the right to remove any such violative material. All remarks, suggestions, ideas, graphics or other information communicated through the Website will become, once posted, the property of Ciklum (“Posting”). Ciklum will not be required to treat any Posting as confidential. Ciklum will be entitled to use the Postings for any commercial or other purpose whatsoever, without compensation to you or any other person. You agree to indemnify, defend and hold Ciklum harmless from any liability arising due to the use or distribution of your Postings. You further grant Ciklum the right to use your name in connection with the reproduction or distribution of your Postings.
Modifications to Website:
We reserve the right at any time to modify or discontinue, temporarily or permanently, this Website (or any part thereof) with or without notice. You agree that we shall not be liable to you or to any third party for any modification, suspension or discontinuance of this Website.
Copyright/Restrictions on use of Content:
The content, including but not limited to the written materials, images, audio, video and all other materials and information on this Website (“Content”) is the intellectual property of Ciklum or republished by Ciklum under limited exceptions to the copyright laws. All rights of Ciklum or other copyright holders are reserved. Content from this Website may only be used, copied, and/or reproduced for internal business informational purposes. In no event may it be used for the commercialization of any product, service or entity, or released to the general public. You agree that if you download any Content that you will assure that the Content is used only as permitted by these Terms and Conditions of Use. You also agree that you will not change any Content or create your own derivative work from any Content. Any other use of or link to the Content on this Website, including reproduction for purposes other than those noted above, without the prior written permission of Ciklum is strictly prohibited. You may seek our permission by writing to Ciklum, Attention: Data Controller, Østerbrogade 125, 3rd floor DK 2100 Copenhagen Ø Cvr: 26768624. If permission is granted by us (or by other entities with an interest in the relevant intellectual property), you may not change or delete any author attribution, trademark, legend or copyright notice. In the event that you are given authority to use any Content, your use of any Content should be attributed to Ciklum or the author if specified.
Where copyright for any Content is not owned by Ciklum, the source of this Content is provided (“Third Party Content”). Any copying, republication or redistribution of Third Party Content whatsoever is expressly prohibited. Thus, should you wish to use any Third Party Content you are responsible for seeking appropriate approvals from the copyright owner.
If you use Content from this Website in violation of these Terms and Conditions of Use you may be in violation of your Client Agreement and may be subject to termination of your Client Agreement and damages for the copyright violation under federal statutes.
Trademarks/Logos:
This Website contains many valuable trademarks, names, titles, logos and other proprietary materials owned and registered by Ciklum and its affiliates (“Trademarks”). Nothing contained on this Website should be construed as granting any license or right to use any Trademark displayed on this Website. All other trademarks appearing on the Website are trademarks of their respective owners and nothing contained on this Website should be construed as granting any license to use the trademark owned by any other third party. Our reference to any third party trademarks does not imply or indicate any approval or endorsement by their owners, or Ciklum’s approval or endorsement of the owners or their products or services.
Linked Sites:
This Website may include links to other sites which are not maintained by Ciklum. Ciklum is not responsible for the content of those sites and makes no representations whatsoever concerning the content or accuracy of, opinions expressed in or other links provided by, such other sites. The inclusion of any link to such sites does not imply endorsement by Ciklum of the sites or any products or services referred to therein. Ciklum may terminate a link at any time. The terms of use and privacy policies applicable to such sites may be different from those applicable to the Website. If you decide to access any third party site linked to the Website, you do so entirely at your own risk and Ciklum shall have no liability for any loss or damage arising from your use of any such site.
Notification of Alleged Infringement of Copyright or Other Intellectual Property Rights:
In order to promptly address claims of alleged infringement of intellectual property rights, we have established the following procedures. If you are the owner of copyright or other Intellectual Property Rights, or have been authorized to act on behalf of the owner of such rights, and you believe your rights have been or are being infringed, please notify us immediately. Notice should be in writing and should be sent by fax or regular mail (not by email) to the following address: Data Controller, Østerbrogade 125, 3rd floor DK 2100 Copenhagen Ø Cvr: 26768624 Notices should include the information set forth below. Please note that you will be liable for damages (including costs and attorneys’ fees) if you materially misrepresent that an activity is infringing your copyrights or other Intellectual Property Rights. Accordingly, if you are not sure whether certain material of yours is protected by copyright laws, we suggest that you first contact an attorney. To expedite our ability to process your request, please use the following format (including section numbers): (i) Identify in sufficient detail the copyrighted work that you believe has been infringed. For example, “The copyrighted work at issue is the text that appears on http://www.legal.com/legal_page.html”; (ii) Identify the material that you claim is infringing the copyrighted work listed in item #1 above. Identify each page that allegedly contains infringing material by providing its URL; (iii) Provide information reasonably sufficient to permit us to contact you (email address is preferred); (iv) Include the following statement: “I have a good faith belief that use of the copyrighted materials as described above is not authorized by the copyright owner, its agent, or the law.”; (v) Include the following statement: “I swear, under penalty of perjury, that the information in the notification is accurate and that I am the copyright owner or am authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.” ; (vi) Sign the paper; and (vii) Send the written communication to our designated contact, Data Controller. Failure to include all of the above information may result in a delay of the processing the notification.
Notification of Alleged Unlawful Activities:
If you believe in good faith that any unlawful activity is taking place on or through this Website or that any unlawful information has been submitted or uploaded on or to this Website, please promptly report the same to us by sending written notice by fax or regular mail (not by email) to the following address: Data Controller, Østerbrogade 125, 3rd floor DK 2100 Copenhagen Ø Cvr: 26768624 Please include the following information in your Notice of Unlawful Activity: (i) your full name, address, telephone number and email address; (ii) full details of the location on this Website of the material or information in question (including the URL of the link shown on the Website where such material or information may be found); and (iii) full details of the unlawful nature of the activity or material or information in question.
What we will do when we receive a Notice of Infringement or Notice of Unlawful Activity:
If we receive full and proper notification of an alleged infringement of Intellectual Property Rights or of any unlawful activity occurring on or through this Website or of any unlawful information being submitted or uploaded on or to this Website, we will take such action which we believe to be appropriate in the circumstances. Without limiting the foregoing, we will make an attempt to secure the voluntary take down of the Content which is the subject of any Notice of Infringement or Notice of Unlawful Activity. In any event, we reserve the right, in our sole discretion and without notice to any User, to: (i) delete, move, edit and/or disable access to any Content which is the subject of any Notice of Infringement or Notice of Unlawful Activity; or (ii) terminate access of any User whose Content is the subject of any Notice of Infringement or Notice of Unlawful Activity.
License:
Use of portions of this Website may be subject to the terms of a Client Agreement. Subject to the terms of the Client Agreement, we grant to you a limited, nonexclusive, nontransferable, nonsublicensable license to use this Website, solely for your internal business purposes. The Client Agreement may limit the number of users who are allowed access to this Website. You are required to take reasonable measures to protect access information and to assure that you do not permit unauthorized use of or access to this Website. We may audit your use of this Website to assure compliance with access restrictions and will pursue all available remedies for a breach of these access rules. You may not sell, rent, lease, lend, or transfer any services provided on this Website and you may not assign or sublicense your license to this Website. To the extent that you are not subject to a Client Agreement, we grant to you a limited, nonexclusive, nontransferable, nonsublicensable license to use those non-password protected portions of this Website, solely for your personal or business use. The licenses set forth herein may be terminated in the event you breach the terms of these Terms and Conditions of Use. RIGHTS NOT EXPRESSLY GRANTED HEREIN ARE RESERVED BY CIKLUM.
Termination:
You understand that we may in our sole discretion terminate your ability to use this Website if you violate these Terms and Conditions of Use. You may terminate these Terms and Conditions of Use by destroying all materials obtained from this Website and all related documentation and all copies and installations. Ciklum may terminate these Terms and Conditions of Use immediately without notice if, in its sole judgment, you breach any of these Terms and Conditions of Use. Upon termination, you must destroy all materials obtained from this site and all related documentation and all copies and installations. You may not access this site after termination of these Terms and Conditions of Use without the written approval of Ciklum, provided, however, that Ciklum shall retain all rights, including all copyright rights and the right to use Postings as provided herein, and the limitations on use and treatment of the Contents shall remain in full force.
Disclaimer:
YOU EXPRESSLY UNDERSTAND AND AGREE THAT:
1.YOUR USE OF THE SERVICE IS AT YOUR SOLE RISK. THE SERVICE IS PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS. WE EXPRESSLY DISCLAIM ALL WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.
2. WE MAKE NO WARRANTY THAT (i) THE SERVICE WILL MEET YOUR REQUIREMENTS, (ii) THE SERVICE WILL BE UNINTERRUPTED, TIMELY, SECURE, OR ERROR-FREE, (iii) THE RESULTS THAT MAY BE OBTAINED FROM THE USE OF THE SERVICE WILL BE ACCURATE OR RELIABLE, (iv) THE QUALITY OF THE CONTENT OBTAINED BY YOU THROUGH THE SERVICE WILL MEET YOUR EXPECTATIONS, (v) ANY ERRORS IN THE SOFTWARE WILL BE CORRECTED, (vi) OR THAT THIS WEB WEBSITE, ITS CONTENT, AND THE SERVERS ON WHICH THE WEB WEBSITE AND CONTENT ARE AVAILABLE ARE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS.
3. ANY MATERIAL DOWNLOADED OR OTHERWISE OBTAINED THROUGH THE USE OF THE SERVICE IS DONE AT YOUR OWN DISCRETION AND RISK AND THAT YOU WILL BE SOLELY RESPONSIBLE FOR ANY DAMAGE TO YOUR COMPUTER SYSTEM OR LOSS OF DATA THAT RESULTS FROM THE DOWNLOAD OF ANY SUCH MATERIAL.
4. NO ADVICE OR INFORMATION, WHETHER ORAL OR WRITTEN, OBTAINED BY YOU FROM US OR THROUGH OR FROM THE SERVICE SHALL CREATE ANY WARRANTY.
5. THIS WEBSITE MAY CONTAIN VARIOUS COMBINATIONS OF TEXT, IMAGES, AUDIOVISUAL PRODUCTIONS, OPINIONS, STATEMENTS, FACTS, ARTICLES, MARKET DATA, STOCK QUOTES OR OTHER INFORMATION CREATED BY US OR BY THIRD-PARTIES. DUE TO THE NUMBER OF SOURCES FROM WHICH CONTENT IN THIS WEBSITE IS OBTAINED, AND THE INHERENT HAZARDS OF ELECTRONIC DISTRIBUTION, THERE MAY BE DELAYS, OMISSIONS OR INACCURACIES IN SUCH CONTENT. ACCORDINGLY, SUCH CONTENT, INCLUDING THE MARKET DATA, IS FOR YOUR REFERENCE ONLY AND SHOULD NOT BE RELIED UPON BY YOU FOR ANY PURPOSE.
6. INFORMATION CREATED BY THIRD PARTIES THAT YOU MAY ACCESS ON THE WEBSITE OR THROUGH LINKS IS NOT ADOPTED OR ENDORSED BY CIKLUM AND REMAINS THE RESPONSIBILITY OF SUCH THIRD PARTIES.
Limitation of Liability:
YOU EXPRESSLY UNDERSTAND AND AGREE THAT CIKLUM SHALL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL OR EXEMPLARY DAMAGES, (EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES) WHATSOEVER.
Non-Waiver:
Our failure to exercise or enforce any right or provision of hereunder shall not constitute a waiver of such right or provision. If any provision hereunder is found by a court of competent jurisdiction to be invalid, the parties nevertheless agree that the court should attempt to give effect to the parties’ intentions as reflected in the provision, and the other provisions hereof shall remain in full force and effect. You agree that regardless of any statute or law to the contrary, any claim or cause of action arising out of or related to use of the Website or these Terms and Conditions of Use must be filed within one (1) year after such claim or cause of action arose or be forever barred.
Indemnity:
You agree to indemnify, and hold Ciklum and its affiliates and each of their directors, officer, employees and agents (“Ciklum Indemnities”) harmless from and against any and all claims, actions or demands brought against Ciklum Indemnities arising out of or relating to your use of the Website or your breach of these Terms and Conditions of Use. The indemnification set forth in this Paragraph shall include all expenses and costs (including reasonable attorney fees) resulting from or arising out of the above claims.
Agreement:
By using the Website, you are deemed to agree to these Terms and Conditions of Use.
Code of conduct
Introduction
Message from CEO
Integrity is one of the core values in which we, Ciklum, operate. The Code of Conduct is company-wide and describes how we put Ciklum values in the way we work every day. It also explains our commitments and, more importantly, expectations towards everyone. Commitments I make to you and, likewise, commitments you make to me and everyone we deal with both internally and externally.
We run our business ethically and responsibly. We are committed to complying with the highest standards of integrity. We commit to prevent corruption, fraud and anti-competitive ways of working. We are respectful and follow the laws of the land where we operate.
A document can never cover one hundred percent of every situation you may face on a day-to-day basis. The Code of Conduct is your map. It illustrates the values and provides the tools that will help you, that will guide you in making the right decisions consistently and ethically. Also, it is important to raise your hand, speak out if you become aware or suspect a violation of the Code. We introduced Ciklum “Speak Up” to help you with this notification so you may do it with one hundred percent confidentiality and privacy.
Our Code of Conduct is important, critical and imperative. We are all responsible for the reputation of Ciklum and it is an important commitment for us to make and to honor.
Purpose of this Code
As a multi-national group of companies with an identifiable brand the actions of one Ciklumer 1 has the potential to impact upon the entire group. Furthermore, with the diverse range of jurisdictions in which Ciklum operates there is a wide range of laws, rules, regulations, customs and approaches to conducting business. The continued success of Ciklum depends on the actions of every Ciklumer being transparent, lawful and ethical. As such, the primary function of this Code is to provide a unified set of principles and behaviours which are designed to act as a guide to help you make the right decisions for yourself and for Ciklum.
At the same time, the Code of Conduct cannot describe every law, policy or process that may apply to us or every situation that we may face within our everyday role. As a general rule, we are responsible for understanding and complying with the laws, regulations and policies that relate to our business activities.
Detailed guidance on how to deal with important ethical and compliance issues will be described in Ciklum’s corporate policies and other relevant documents. These will be available on the MyCiklum portal. However, being aware, understanding and following the principles described in this Code will help to protect the reputation of Ciklum and Ciklumers.
Scope
This Code applies to and is mandatory to be followed by all Ciklumers. Each of us, wherever we work, must behave in accordance with these standards when dealing with fellow Ciklumers, clients, suppliers, stakeholders, governmental
authorities and competitors. We also should require our suppliers or vendors to adhere to this Code or adopt similar ethical standards.
Responsibilities
Ciklumers
The primary responsibility for maintaining an environment of ethical behaviour rests with Ciklumers through a demonstrated commitment to compliance with the Code of Conduct and with legal and regulatory requirements relevant to Ciklum’s business. To carry out this responsibility, Ciklumers will:
- Read, understand, and abide by the Code of Conduct.
- Exercise appropriate behaviour and maintain the highest standards of ethical conduct when representing Ciklum. This includes when travelling on the company business and attending functions hosted by Ciklum or third parties (e.g., conferences, trade shows, events). Seek advice from a supervisor2 if uncertain about the meaning or application of the Code of Conduct or when in doubt about the best course of action in a particular situation.
- Learn and contribute to a workplace environment that is conducive to and encourages compliance with the Code of Conduct and with laws and regulations.
- Maintain sensitivity to alleged, actual, or suspected illegal, unethical, or improper conduct by a supplier, client, consultant, or other person or organization with whom Ciklum has a relationship, and to report such conduct to the Compliance Director.
Leadership Team
In addition to their professional responsibilities in Ciklum, Senior Management (Leadership team & Invited Members3) must maintain a workplace environment that stresses commitment to compliance with the Code of Conduct and with laws and regulations. Ciklum’s Leadership Team will:
- Exhibit the highest standards of ethical conduct at all times and avoid the perception of unethical behaviour.
- Ensure that Ciklumers understand their duty to report actual or suspected Code of Conduct violations and that there are procedures and mechanisms available to facilitate reporting.
- Ensure that Ciklumers receive appropriate training in the meaning and application of Ciklum’s compliance documents.
- Ensure that all policies and references are in place and in the laws and regulations related to Ciklum.
- Maintain a workplace environment that prevents reprisals against a Ciklumers who in good faith reports actual or suspected Code of Conduct violations.
Board of Directors
The Board of Directors4 is accountable for ensuring overall compliance with the Code of Conduct and the legal and regulatory requirements relevant to the Ciklum’s business. The Board has the overall responsibility and authority to:
- Approve and/or make modifications to the Code of Conduct as needed.
- Review current and proposed corporate policies, processes, and procedures for consistency with the Code of Conduct.
- Establish and maintain the means, methods, and procedures for investigating violations of the Code of Conduct.
- Monitor disciplinary measures taken for violations of the Code of Conduct.
- Provide training and educational programs to enhance Ciklumers awareness of and compliance with the Code of Conduct.
How to raise an issue or concern?
The Code cannot cover every situation that we may face. We may find ourselves faced with a dilemma that we are not sure how to resolve. If in doubt, ask yourself these questions:
- Does it comply with the Ciklum’s Code of Conduct?
- Does it comply with policy, regulation and law?
- Would I be setting a good example?
- Would I be comfortable explaining what I did to my colleagues, family and friends without shame or embarrassment?
- Would I or Ciklum be comfortable if the action was written about in a newspaper?
- Have I consulted others who have knowledge of the topic and sought advice to help me make an informed decision?
If the answer is ‘No’ to any of these questions, or if you are not sure, stop and seek further advice.
If you become aware or suspect a violation of this Code, we expect you to report promptly to your Line Manager / Project Manager, HR Business Partner / People Partner or Compliance Department. If you are uncomfortable making such a notification, you may do so anonymously using Ciklum SpeakUp.
There are a number of ways that you can seek advice and support, including through any of the following:
- Discussing with your Project Manager, People Partner or anyone in management;
- Discussing with the Compliance Department; and
- Writing to Ciklum following the Whistleblower Policy
Never hesitate to ask questions, raise concerns, or seek the guidance you need. Ciklum will not tolerate any discrimination against anyone who has reported a concern in good faith.
Breach of this Code
Ciklum will investigate any report of a violation with the principles of the Code of Conduct. You must cooperate fully with any investigation, but should not investigate independently as alleged violations may involve complex legal issues, and you may risk compromising the integrity of a formal investigation.
Conduct that violates the law and/or company policies is ground for disciplinary or remedial action. In addition, failure to report a known violation of law or company policy by someone else may result in disciplinary action for Ciklumers and/or termination of employment/your relationship with Ciklum. The disciplinary action taken will be decided on a case by case basis. The action will be conducted in accordance with Ciklum’s HR procedures and corresponding legal requirements. Where laws have been violated, we will cooperate fully with the appropriate authorities.
Compliance with laws and regulations
Ciklum is a global group of companies, and our business is subject to the laws of many different countries. Each day we interact with a variety of individuals and groups including our clients, competitors, co-workers, suppliers, and sometimes government officials. We are committed to interacting with all in a respectful, ethical manner and in compliance with legal requirements. We would rather miss out on a business opportunity than compromise our integrity.
Anti-Bribery & Corruption
Bribery is the offering, giving, receiving or soliciting of any item of value in order to wrongfully influence someone’s actions, or to secure an improper advantage5.
Guidance
Ciklum has a zero-tolerance policy toward bribery and corrupt conduct in any form. Improper inducements involving government officials, clients, suppliers, business partners, and all other counterparties are strictly prohibited. We must all act with the utmost honesty, integrity and transparency in all dealings with clients, suppliers, business partners and government officials. Ciklum does not allow Ciklumers or others to make facilitation payments on its behalf.
We are committed to complying with all anti-corruption/anti-bribery laws, everywhere in the world such as the US Foreign Corrupt Practices Act, the UK Bribery Act and EU Directives. Bribery can have very serious consequences, for the individuals involved and for Ciklum. Any third-party, agent or intermediary acting on Ciklum’s behalf is also prohibited from offering, giving or accepting bribes and improper inducements, including acts of favouritism to influence a business decision.
Gifts and Hospitality
Guidance
Ciklum policy and practice requires moderation and the use of good judgement when giving or accepting gifts or entertainment in the course of business. Extending or receiving common courtesies such as business meals in connection with legitimate business activities generally is acceptable. However, in any such dealings, Ciklumers should not request, accept, offer to give or give anything of value that would give the appearance of impropriety or suggest that the gift or entertainment was intended in any way to influence a business decision or to obtain an improper advantage.
A gift can be an item, but it also can include event tickets or the provision of services when the gift provider is not otherwise involved in the event or service (e.g. the giver provided the tickets but does not accompany the recipient to the event). Entertainment is distinguished from a gift as it typically involves meals, events or other forms of entertainment (e.g. sporting events, concerts, shows) where the provider participates in the meal, event or other form of entertainment.
Permissible gifts and entertainment include those that6 :
- Are given openly and directly;
- Come with no strings attached;
- Are NOT solicited;
- Are NOT in the form of cash or a cash equivalent, such as a cash or gift card;
- Are NOT significant in value;
- Are NOT accepted as part of or during a business negotiation;
- Comply with all applicable laws and with all policies of both the giver and recipient; and
- Would NOT reflect poorly on Ciklum.
Gift limits and Prohibitions
Permissible gifts, entertainment and hospitality
- It is acceptable to extend or receive occasional gifts having a maximum retail value of USD 200 in total over the course of any one calendar year to or from the same person as a gesture of goodwill.
- Extending or receiving certain business entertainment (e.g. attending a local cultural or sporting event or a celebratory meal with a business partner) can be appropriate. Provided that the entertainment is reasonable and customary and in the furtherance of a business relationship; the cost of the entertainment is not excessive; and it won’t inappropriately bias future decision-making about working or create an appearance of impropriety.
- Gifts in the form of tickets to sporting events and other forms of entertainment that exceed a USD 200 value may be acceptable under certain circumstances but require the pre-approval of your manager with the notification of Compliance Department.
Non-permissible
- Gifts in the form of cash payments are not allowed. It is prohibited to provide or receive cash as well as any cash equivalents (e.g. gift cards or loans) in any circumstances, regardless of amount.
- You should not actively solicit gifts or entertainment from a current or potential client or business partner to gain an unfair advantage.
- It is prohibited to offer or give anything of value to a government official in order to get or keep business or gain an improper advantage.
For details, please refer to the corporate Gifts, Entertainment and Hospitality policy that will be available on the MyCiklum portal.
Money Laundering and Sanctions
Money Laundering
People who are involved in criminal activity such as bribery, fraud or trafficking narcotics may attempt to launder money through apparently legitimate businesses in order to use the funds from their criminal activity and reduce suspicion7.
Ciklum will not accept or process money gained through criminal activity; we will only deal with reputable clients who are involved in legitimate business activities and whose funds are derived from legitimate sources. If you become suspicious, you should raise your concern immediately to the Compliance Department and document all steps that are taken in relation to the transaction.
Sanctions
Sanctions are a foreign policy tool used by Governments to restrict the ability of designated countries, individuals or entities access to particular products, services and markets8.
Ciklum has a zero tolerance approach to engaging with entities or individuals that are subject to sanctions restrictions implemented by the UN, EU, USA or other Governments as well as to those implemented by any local government at any of Ciklum’s locations. If you have any doubts about dealing with an entity which may be subject to sanctions, you should raise the question with the Compliance Department.
Fair Competition and Anti-trust
Guidance
Generally, antitrust and competition laws prohibit any activity that may improperly reduce or inhibit competition. Most countries where Ciklum does business also have laws restricting attempts to monopolise markets or otherwise restrict or control competition.
It is CIklum’s obligation to comply with these laws where they are applicable. Because of the complexity of antitrust and competition laws, it is imperative that Ciklumers seek advice from the Compliance Department on any question regarding these issues. The penalties for violating antitrust laws and trade regulations can be extremely severe for both Ciklum and the individuals involved.
Personal Information
Ciklum takes its obligations under applicable data protection and privacy laws very seriously in all countries where Ciklum does business10. We all have a responsibility to safeguard the privacy, confidentiality and security of personally identifiable information and other private information of Ciklumers, clients, partners and other third parties in Ciklum’s possession. We have in place effective systems to only allow access to our personal information to those who have a valid business reason for accessing it, reducing the risk of our personal data being compromised. While creating documents in cloud environment we need to provide access only to those people, who are authorised to see it.
You should never provide the information without the individual’s permission. If in doubt you should refer your enquiry to Compliance Department.
Business Records
We must help to ensure that Ciklum’s books and records, which include virtually all forms of business documentation, electronic or otherwise, accurately and fairly reflect, in reasonable detail, all transactions and dispositions of assets. It is of critical importance that Ciklum’s financial reporting, including its reports to investors and lenders, be accurate and timely. Depending on type of services they provide, Ciklumers may be called upon to give information necessary to assure that Ciklum’s financial reports are complete, fair and understandable.
Managing and Protecting Ciklum’s Assets and Reputation
Confidential and Proprietary Information
Confidential information includes all non-public information that might be useful to competitors or that could be harmful to Ciklum if disclosed11.
Ciklum has a duty to its clients, suppliers and personnel to respect all information it holds about them and to protect and handle such information responsibility.
Ciklum’s legal obligations and its competitive position require that confidential information remain confidential and that we are diligent in our efforts to protect our intellectual assets. Information that is proprietary to our clients, suppliers and others should be treated as confidential and used for the purpose for which it was obtained and disclosed only as permitted between Ciklum and the other party. Confidential information should be properly and securely stored, transmitted and disposed of, and Ciklumers must be mindful of the risk of discussing confidential information in public places. This means that Ciklumers should not disclose or share information regarding internal Ciklum matters with anyone outside Ciklum, except as required in the performance of their employment duties.
It is never acceptable to discuss confidential information in a public place even if there are no classified documents in use. The security and confidentiality of the information could be compromised if someone overhears the conversation.
Conflict of Interest
‘Conflict of interest’ arises where a person’s position or responsibilities within their business unit presents an opportunity for personal gain above the normal rewards of cooperation12. In other words, a conflict of interest exists when your personal interests interfere with the best interests of Ciklum. Ciklumers should attempt to avoid actual or apparent conflicts of interest.
Any personal interests (or the interests of a member of immediate family) in relation to Ciklum’s business must be disclosed to your manager and the Compliance Department immediately. Disclosure is mandatory, failing to disclose a conflict or a perceived conflict is a violation of the Code.
In situation that appears to present a conflict of interest we expect you to “refrain and report”.If it is not possible to avoid participating in the event or activity creating the conflict, promptly disclose the potential conflict to your supervisor and the Compliance Department, and avoid participating in decisions that might raise the appearance of a conflict until you receive appropriate guidance.
Use and Protection of Ciklum’s Resources
We are each responsible for protecting any equipment and property to which we have access to or have been entrusted to safeguard, whether that equipment belongs to Ciklum company, our clients or other third parties. We need to make sure that these assets are not compromised, lost, damaged, misused or wasted. We use these assets exclusively for Ciklum’s business purposes.
Social media
Ciklum recognises the role that social media plays in communications and society today. However, sometimes it gets difficult to make clear division between one’s private voice on social media and the role as a Ciklumer. We all need to be responsible in our engagement on social media and exercise judgement when communicating in public forums. While engaging on social media, you should:
- Be transparent and make it clear that you are speaking for yourself in your private capacity;
- Recognise that anything you say can be viewed as Ciklum’s own statement;
- Protect confidential information;
- Be honest, accurate and ethical at all times;
- Not announce things which you are not authorised to announce; and
- Understand the potential consequences of your actions.
Providing a Dynamic & Diverse Work Environment
Open, Honest & Respectful
In our relationships with each other, we strive to be open, honest, and respectful in sharing our ideas and thoughts, and in receiving input. We value the free flow of thoughts, ideas, questions and concerns. We encourage CIklumers to raise work related issues or concerns through our established processes as soon as issues or concerns arise.
Equal Opportunity and Anti-Discrimination
Ciklum promotes a cooperative and productive work environment by supporting the cultural and ethnic diversity of its workforce. Our collective challenge is to enhance the company’s performance through valuing and understanding differences. Ciklum is committed to a policy of providing equal employment opportunity to all qualified individuals and applicants. This commitment is reflected in all aspects of our daily operations.
We do not discriminate on the basis of race, color, descent, sex, sexual orientation, gender reassignment, political views, confession or religious beliefs, nationality, ethnicity, marital or civil partnership status, family / career responsibilities, pregnancy and maternity / paternity status, age, disability or impairment, profession or occupation, veteran status, physical peculiarity or genetic information in any personnel practice, including recruitment, hiring, employment, compensation and benefits / remuneration, facilities and services, promotion, training and professional development, termination and references, discipline and grievance.
Health & Safety
At Ciklum, we are committed to creating a safe, healthy and non-threatening work environment. We integrate sound safety and health practices within our operations and comply with applicable workplace safety and health regulations. We foster an environment where everyone feels safe and is treated with courtesy and professionalism. Any act of violence or threatening behavior or possession of weapons will not be tolerated.
Under all circumstances, all Ciklumers must take due care of their health and safety and ensure that they do not endanger others by any acts or omissions. Activities that are not conducive to a good work environment are not permitted; this includes the storage, consumption, distribution, or being under the influence of alcohol or any controlled substances other than substances as prescribed by a physician on company-owned or leased property, during working hours, while on company business, or while using company property.
Moderate alcohol use at company-sponsored events after working hours can be allowed with prior functional head or director sign off. A dedicated manager must be responsible for the event. Under no circumstance can alcohol be offered to individuals under the legal drinking age attending the event.
Working Responsibly and Serving Communities
Poltical Activities and Contributions
Guidance
Ciklum strives to comply with all national, federal, state, and local laws and regulations. Respecting the responsibilities of government agencies and cooperating with them in good faith as they execute established guidelines and policies is essential.
Ciklumers shall not provide anything of value to any local, state, or national or federal elected or appointed official or government employee unless the Ciklumer’s supervisor has confirmed that the item of value complies with all laws or regulations that limit or prohibit such gifts or require the gifts to be reported.
Ciklumers are encouraged to participate in the electoral process through voting, contributing time or other appropriate means. You may not contribute funds, assets or services for, or on behalf of, Ciklum to any political candidates, political party, charity or similar organisations unless such contribution is expressly permitted by law and authorised by Ciklum.
Community Investment
We will make a positive social and economic contribution through our activities to the communities in which we work, and we will support, sponsor and contribute to the activities of other organisations, where they are aligned with our own business objectives, our values and will enhance the reputation of Ciklum13.
We contribute to charities and good causes through sponsorship and donations and by providing materials. We encourage our employees to give their time as volunteers to these causes. When making sponsorship commitments, charitable donations or promises of ‘in-kind’ support such as company materials or resources, prior approval is required and the activity must be recorded. All requests for sponsorship and charitable donations received must be approved by Compliance Director to ensure that they meet our sponsorship and charitable giving criteria.
Definitions
Who are Ciklumers?
Ciklumers is used in this Code as the collective reference for employees (permanent or temporary, full or part time) of any Ciklum legal entity, or any of its affiliates or subsidiaries, as well as for others performing work for, or on behalf of, Ciklum.
What is bribery?
Broadly, bribery is defined as giving or receiving a financial or other advantage in connection with the “improper performance” of a position of trust, or a function that is expected to be performed impartially or in good faith.
Bribery does not have to involve cash or an actual payment exchanging hands and can take many forms such as a gift, lavish treatment during a business trip or tickets to an event. The types of bribery that take place in the commercial sector are numerous. Some simple examples are:
- bribery in order to secure or keep a contract;
- bribery to secure an order;
- bribery to gain any advantage over a competitor;
- bribery of a local, national or foreign official to secure a contract;
- bribery to turn a blind eye to a health safety issue or poor performance or substitution of materials or false labour charges; and
- bribery to falsify an inspection report or obtain a certificate.
Ciklum’s definition of bribery also includes making “facilitation payments”. A “facilitation payment” is a payment or gift given (usually to a government official) to speed up a procedure or to encourage one to be performed. It does not include fees required to be made by law such as the payment of a filing fee for a legal document. The acceptance of a facilitation payment by a government official is an example of corrupt activity.
Ciklum defines “corrupt conduct” or “corruption” as the abuse of entrusted power for private gain.
What is money laundering and sanctions?
Money laundering
‘Money laundering’ is the process of hiding illegal sources of money. For example, under the UK Proceeds of Crime Act 2002 (POCA) money laundering offences are committed when a person:
- conceals criminal property
- enters into an arrangement regarding criminal property
- acquires, uses or possesses criminal property.
This process is of critical importance, as it enables the criminal to enjoy these profits without jeopardising their source. Illegal arms sales, smuggling, and the activities of organised crime can generate huge amounts of proceeds. Embezzlement, insider trading, bribery and computer fraud schemes can also produce large profits and create the incentive to “legitimise” the ill-gotten gains through money laundering. When a criminal activity generates substantial profits, the individual or group involved must find a way to control the funds without attracting attention to the underlying activity or the persons involved. Criminals do this by disguising the sources, changing the form, or moving the funds to a place where they are less likely to attract attention.
Sanctions
Sanctions are a foreign policy tool used by Governments to restrict the ability of designated countries, individuals or entities access to particular products, services and markets. The jurisdictions, individuals and entities who are the target of sanctions are those who particular governments view as engaging activity which is either considered abhorrent (e.g. suppression of civil rights) or would threaten international peace and security (e.g. development of a nuclear weapon). These restrictive measures are most commonly enforced by the UN, EU and USA.
What is fair competition and anti-trust?
Generally, antitrust and competition laws prohibit any activity that may improperly reduce or inhibit competition. Most competition laws and trade regulations apply to the sale and marketing of services as well as products. It is expected that each of us compete vigorously and fairly in the conduct of business matters but always in compliance with the local and other countries’ laws.
What is personal information?
Personal information is any information that can be used, alone or in combination with other information, to identify a specific individual. It includes such information as a person’s name, address, email address, date of birth, driving licence number, financial account numbers, passport, Social Security/Tax ID number or other government identification number and other identifiers.
What is confidential and proprietary information?
Confidential information includes all non-public information that might be useful to competitors or that could be harmful to Ciklum if disclosed. Proprietary information, i.e. intellectual property, includes data such as trade secrets, patents, trademarks and copyrights, and business information, research and new product plans, objectives and strategies, records, databases, salary and benefits data, employee personal and medical information, client, employee and supplier lists and any unpublished financial or pricing information.
What is conflict of interest?
‘Conflict of interest’ arises where a person’s position or responsibilities within their business unit presents an opportunity for personal gain above the normal rewards of cooperation. A conflict of interest can arise in many situations, including:
- Family and relationships among Ciklumers or with the employees of our suppliers, partners, or clients;
- Giving or receiving gifts, hospitality, or travel;
- Outside work activities;
- Dealing with family members employed by a vendor or partner;
- Dealing with a vendor or partner who employs family members; and
- Dealing with a vendor or partner in which you or a family member have a financial interest.
1 Please refer to Definitions section
2 Supervisor is a Ciklumer you report to
3 Leadership Team and Invited Members is the group of Ciklum top managers that contains from C-level officers (CEO, Global CFO, COO, CTO, CDO, CHRO, CRO and VP C&C) and directors – Legal D., Compliance D., Finance D., Delivery D. and Commercial D.
4 Board of Directors of the Ciklum Group Holdings Limited Holding Company, BVI
5 For more information, please refer to Definitions and Examples sections
6 For more information, please refer to Examples section
7 For more information, please refer to Definitions and Examples sections
8 For more information, please refer to Definitions and Examples sections
9 For more information, please refer to Definitions and Examples sections
10 For more information, please refer to Definitions and Examples sections
11 For more information, please refer to Definitions and Examples sections
12 For more information, please refer to Definitions and Examples sections
13 For more information, please refer to Examples section
Compliance Policy
Introduction
Background
At Ciklum we are committed to doing business in accordance with our core principles – transparency and integrity, which in particular means avoiding bribery and corruption of all kinds and in wider sense this relates to not facilitating or engaging in any Financial Crime. This includes bribery and corruption, money laundering and sanctions.
Ciklum defines these areas of financial crime as:
- Bribery and Corruption: The act of offering, promising or giving a financial or other advantage to another person with the intent to induce improper performance of a business or public function. Corruption is the abuse of entrusted power for private gain. It can be classified as grand, petty and political, depending on the amounts of money lost and the sector where it occurs.
- Money Laundering: Money Laundering involves taking criminal proceeds and disguising their illegal source in anticipation of ultimately using the criminal proceeds to perform legal and illegal activities.
- Sanctions: Sanctions are restrictive measures applied by a country, or group of countries, to enforce change. Sanctions can be split into two distinct areas, financial and trade sanctions. Financial sanctions are restrictions on providing economic resource to certain entities or individuals. Trade sanctions limit the ability to trade in particular items to certain territories, entities or individuals. Trade sanctions can also apply to any ancillary services related to the goods/services which are restricted.
Detailed definitions can be found in Sections 4, 5 and 6 of this Policy.
Purpose of this Policy
The purpose of this Policy is to guide Ciklumers and to ensure that Ciklum’s core values of transparency and integrity are maintained at all levels of Ciklum. This policy is also designed to manage Ciklum’s compliance risk, and to protect Ciklum, our shareholders, and customers.
Managing compliance risk in the context of this policy refers to the risks presented by national and international financial crime laws and regulations. It is essential that Ciklum has in place processes, systems and controls to manage this compliance risk as without it Ciklum’s integrity, profitability and future growth ambitions could be comprised. To manage this compliance risk Ciklum will:
- Ensure there is regular identification and assessment of compliance risk across Ciklum;
- Monitor any legal and regulatory changes to assess their impact on Ciklum;
- Put in place processes, systems and controls to support the identification and mitigation of compliance risk; and
- Provide Ciklumers with support and guidance.
This Policy applies to all Ciklumers, including officers and directors. In addition, Ciklum will require third parties who represent it (such as agents, consultants, and contractors) to conduct themselves where applicable in a manner consistent with this Policy.
Ciklum will seek to comply with all applicable laws, rules and regulations in the jurisdictions in which it operates including those relating to anti-bribery and corruption (ABC), anti-money laundering (AML) and sanctions. For the purpose of combatting financial crime the decision has been taken to use the regulations imposed by the European Union (EU), United Nations (UN) and United States (US) as a benchmark.
This decision has been made as these regulations are directly applicable to certain Ciklumers and they are also seen as being the highest global standards to combat financial crime. In each jurisdiction Ciklum operates in there are laws and regulations relating to bribery and corruption, money laundering and sanctions. Where these conflict with the requirements outlined by the EU, UN and US Ciklum will take a decision on the appropriate course of action on a case by case basis.
Core Anti- Bribery and Corruption regulations – U.S. Foreign Corrupt Practices Act (“FCPA”) and the U.K. Bribery Act prohibit bribery of foreign government officials (broadly defined later in this policy), and with regard to the FCPA in particular, mandate that companies establish and maintain accurate books and records and sufficient internal controls. The UKBA also prohibits private sector (commercial) bribery.
A violation of financial crime regulations can lead to severe civil and criminal penalties and is cause for disciplinary action (up to and including termination of employment or contract with Ciklum1); it is vital that every Ciklumer2 not only understands and appreciates the importance of these policies and procedures, but also complies with them in daily assignments.
Compliance risk
Compliance risk (also referred as Financial Crime risk) is an indispensable part of Ciklum’s overall risk. It is a risk Ciklum may suffer in failure to comply with applicable laws, rules and standards including FCPA, UKBA, Anti-Money Laundering regulations, sanctions and embargo programs, and the Code of Conduct applicable to Ciklum’s activities.
Compliance risk is also an integrity risk, because Ciklum’s reputation is closely connected with its adherence to principles of transparency, integrity and fair dealing.
Compliance risk must be identified, assessed, advised on, monitored and reported timely to protect Ciklum from any damage or losses such as legal or regulatory enforcement or sanctions, material financial losses, reputational losses, financial crime and corruption (destroying shareholders’ value).
Compliance principles
Ciklumers, at all levels, are required to strictly abide with the principles outlined below while performing their duties in the Ciklum. Abiding by these principles will help to manage the risk that Ciklum, and/or Ciklumers, are found to breach local laws, international laws and Ciklum’s own compliance controls.
1.4.1. Compliance with Laws, Rules & Regulations
Ciklumers have to act according to Ciklum’s written policies and procedures in order to ensure full compliance with laws, rules and standards helping to maintain Ciklum’s reputation, and meet the expectations of its customers, the relevant regulatory bodies, the markets and society as a whole; treating customers fairly, and ensuring suitability of customer advice.
1.4.2. Promote and Engage in Ethical Conduct
Ciklumers, at all levels, are required to carry out their duties acting professionally and honestly, in good faith and with integrity respecting Ciklum’s Code of Conduct; perform duties as described by their contracts or job descriptions; avoid misuse of authorities; properly use accessible information; not engage in any unethical/ illegal activities that may damage Ciklum’s reputation; act with full transparency and in a bona fide; and report any illegal activities/ unethical behaviour/ suspicion of any illegal act, as per applicable policies and procedures.
1.4.3. Avoid any Conflict of Interest
Ciklumers should act in the best interests of Ciklum without giving any preference to any third party on the basis of personal considerations ensuring their private matters do not interfere with the interests of Ciklum.
1.4.4. Protect Confidentiality
Ciklumers have to maintain the confidentiality of information which may be related to Ciklum and its clients (and entrusted to them) except when disclosure is authorised or required by law; even when they leave Ciklum.
1.4.5. Protect Ciklum’s Assets
Ciklumers should protect and use Ciklum’s property and assets for legitimate business purposes.
1.4.6. Act in the Customer’s Best Interest
Ciklumers should provide services to Ciklum’s customers with care, honesty and fairness; they should strictly avoid manipulation, or any unfair dealings. Accordingly, Ciklum will ensure careful review of customers’ complaints, process them in a timely manner and document replies.
1.4.7. Raise any issues or concerns
Ciklumers are encouraged to report any violation of Ciklum’s policies, Code of Conduct, potential violations of applicable laws and regulations, as well as other types of misconduct. Ciklum pledges to protect all Ciklumers against any kind of harassment from any other employee for reporting a potential violation in good faith.
Governance
The approach of Ciklum’s compliance governance is based on clear roles and responsibilities for both Operational management (the first line of defence) and Compliance (the second line of defence). This is supported by oversight and challenge from senior management in the form of the Risk Management Committee (RMC). The roles and responsibilities of these functions is detailed below.
Anti-Bribery & Corruption
2.1. Involvement of the Senior Management
Ciklum’s Senior Management are integral in developing and ensuring the continued effectiveness of Ciklum’s compliance framework. Ciklum’s Senior Management (Leadership team & Invited Members) support the compliance process by:
- Actively communicating the importance of compliance down through the ranks across the Ciklum network;
- Regularly monitoring the implementation of the financial crime compliance program; and
- Providing oversight to the compliance framework including involvement in any breaches of requirements.
Operational Management as the first line of defence
Ciklum’s operational management includes branch, line and function managers. The principal role of Operational Management in the compliance framework is to support the identification, assessment and management of compliance risks by supporting risk mitigation activities and implementing including internal controls.
Operational line managers are the owners of business processes in Ciklum. It is for this reason that they are responsible for ensuring compliance with laws, rules and regulations within the areas they oversee. The specific responsibilities of operational management include:
- Managing overall compliance culture and performance within their business areas;
- Ensuring open communication channels with the Compliance Function (2nd line of defence);
- Implementing the Group compliance initiatives (such as the Code of Conduct); and
- Participating in incident response/investigation.
Operational management will have easy access to the Compliance Function which deals with any concerns quickly and effectively, escalating whenever necessary. Operational Management is encouraged to highlight good practice, share examples of near misses and help Ciklumers to learn from them.
Compliance Function as the second line of defence
Ciklum’s Compliance Function includes both the Compliance Director and the Compliance Department. Compliance operates as the second line of defence in Ciklum’s compliance risk framework.
The principle role of the Compliance Function is to facilitate and monitor the implementation of compliance risk management practices by Operational Management (first line of defence), analyse and report on compliance performance, provide valuable insight and advice. The mission of the Compliance Function is to provide expert advice in relation to compliance risk management, understand Ciklum’s financial crime risks and lead risk mitigation activities to help support the businesses.
Compliance Function responsibilities include:
- Defining and updating compliance strategy and initiatives;
- Establishing the overall Ciklum Compliance Reinforcement Programme5 ;
- Overseeing Compliance Risk Assessments;
- Leading and coordinating Compliance Champions Programme6;
- Establishing and maintaining policies, procedures and governance;
- Creating the Ciklum Group compliance communication and training plan;
- Maintaining and coordinating incident reporting and incident management procedures; and Reporting to the Risk Management Committee and senior management identified compliance risks, weaknesses and deficiencies, and breaches from the applicable policies and procedures.
Risk Management Committee
Ciklum’s RMC is a formal sub-Committee of the Board of Directors. The Committee has been established to assist the Board in the discharge of its duties and responsibilities relating to financial crime Compliance. The RMC will facilitate the establishment and oversight of Ciklum’s financial crime controls by setting the top level rules that dictate the formation and approval of key financial crime Policies. The roles and responsibilities of the RMC are set out in its Terms of Reference but will include:
- Providing oversight of financial crime compliance risk management across the Ciklum Group;
- Review and challenge reports and MI regarding financial crime compliance across the Ciklum Group; and
- Oversee the development and delivery of compliance strategy and initiatives.
The RMC should be seen to be, and acts as, independent from both the first and second line functions in its role as providing oversight and assurance on the robustness and application of Ciklum’s compliance risk framework. The members of the RMC and Terms of Reference dictating the operation of the function will seek to ensure that this occurs.
Responsibilities of Ciklumers
Ciklumers are key to ensuring that Ciklum does not breach any laws or regulations. Compliance with all applicable laws, rules and regulations as well as with Ciklum’s policies and principles is therefore the responsibility of every Ciklumer.
As a Ciklumer, you must:
- Read, understand, abide and confirm acknowledgement of our Code of Conduct, comply with this Policy (in particular with the principles listed in Section 1.3) and all related Procedures;
- Report concerns to your local management, where possible, or through the Compliance Function or through the SpeakUp email;
- Be vigilant to any “red flags” (set out below in the Section 2.6) or issues of potential risk which indicate where further examination of a particular transaction or relationship is necessary; and
- Complete prescribed training in accordance with Section 10 of this Policy.
As a Ciklumer, you must not:
- Offer, promise or give a bribe or utilise a third party to do so, as the Company can be prosecuted for breaches of anti-bribery laws by third parties acting on its behalf; and Request, agree to receive or actually receive a bribe intended for your benefit or the benefit of your family, friends or acquaintances.
Compliance “Red Flags”
There are a number of signals that warrant Ciklumers’ special attention, and/or call for the examination of a particular transaction or relationship for a potential bribery issue. Those signals or “red flags” that call for further attention include, but may not be limited to:
- Payments of unusually high fees or commissions;
- Requests for cash payments;
- Requests for payments to different companies or through different countries;
- Requests for payments to offshore centres / tax havens without sufficient justification;
- Undefined or unreported payments to third parties made on the Company’s behalf;
- No written agreements;
- Unusually close relationships with government officials; and
- A refusal to certify compliance with this policy.
Code of Conduct
The foundation of Ciklum’s compliance framework is the Code of Conduct. The primary function of the Code of Conduct is to provide a unified set of principles and behaviours, which are designed to act as a guide for Ciklumers to help them make the right business and behavioural decisions. It is the responsibility of all Ciklumers to ensure they read, understand and act in accordance with the Code of Conduct and that all policies, procedures and processes do not conflict with requirements outlined in the Code. We should also require our suppliers and vendors to adhere to our Code or adopt similar ethical standards.
Compliance Function and Compliance Programme
This section provides further information on the role and purpose of Ciklum’s Compliance Function. This section should be read in conjunction with Section 2.3 of this Policy.
Compliance with all applicable laws, rules and regulations as well as with Ciklum’s policies and principles is the responsibility of every Ciklumer. Nevertheless, a Compliance Function has been implemented and operates to ensure effective management of the compliance risk and maintain Ciklum’s reputation with its shareholders, customers, contractors and employees, the relevant regulatory bodies, and the markets.
Ciklum’s Compliance Function is represented by the Group Compliance Director and by the Compliance Department that in its turn, comprises the Compliance Manager and Compliance Experts.
The Compliance Function performs its responsibilities which consist primarily of monitoring the business and providing advice when needed on a proactive basis or upon request.
The Function has an independent status, sufficient resources and authority to perform its duties and responsibilities and access all information which may be necessary for the proper exercise of its duties.
2.8.1. Objectives and Purpose of the Compliance Function
Ciklum’s Compliance Function as been established to:
- Implement and manage compliance risk. This includes measures to mitigate risk to Ciklum of internal and external fraud, engaging in bribery or corruption, facilitating money laundering, facilitating a breach of sanctions legislation and engaging in activities which may lead to reputational damage;
- Provide support and guidance to ensure that Ciklum acts with high ethical standards including transparency and integrity to meet the expectations of customers, shareholders’ and third parties; and
- Ensure that the Ciklum continues working ethically.
2.8.2. Responsibilities and Duties of the Compliance Function
The responsibilities of the Compliance Function include, but are not limited to:
- Advising and keeping Senior Management appraised of compliance requirements with relevant laws, rules and standards;.
- Providing analysis and early warning of regulatory change that may affect the business to ensure that such change is communicated to the Leadership Team and Board of Directors;
- Identifying and assessing the compliance risks associated with Ciklum’s business activities. This will be reviewed periodically or when Ciklum engages in new business activities, including the development of new products and business practices, and expansion of business;
- Establishing written guidance to Ciklumers on the principles outlined in this policy and other relevant compliance documents or other publications;
- Providing advice and assistance to the Board of Directors, Senior Management, committees and Ciklumers to help them meet their compliance responsibilities;
- Educating Ciklumers on compliance risk and the controls that Ciklum has in place to mitigate these risks;
- Monitoring and, on regular basis, assessing the adequacy and effectiveness of Ciklum’s compliance controls;
- Ensuring proper handling of both internal and customer complaints;
- Regularly reporting to the Board of Directors, and relevant committees, on compliance risks, weaknesses, deficiencies, and any legal or policy breaches identified;
- Reporting, where necessary, to external agencies;
- Keeping records of good and bad practice to provide feedback on failures in controls and compliance with recommendations provided for improvements and remedial action; and
- Building an open relationship with relevant regulators, and where relevant, respond and coordinate responses to proposed legislation or regulations.
2.8.3. Preconditions of the Compliance Function
To ensure that Ciklum’s Compliance function can operate effectively the Ciklum Board of Directors are committed to ensure the Compliance function are able to operate in accordance with the key principles of authority and independence.
- Authority: The Compliance Function will have access to all of the Ciklum’s offices, departments as well as static data records and property in the custody or under the control of Ciklum for the purpose of discharging its responsibilities.
- Independence: To avoid conflict of interest, the Compliance Function has been established as a function that is independent of line and operational departments which will have full and free access to the Board of Directors, as needed.
2.8.4. Compliance Programme
The responsibilities of the Compliance Function are carried under the Compliance Programme (also referred as Ciklum Compliance Reinforcement Programme or “CCRP”).
The Compliance Programme is Ciklum’s compliance roadmap which details the Function’s planned activities (for example the implementation and review of specific policies and procedures).
The Compliance program is risk based and will be subject to the oversight by the Group Compliance Director to ensure appropriate coverage across businesses and coordination among risk management functions. On at least an annual basis the CCRP will be shared with Senior Management/ the RMC for independent review and challenge.
Risk-Based Approach
Risk appetite statement
Ciklum has zero tolerance for financial crime, wherever and in whatever form that may be encountered. Ciklum performs assessment of financial crime risks that will inform the development of controls.
Firm-Wide risk assessment
On an annual basis Ciklum will conduct a firm-wide financial crime and ethics risk assessment. As part of this risk assessment Ciklum will consider, among other criteria, the inherent risk of Ciklum’s services, operations and Third Parties as well as the risks present in jurisdictions where Ciklum has operations.
In addition to the firm-wide risk assessment performed at least an annual basis, other events which might drive the need to revisit the risk assessment more frequently include:
- New financial crime legislation;
- Regulatory censure involving the IT sector; and
- A change in Ciklum’s operational structure.
Third party risk assessment
Ciklum may suffer reputational damage or face legal liability if associated with business partners and intermediaries that engage in unethical or illegal conduct. We therefore need to ensure that our business relationships are transparent and ethical. Ciklum applies a risk based approach to inform decision making before engaging with third parties (customers, agents, contracts, vendors etc.). The depth of subsequent due diligence procedures is based on an assessment of the risk profile of the engagement, including the following risk factors:
- Geographic location;
- Industry;
- Background and identity of the third party;
- Connection with government officials or entities;
- Amount and Compensation structure of the proposed arrangement;
- Additional factors related to the scope of the services to be rendered; and
- Selection of the third party
Throughout the risk assessment and further due-diligence procedures, a comprehensive record of relevant documents and decisions is maintained to ensure we can demonstrate proper application of the Policy and prove that decisions to engage with partners or third parties were made in good faith.
Anti-Bribery and Corruption
Applicable laws and regulations
As a multi-national corporation Ciklum has numerous legal requirements relating to anti-bribery and corruption. For the purpose of this Policy, Ciklum will use the standards set forth in the UK Bribery Act 2010 (“the Bribery Act”) and in the US Foreign Corrupt Practices Act (“FCPA”) as a basis for its compliance efforts. The reason for using these regulations as a base is that not only will these regulations be directly applicable to certain Ciklumers but they are also seen as being the highest global ABC standard. In each jurisdiction in which Ciklum operates there are laws and regulations outlawing bribery and corruption. Where these conflict Ciklum will take a decision on the appropriate course of action on a case by case basis.
4.1.1. What is a bribe?
Ciklum defines a bribe as an inducement, payment or reward, offered or received to gain an improper business advantage. Improper business advantage includes:
- Winning business, contracts, tenders;
- Preventing or diminishing some governmental action, such as the imposition of a large tax or fine, or the cancellation of an existing government contract or contractual obligation;
- Obtaining a licence or other authorisation from a government where the issuance involves the foreign official’s or his/her government’s discretion;
- Obtaining confidential information about business opportunities, bids or the activities of competitors; and
- Obtaining the right to open an office, or to influence the award of a government contract etc.
In addition, the bribe is any payment to:
- Influence the rate of taxes that would be levied on the company’s business;
- Obtain relief from government controls, foreign regulations, or the application of regulatory provisions;
- Resolve governmental disputes, for example the resolution of tax deficiencies or a dispute over duties payable; and
- Resolve commercial litigation in foreign courts.
- Bribery of public officials (directly or indirectly, and in order to obtain or retain business or an advantage in doing business) as well as companies and private individuals are all equally prohibited under the laws of many countries and under this policy and our Code of Conduct.
4.1.2. What is the Risk?
Potential penalties for the Company include unlimited fines, costly litigation and adverse publicity. For individuals, penalties can include very large fines. Additionally, in the UK, US and some other countries, long terms of imprisonment are also possible:
Criminal and Civil Penalties
For corporations
FCPA:
- Fines of up to USD2 million for each violation of the anti-bribery prohibition and USD25 million for books and records violations
- Civil penalties up to USD500,000 for books and records violations
- Disgorgement of gains associated with improper payments Injunction to prevent future violations
- Suspension or banned from doing business with the U.S. government
- Imposition of a corporate monitor
UK Bribery Act:
- Unlimited fine
Criminal and Civil Penalties:
- Confiscation
For individuals
FCPA Anti-bribery Provisions:
- Up to USD10,000 civil fine per violation of the anti-bribery provisions
- Up to 5 years’ imprisonment per violation of the anti-bribery provision
- Up to USD100,000 criminal fine per violation of the anti-bribery provisions
FCPA Books and Records Provisions:
- Up to USD5 million criminal fine andUSD100,000 civil fine for knowing violations of the books and records provisions
- Fines imposed on an officer, director, employee, or agent may not be paid by the issuer
- Up to 20 years’ imprisonment for knowing violations of the books and records provisions
UK Bribery Act:
- Up to 10 years imprisonment
- Unlimited fine
Criminal and Civil Penalties
- Director may be disqualified
Gifts, Entertainment and Hospitality
Ciklumers must not provide or accept gifts, hospitality or entertainment that seeks to influence or reward any business activity, including the anticipation of further business. It is important to remember that excessive or otherwise inappropriate gifts and/or hospitality can lead to the appearance of improper influence (including bribery) or conflicts of interest.
This is not to say the provision of hospitality and reasonable gifts is prohibited, however there must be a legitimate business reason for the provision of entertainment or receipt of a gift. All gifts and entertainment given or received must be recorded in accordance with the requirements detailed below as well as Ciklum’s Gifts, Entertainment and Hospitality Procedure.
4.2.1. What is gift?
A gift can be an item, but it can also include event tickets or the provision of services when the gift provider is not otherwise involved in the event or service (e.g. the giver provided the tickets but does not accompany the recipient to the event).
4.2.2. What is entertainment and hospitality?
Entertainment or hospitality is distinguished from a gift as it typically involves meals, events or other forms of entertainment (e.g. sporting events, concerts, shows) where the provider participates in the meal, event or other form of entertainment or hospitality.
4.2.3. Ciklum’s approach to giving and receiving Gifts, Entertainment and Hospitality
Gifts, entertainment and hospitality in Ciklum should always be clearly separate from the business decision-making process. Any business decisions must not be influenced (or seen to be influenced) by the giving or receiving of gifts, entertainment or hospitality. As a Ciklumer you have to avoid putting yourself and Ciklum into a position where gifts, entertainment or hospitality affect your business judgment or could be perceived to affect the outcome of any business transaction.
The following key principles apply to all Ciklumers relating to gifts, entertainment and hospitality:
- Certain gifts and hospitality will need to be approved and recorded in the gifts and hospitality register, which is maintained by Finance;
- Ciklumers must not accept gifts or hospitality which could be perceived as seeking to support or reward any business act or which are provided in consideration of any potential further business;
- Ciklumers must ensure that the offer or acceptance of a gift or instance of hospitality does not create or appear to create a conflict of interest for those involved;
- Gifts or hospitality given or received must not be repetitive in nature, lavish in cumulative value or associated with pending business or regulatory decisions;
- Any gift or hospitality given or received must be in compliance with local law and not of a nature that would be likely to damage the reputation of Ciklum if publicly disclosed;
- Hospitality given or received must be in the presence of a host;
- Travel expenses must only be incurred for legitimate business purposes; and
- Cash or cash equivalent gifts (of any amount) may not be given or received.
4.2.4. Recording of Gifts, Entertainment and Hospitality
Ciklum will maintain a register of gifts, entertainment and hospitality provided by or to company staff in accordance with the principles outlined above. This register will be subject to regular quality assurance and will be maintained by Compliance. For further detail regarding permissible gifts, entertainment and hospitality please refer to the Gifts, Entertainment and Hospitality Procedure listed in section 4.7.
Critical Contributions and Appointments
Political contributions or donations in cash or kind on behalf of Ciklum are not permitted without Board approval.
In considering whether or not a donation should be approved, the Board will need to be assured that there is no potential conflict of interest affecting a material transaction in connection with the contribution and to protect the Company’s reputation. Furthermore, any Ciklumers who obtain or are looking to obtain appointment to a public office must obtain approval of the Board before doing so.
Charitable Donations and Sponsorship
Charitable donations and sponsorship may only be provided to recognized non-profit charitable organisations with the prior approval of Compliance Function. Any charitable donations will not be made in recognition or anticipation of a business relationship with Ciklum.
All charitable donations have to be:
- Approved in accordance with applicable procedures;
- Transparent and properly recorded in our books and records; and
- Receipted or have a letter of acknowledgement from the charity to ensure that the donations receive the proper tax treatment
Charitable donations should not:
- Be made to individuals or in cash; and
- Be made at the request of a public official as an inducement to or reward for acting improperly.
It should be ensured that there is no potential conflict of interest, see Section 4.4, affecting a material transaction in connection with a charitable contribution made or commercial sponsorship entered into. Charitable contributions and commercial sponsorships must not be made where there is a risk that a commercial transaction may be influenced or where the contribution/sponsorship could be regarded as a subsequent ‘reward’ for the awarding of a contract.
Conflict of Interest
A ‘Conflict of interest’ arises where a person’s position or responsibilities within their business unit presents an opportunity for personal gain above the normal rewards of cooperation. In other words, a conflict of interest exists when your personal interests interfere with the best interests of Ciklum. Ciklumers should attempt to avoid actual or apparent conflicts of interest.
Any personal interests (or the interests of a member of immediate family) in relation to Ciklum’s business must be disclosed to your manager and the Compliance Function immediately. Disclosure is mandatory, failing to disclose a conflict or a perceived conflict is a violation of this policy and of our Code of Conduct.
In situation that appears to present a conflict of interest we expect you to “refrain and report”. If it is not possible to avoid participating in the event or activity creating the conflict, promptly disclose the potential conflict to your supervisor and the Compliance Function, and avoid participating in decisions that might raise the appearance of a conflict until you receive appropriate guidance.
Facilitation payments
Facilitation payments are unofficial payments to public officials to ensure or speed up performance of routine and non-discretionary governmental actions such as processing a visa application, securing a mail service, or connecting utilities. These will be seen as bribes under UKBA, regardless of whether they may be a part of the “way of doing business” in a particular country. As a Ciklum’s representative, Ciklumer have not make any facilitation payment.
The prohibition on facilitation payments may not apply to situations in which a Ciklumer is faced with a serious medical or safety emergency. A Ciklumer faced with such an emergency must either seek prior approval from the Group Compliance Director or, in circumstances where seeking prior approval is deemed impossible, record the details of any such payment or submit that information in writing to the Compliance Function within 48 hours of the payment being made. Any such payments should be accurately recorded as facilitation payments in Ciklum’s books and records.
Procedural Guidance: Gifts, Entertainment and Hospitality
Exchanging gifts and entertainment as well as provision of hospitality can create goodwill and establish trust in relationships with counterparties and business partners. It is important, however, that the guidelines set out below are followed in all cases.
In line with the policy statements contained within section 4.2 of this document detailed below is an overview of the procedural requirements to guide staff in relation to Gifts, Entertainment and Hospitality. This section should be read and considered in-line with the earlier policy statements and requirements.
4.7.1. Gift, Entertainment and Hospitality Limits
Permissible gifts, entertainment and hospitality
- It is acceptable to extend or receive occasional gifts, entertainment and hospitality having a maximum retail value of USD 200 per meeting as a gesture of goodwill or in furthering a legitimate business relationship.
- The provision or receiving of gifts, entertainment or hospitality (including in the form of tickets to sporting event) that exceed a value of USD 200 may be acceptable under certain circumstances but require pre-approval of your manager with the notification of the Compliance Department
- The total value of gifts, entertainment or hospitality given to or from the same organization over the course of any one calendar year must not exceed USD 1000 unless pre-approved by your manager with the notification of Compliance Department.
4.7.2. Non-permissible gifts, entertainment and hospitality
- Gifts in the form of cash payments are not allowed. It is prohibited to provide or receive cash as well as any cash equivalents (e.g. gift cards or loans) in any circumstances, regardless of amount.
- You should not solicit gifts or entertainment from a current or potential client or business partner to gain an unfair advantage.
It is prohibited to offer or give anything of value to a government official in order to win or keep business or gain an improper advantage
4.7.3. Declaration of gifts, hospitality or entertainment
Ciklumers must report, and where required, seek approval for each case when gifts, hospitality or entertainment provided by or to Ciklumers are in accordance with rules described below.
The exception is that small and modest entertainment or hospitality such as a coffee, fruit, light alcohol or working lunches. These do not need to be declared.
4.7.4. When dealing with clients
The paragraph below is applicable for client-facing Ciklumers: developers, sales, SDMs, Branch Managers, People Partners and PPMC as they have access to the Salesforce application. Rules for Ciklumers who have no access to Salesforce are disclosed in paragraph 4.7.5.
If you wish to make a gift to a customer or partner of any value, you are required to obtain approval for the gift in advance by submitting a gift approval request using the Gift Register on Salesforce.
When planning, and providing, entertainment or hospitality and it is anticipate that the value of the entertainment and hospitality will exceed USD 200 approval should be sought from line managers and the Compliance Department notified.
To do this you have to log into Salesforce, select the relevant account and click on the Gift Register field. If the gift is referred as an opportunity, you should select the relevant opportunity name as well.
When dealing with third parties (other than clients)
The paragraph below is applicable for administrative personnel and all other Ciklumers who have no access to the Salesforce application. Rules for Ciklumers who have access to Salesforce are disclosed in the paragraph 4.7.4.
If you wish to make a gift to a third-party (vendor, partner or customer) of any value, you are required to obtain approval for the gift in advance by submitting a gift approval request using the Jira system.
To do this you have to log into Jira, select project type “FD Request”, Issue type “Task”, FD Request type “Gift Register”. Gift details and approval
You will be required to fill in several details about the gift, hospitality or entertainment you plan to make. This will include a brief rationale, recipient name and value of the gift, hospitality or entertainment. Then you have to submit your request. The request will then be subject to approval. If approved you will receive a gift approval reference code which you can use to reimburse your expenses.
Expenses submitted for gifts made to customers or partners that have no gift approval reference code would be treated as unapproved and may not be reimbursed.
4.7.4. Receiving of a gift, hospitality or entertainment
If you are offered or receive a gift from a third party you should declare it before the gift is accepted (wherever possible) using the same means and approaches as described above in chapters 4.7.4 and 4.7.5 – Gift Register in Jira/Salesforce.
There is no approval requirement for gifts, hospitality or entertainment received, but the declaration is subject for review. You will only be informed if it is not allowed to accept the gift.
If acceptance is not permissible, you will be required to return what was received with the comment that Ciklum policy does not allow the acceptance of such a gift, hospitality or entertainment.
If you receive a gift, hospitality or entertainment that is not permissible according to Ciklum policy and it is impossible to return it, you have to make sure you declare this using the Gift Register.
Anti-Money Laundering
Money Laundering and Terrorist Financing Regulations
People and organisations that are involved in criminal activity such as bribery, fraud or trafficking narcotics may attempt to launder money through apparently legitimate businesses in order to use the funds from their criminal activity and reduce suspicion. Ciklum will not accept or process money gained through criminal activity; we will only deal with reputable clients who are involved in legitimate business activities and whose funds are derived from legitimate sources.
The details of Ciklum’s anti-money laundering, countering terrorist Financing (“AML/CTF”) measures including documentation rules and application of online tools and reports of risk intelligence screening provider are disclosed in the TPDD Procedure.
Suspicious Activity Reporting
Ciklum will establish and maintain a process for suspicious activity reporting. All Ciklumers have a personal responsibility to raise any suspicion of any potential illegality whether internal or external that may impact Ciklum to the Compliance Director as soon as possible. Ciklum must not take any action or encourage any actions by Company Staff that could constitute tipping off. Tipping off is a criminal offence.
In certain jurisdictions (i.e. the UK) there is a requirement to report any suspicious activity to relevant authorities. Any external reporting requirements will be handled on a case by cases basis through collaboration between Ciklum Legal, Compliance and the Risk Management Committee.
Potentially Suspicious Circumstances
Situations which may cause a suspicion of illegality include, but are not limited to:
- A client whose identity or ultimate beneficial ownership cannot be verified easily;
- The source of a payment which is difficult to identify, or a payment which is received from a third party with no obvious connection to a customer client;
- A customer wanting to pay for services in cash;
Payments made from (or a request for a refund to) a foreign bank account or branch (particularly if the client does not have an obvious reason for conducting business within that country);
- Any transaction involving an undisclosed third party;
- Early cancellation of services in circumstances which seem unusual or for no apparent reason; and Extensive use of corporate structures and trusts in circumstances where the customer’s needs are inconsistent with the use of these structures and trusts.
Risk Assessment
In line with the third party due diligence requirements there will be a consideration of a range of risk factors prior to engaging with any third parties. This will include a consideration of a number of factors that may increase the potential of money laundering exposure to Ciklum. Ciklum’s AML/CTF checks are structured to address the controls needed based on the risks posed by the products and services offered, customers served, and their geographic locations.
Sanctions
Sanctions are restrictive measures applied by a country, or group of countries, to enforce change. Sanctions can be split into two distinct areas; financial and trade sanctions. Financial sanctions are restrictions on providing economic resource to certain entities or individuals. Trade sanctions limit the ability to trade in particular items to certain territories, entities or individuals. They can also apply to any ancillary services related to the goods/services which are restricted.
The details of sanctions check including documentation rules and application of online tools and reports of risk intelligence screening provider are disclosed in the TPDD Procedure.
Applicable Laws and Regulations
As a multi-national corporation Ciklum has numerous legal requirements relating to sanctions. For the purpose of this Policy Ciklum will use the sanctions imposed by the EU, UN and USA as a benchmark. The reason for using these regulations as a base is that not only will these regulations be directly applicable to certain Ciklumers but they are also seen as presenting the highest risk of enforcement action. In each jurisdiction Ciklum operates, there are laws and regulations restriction trading with certain individuals and entities. Where these conflict arises, Ciklum will take a decision on the appropriate course of action.
Risk Assessment
Prior to entering into a contractual relationship with any third party, the identity of the third party, its beneficial owners (if applicable), and the nature of the transaction itself should be screened against any applicable U.S. and E.U. sanctions, as well as any applicable export/import control regulations. Services to new customer will not be provided until such a customer and the transaction have been screened against U.S. and E.U. sanctions and applicable export/import control laws.
Third Parties that are registered in countries having high levels of trade and commercial sanctions, such as but not limited to, Iran, Sudan and North Korea, are subject to particularly high levels of scrutiny and decisions on whether to engage with a third party registered or located in (or whose beneficial owners are citizens or residents of) such a jurisdiction. These decisions should be taken on a case-by-case basis, with consultation and approval of Group Compliance Director where necessary.
The Country Manager should take all due care to protect the reputation of the Ciklum Group in connection with any such transaction and shall obtain beneficial ownership information for such third parties in order to perform a sanctions check, even before entering into preliminary agreements.
US Persons
Ciklum conducts business in the US and as such must be aware that US Sanctions apply to US persons (including individuals and entities) irrespective of their location. Consequently, US persons must not be asked to opine or be involved in any business relationship that would be prohibited, under US sanctions, if performed, by a US person, even in circumstances where the activity would be permitted by the Sanctions Policy and legal in other jurisdictions. These restrictions also apply to any transaction conducted in US Dollars.
Escalating and Reporting
Where any existing or potential customer, employee, third party or payment is identified as having a sanctions related restriction, or a potential restriction, this must be escalated to the Compliance Function for review and approval before any transaction can proceed.
Compliance Function will review the screening results and if they agree with the screening results will liaise with the Compliance Director and other parties, as required, to decide on the appropriate course of action.
If after screening, and subsequent investigation, the decision is made that there is a confirmed ‘positive’ hit against a relevant sanctions list then appropriate action must be taken by the Compliance Director. Appropriate action may include, but is not limited to, notifications to relevant legislation, licence applications and/or ceasing relationships with the relevant third party.
Working with Third Parties
Definition of a Third Party
A third party is an entity, regardless of form and ownership, or an individual (e.g. private entrepreneur) with whom Ciklum has a business relationship. This includes, but is not limited to:
- Suppliers;
- Agents / Intermediaries; and
- Customers.
Prohibited Relationships
Ciklum will only establish business relationships with reputable third parties who derive their income, wealth, funds, and assets from legitimate sources. Ciklum must not knowingly establish business relationships with individuals or entities who are subject to legal restrictions (including sanctions).
Due Diligence Requirements
7.3.1. Minimum Standards
To ensure that Ciklum does not enter into any prohibited relationships and to ensure compliance with all legal and regulatory requirements, Ciklum will implement a risk-based Third Party Due Diligence Procedure (“TPDD Procedure”). Third Party Due Diligence (“TPDD”) will be completed before the initiation of any business relationship and will seek to verify the true identity of potential third parties, the expected nature of their relationships and transactions with Ciklum, and their reputation.
The requirements of this Policy are mandatory and have to be followed for all third parties. They support the Ciklum Compliance Programme and apply to all Ciklumers in all Ciklum locations.
In all instances the following steps must be followed as a minimum:
- Initial Screening: Using a screening solution to ascertain any red flags before continuing with the remaining due diligence.
- Risk Assessment: Using a range of factors to assess the level of financial crime and integrity risk associated with individual third parties.
- Due Diligence Checks: Conducting risk-based due diligence on higher risk third parties.
- Approval: Approval for working with new third parties will always be required. However, the approver(s) will be determined by the risk rating and due diligence conducted.
Where an increased risk of financial crime is identified with a third party, additional requirements may be required in line with the TPDD. Ciklum will not establish any business relationship, or initiate or commit to any transaction with a third party for which TPDD has not been completed and approved as required by this Policy or related procedures.
7.3.2. Responsibility for conducting Third Party Due Diligence
For each third party there should be an individual (the “Proposer”) who is assigned with overall responsibility for ensuring that the requirements of this Policy are followed. This should be a Ciklumer involved with the management of the relationship with the third party (for example, the Service Delivery Manager). Branch and Operational Managers are responsible for allocation of sufficient resources that are necessary to ensure that this Policy is fully implemented within their areas of responsibility.
Politically Exposed Persons
Any dealings with government agencies and government officials present an increased risk of bribery and corruption. As part of Third Party Due Diligence the identification and appropriate risk mitigation of relationships involving Politically Exposed Persons (PEPs) is essential. Ciklum will ensure that any risk assessment and associated due diligence considers the risks presented by PEPs.
Communication with Third Parties
When dealing with third parties, employees must make it clear that Ciklum has a zero tolerance approach to financial crime. Where contracts exist, these must contain relevant ABC clauses. Where appropriate, this Policy should also be communicated to third parties. Where any suspicion exists that a third party may be behaving unethically this should be reported to Compliance.
Monitoring
Ciklum will monitor third party relationships on an ongoing basis. The frequency and extent of ongoing monitoring will be determined by the third party’s risk rating. The results of Ciklum’s monitoring will be used to determine whether the Third Party Due Diligence conducted remains adequate. Where monitoring indicates a material change to a third party’s risk profile, Ciklum must update the Due Diligence information and reassess the financial crime risk associated with the business relationship.
Record Keeping and Reporting Requirements
Ciklum must comply with applicable record keeping requirements and maintain records for the required length of time in accordance with established Procedures and legal and regulatory requirements. Records must be maintained in such a manner so that they will be accessible and retrievable in case of a law enforcement or regulatory request.
Ciklum’s records should cover:
- Evidence of the business reason for making payments to third parties;
- Written records of hospitality or gifts accepted or offered, which will be subject to managerial review;
- Expense claims relating to hospitality, gifts or other expenses incurred to third parties are submitted in accordance with our expenses Policies and specifically record the reason for the expenditure; and
- All accounts, invoices, memoranda and other documents and records relating to dealings with third parties, such as clients, suppliers and business contacts, should be prepared and maintained with strict accuracy and completeness. No accounts must be kept “off-book” to facilitate or conceal improper payments.
Existing Record Keeping Arrangements
The following financial and accounting directives have been implemented to help ensure Ciklum’s compliance with international ABC regulations, including the FCPA:
- All cash, bank accounts, investments and other assets of Ciklum must always be recorded accurately on the official books of the Company.
- The Risk Management Committee will periodically initiate internal review the Company’s books, records, and controls to ensure their compliance with the requirements of the FCPA.
- No Ciklumer shall falsify any accounting or other business record, and all Ciklumers shall respond truthfully and fully to any questions from the Ciklum’s internal or independent auditors.
- Bank accounts should be opened or closed only upon the prior written approval of the Group Compliance Director and Finance Director (not country controller). In the absence of either of those, the Group CFO and Finance Controller would approve. Anonymous (“numbered”) accounts will not be maintained.
- Payments will not be made into anonymous bank accounts or other accounts not in the name of the payee or of any entity known to be controlled by the payee.
- No cash payments shall be made, except for regular, approved payroll payments or normal disbursements from petty cash supported by signed receipts or other appropriate documentation. Checks will not be drawn to the order of “cash,” “bearer” or similar designations.
- Fictitious invoices, over-invoices or other misleading documentation will not be used.
- Fictitious entities, sales, purchases, services, loans or financial arrangements will not be used.
- Check requests will be in writing and contain a complete explanation of the purpose and authority for the payment. The explanation will accompany all documents submitted in the course of the issuing process and will be kept on file.
- All expenses relating to foreign business must be supported by reasonable written documentation.
- Payments to Third Parties will only be made in the country where a substantial portion of the related services are performed or the country from which the Third Party performing such services normally conducts business.
- Payments for any services rendered to Ciklum by a government official (including an officer of a foreign government-owned or controlled commercial enterprise), including honorarium payments and reimbursement of expenses, will be made solely to the government agency or instrumentality employing the individual. Such payments will be made by check directly to the respective government agency or instrumentality, or by wire to its named bank account within the respective government agency’s or instrumentality’s country, or by wire through its duly authorized correspondent bank.
- Receipts, whether in cash or checks, will be deposited promptly in a bank account of Ciklum. Any Ciklumer who suspects the possibility that a bribe, kickback or over-invoice is associated with a particular receipt or that an understanding exists that all or a portion of a receipt will be rebated, refunded or otherwise paid in contravention of the laws of any jurisdiction, will immediately report that suspicion in accordance with the reporting procedures addressed below under “Reporting Violations” Section.
- Personal funds must not be used to accomplish what is otherwise prohibited by this policy.
Reporting, Whistleblowing and Investigations
Reporting and Whistleblowing
Any Ciklumer who suspects a violation of this policy must immediately report such suspected violation to respective Line Manager / Project Manager, HR Business Partner / People Partner or Compliance Function. If you are uncomfortable doing so, you may report by anonymously using Ciklum SpeakUp mailbox: SpeakUp@ciklum.com
Never hesitate to ask questions, raise concerns, or seek the guidance you need. Ciklum will not tolerate any discrimination against anyone who has reported a concern in good faith.
Investigation of incidents
Ciklum will investigate any report of a violation with the principles of the Code of Conduct and this Policy. You must cooperate fully with any investigation, but should not investigate independently as alleged violations may involve complex legal issues, and you may risk compromising the integrity of a formal investigation.
Training and Awareness
The Compliance Director is responsible for ensuring the designing and maintaining of financial crime training plan for all Ciklumers (including Senior Management) to ensure they have sufficient awareness of relevant regulations to manage risk and carry out their duties on behalf of Ciklum.
As a minimum, all Company Staff will be provided with financial crime training on an annual basis, and no longer than thirteen months after the last training session took place. This training will be followed by a mandatory test that all Company Staff must pass based on their understanding of the material communicated. All training activity must be documented and maintained as required by the Company’s record keeping Policy.
Policy
Ownership and Review
The Compliance Director is responsible for owning and maintaining this Policy. The Policy must be reviewed and updated on as-needed basis by the Compliance Director. New operational, legal and regulatory developments and emerging risks may trigger review and update of the Policy.
All changes must be notified to and approved by the Risk Management Committee before the revised Policy is released and communicated to Ciklumers. A version control log – outlining the date of change, a description of change made and who has made the change – must be maintained up-to-date in order to ensure formal control over adjustments made to the Policy. As a result, management will take appropriate corrective action in the scope of laws, policies and procedures when breaches of laws, rules and standards are identified that might include disciplinary actions up to termination of a contract or employment, and if necessary taking legal action against the Ciklumer.
Breaches
All breaches of this Policy or related standards and procedures must be immediately reported to the Compliance Director. The Compliance Director is responsible for determining whether the breach is material and requires further escalation.
Conduct that violates the law and/or company policies is ground for disciplinary or remedial action. In addition, failure to report a known violation of law or company policy by someone else may result in disciplinary action for Ciklumers and/or termination of employment/your relationship with Ciklum. The disciplinary action taken will be decided on a case by case basis. The action will be conducted in accordance with Ciklum’s HR procedures and corresponding legal requirements.
Where laws have been violated, we will cooperate fully with the appropriate authorities.
Definitions and Abbreviations
Bribe and bribery
Broadly, bribery is defined as giving or receiving a financial or other advantage in connection with the “improper performance” of a position of trust, or a function that is expected to be performed impartially or in good faith.
Bribery does not have to involve cash or an actual payment exchanging hands and can take many forms such as a gift, lavish treatment during a business trip or tickets to an event. The types of bribery that take place in the commercial sector are numerous. Some simple examples are:
- bribery in order to secure or keep a contract;
- bribery to secure an order;
- bribery to gain any advantage over a competitor;
- bribery of a local, national or foreign official to secure a contract;
- bribery to turn a blind eye to a health safety issue or poor performance or substitution of materials or false labour charges; and
- bribery to falsify an inspection report or obtain a certificate.
Ciklum’s definition of bribery also includes making “facilitation payments”. A “facilitation payment” is a payment or gift given (usually to a government official) to speed up a procedure or to encourage one to be performed. It does not include fees required to be made by law such as the payment of a filing fee for a legal document. The acceptance of a facilitation payment by a government official is an example of corrupt activity.
Corruption
Ciklum defines “corrupt conduct” or “corruption” as the abuse of entrusted power for private gain. Ciklum or Ciklum Group
Ciklum or Ciklum Group is a group of companies that directly or indirectly are under common control of Ciklum Group Holdings Limited Holding Company, BVI and operating under Ciklum Trademark.
Ciklumers
The collective reference for employees (permanent or temporary, full or part time) of any Ciklum legal entity, or any of its affiliates or subsidiaries, as well as for others performing work for, or on behalf of, Ciklum.
Compliance Champions Programme
Compliance Champions Programme is the plan for nomination of compliance champions who have to act as compliance ambassadors in various departments and locations of Ciklum and facilitate the liaison between their own internal functions and the Compliance Function on compliance-related topics.
The mission of compliance champions is to provide compliance face-to-face consulting themselves, roll out written standards coming from the Compliance Function within their own business units, implement their own initiatives in order to address their department-specific compliance needs as previously aligned with the Compliance Function, help identify the major areas subject to exposure, and encourage Ciklumers to speak up whenever they encounter potential violations.
Entertainment
Entertainment is distinguished from a gift as it typically involves meals, events or other forms of entertainment (e.g. sporting events, concerts, shows) where the provider participates in the meal, event or other form of entertainment.
Gift
A gift can be an item, but it also can include event tickets or the provision of services when the gift provider is not otherwise involved in the event or service (e.g. the giver provided the tickets but does not accompany the recipient to the event).
Public official
Public or Government official means:
- Any officer or employee of a foreign government or any department, agency, or instrumentality thereof; Employees of state-owned or controlled companies;
- Any officer or employee of a public international organization;
- Any person acting in an official capacity for or on behalf of a foreign government or government entity or of a public international organisation such as the United Nations, the World Bank, etc.;
- Any foreign political party, party official, or any candidate for foreign political office;
- Immediate family members of any of the above.
Sanctions
Sanctions are restrictive measures applied by a country, or group of countries, to enforce change. Sanctions can be split into two distinct areas financial and trade Sanctions. Financial sanctions are restrictions on providing economic resource to certain entities or individuals. Trade sanctions limit the ability to trade in particular items to certain territories, entities or individuals. Trade sanctions can also apply to any ancillary services related to the goods/services which are restricted.
Money Laundering
Money laundering involves taking criminal proceeds and disguising their illegal source in anticipation of ultimately using the criminal proceeds to perform legal and illegal activities.
Leadership Team and Invited Members
Leadership Team and Invited Members is the group of Ciklum top managers that contains from C-level officers (CEO, Global CFO, COO, CTO, CDO, CHRO, CRO and VP C&C) and directors – Legal Director, Compliance Director, Finance Director, Delivery Director and Commercial Director.
Third Party
A Third party is an entity regardless of form and ownership or an individual (e.g. private entrepreneur) that is involved in some way in interaction with Ciklum: supplier, agent, customer, and others.
The Proposer
The Proposer is an individual who is assigned with overall responsibility for certain third party (that was proposed by him to interact with Ciklum) for ensuring that the requirements of this policy are followed. This should be a Ciklumer involved with the management of the relationship with the third party (for example, the Service Delivery Manager or Procurement Specialist)
Dignity and Respect
ABOUT THIS POLICY
1.1 Dignity and Respect at Work Policy and Procedure (hereinafter – the “Policy”) confirms Ciklum Group arrangements and commitment to providing equal opportunities to all persons and outlines standards of behavior to a working environment which is comfortable to work in and which deplores all forms of discriminatory or offensive behavior.
1.2 This Policy sets out the organization’s position on equal opportunity and respectful treatment in all aspects of the Personnel engagement by giving guidance and encouragement to the Personnel at all levels to act fairly and prevent discrimination.
1.3 This policy will be applied fairly and consistently to all Ciklum Group Personnel based on Ciklum sites, customer sites and includes business trips and events where the occasion is considered to be work-related (e.g. Christmas parties, farewell functions and other general personnel functions).
1.4 This document is directly applicable and addressed to all Ciklum Group, which shall be expected to apply these principles and guidelines in compliance with legal requirements and regulations locally in force. Should some of these principles be less restrictive than the requirements of local law, in each case, the Group Company will adopt principles and guidelines that conform to local law.
1.5 This policy is not intended to be contractual in nature and is not implied or otherwise incorporated into any employment contract or contractor agreement. Ciklum may from time to time, at its absolute discretion, amend, replace, or withdraw from this Policy, or depart from some or all of any procedure in this Policy.
1.6 All Personnel of the Group Companies should be made aware of the provisions of this Policy. 2. 2.
DEFINITIONS
2.1 With reference to the general legal framework on equal opportunities and diversity and for the purposes of this Policy, the terms mentioned herein shall have the following meanings:
2.1.1 Ciklum Group – a group of companies which directly or indirectly are under common control (i.e. share mother company, a subsidiary of affiliate relationship) and operating under Ciklum Trademark.
2.1.2 Group Company – a legal entity duly established and operating under the laws of the country, where Ciklum has legal presence, and which is a part of Ciklum Group.
2.1.3 Protected Characteristics – a list of personal characteristics, discrimination against which is forbidden and may constitute a breach of this Policy. For the purposes of this Policy the list of Protected Characteristics shall include:
2.1.3.1 Age
2.1.3.2 Disability or impairment
2.1.3.3 Gender reassignment
2.1.3.4 Marital or civil partnership status, family/career responsibilities
2.1.3.5 Pregnancy and maternity/paternity status
2.1.3.6 Race, color, descent, nationality, ethnicity
2.1.3.7 Political views or activity
2.1.3.8 Confession or religious beliefs
2.1.3.9 Sex
2.1.3.10 Sexual orientation
2.1.3.11 Profession or occupation
2.1.3.12 Physical peculiarities
2.1.3.13 Any other personal feature and background such as geographical origin and location, part-time and fixed term engagement status, professional role, pay rate and level within the organization.
2.1.4 Personnel or member of the Personnel – for the purposes of this Policy, the definition of ‘Personnel’ or ‘members of the Personnel’ is extended to include:
2.1.4.1 Job seekers – individuals participating in recruitment process for a vacant job post open with one of the Group Company
2.1.4.2 Employees – individuals engaged by any of the Group Company with a contract of employment
2.1.4.3 Workers and agency workers – individuals engaged by any of the Group Company with a contract to do work or provide services
2.1.4.4 Self-employed – individuals, where they have to personally perform the work
2.1.5 Employment – for the purposes of this Policy, the definition of ‘employment’ shall include all types of the Personnel engagement whether on employment agreement, or contractor agreement.
2.1.6 Discrimination – less favorable treatment of a person because of a Protected Characteristic.
2.1.7 Act of Discrimination – a type of prohibited conduct that is defined to include, but not limited to:
2.1.7.1 Direct discrimination – occurs where someone is treated less favorably because of one and/or several of the Protected Characteristics
2.1.7.2 Indirect discrimination – occurs where an individual is subject to an unjustified provision, criterion or practice that also puts others with the
same Protected Characteristics at a particular disadvantage unless
this criterion can be objectively justified
2.1.7.3 Harassment – occurs when there is unwanted conduct which has the purpose or effect of violating an individual’s dignity or creating an interrogating, degrading, hostile offensive or humiliating environment for the member of the Personnel in question.
2.1.7.4 Bullying – occurs as a result of repeated, unreasonable behavior by one or more persons directed towards one or more members of the Personnel in the workplace that create a risk to health and safety of the recipient of that behavior
2.1.7.5 Vilification – occurs as a result of a public act that could incite or encourage hatred, serious contempt or severe ridicule towards individuals or groups because of their Protected Characteristics
2.1.7.6 Victimization – occurs when someone is treated less favorably than others because they tried to make, or made, a complaint about discrimination.
POLICY STATEMENT
3.1 Ciklum Group is committed to recognizing equal opportunities and a right to be treated with dignity and respect of all members of the Personnel regardless of the Protected Characteristics.
3.2 This policy aims to ensure that no job applicant or member of the Personnel receives less favorable treatment on any of the Protected Characteristics, or is disadvantaged by conditions or requirements that cannot be shown to be justifiable.
3.3 Ciklum Group recognizes the harmful effect discrimination, harassment, bullying, vilification and/or victimization can have on individuals and is committed to ensuring that the environment at work is not conducive to unprofessional, unacceptable and unpleasant behavior and any instances of humiliation and intimidation are fully investigated with appropriate action taken.
3.4 Ciklum Group states that adhering to the Policy, combined with relevant engagement policies and practices, maximizes the effective use of individuals in both the company’s and Personnel member’s best interests. Ciklum Group recognizes the great benefits in having a diverse workforce with different backgrounds, solely engaged on ability.
3.5 This Policy and guidelines on equal opportunities and dignity at work stated below should be applied to all human resources processes and practices adopted across the Ciklum Group in order to encourage a level playing field on which all Personnel can unlock their potential on the basis of job requirements or specification of the services rendered and the individual’s ability and merits. The areas to be covered are:
3.5.1 Recruitment
3.5.2 Employment
3.5.3 Compensation and Benefits / Remuneration
3.5.4 Facilities and Services
3.5.5 Promotion
3.5.6 Training and Professional Development
3.5.7 Termination and References
3.5.8 Grievance
3.6 The purpose of this Policy is to enable complaints of unacceptable behavior to be consistently and appropriately dealt with.
3.7 This Policy is not exhaustive in defining acceptable and unacceptable behavior.
RECRUITMENT
4.1 Advertisements for posts regardless of whether circulated externally or internally will give sufficiently clear and accurate information to enable potential applicants to assess their own suitability for the post. Information about vacant posts will be provided in such a manner that does not restrict its audience in terms of any of the Protected Characteristics.
4.2 Recruitment literature will not imply a preference for one group of applicants unless there is a genuine occupational qualification which limits the post to this particular group, in which case this must be clearly stated.
4.3 All descriptions and specifications for posts will include only requirements that are necessary and justifiable for the effective performance of the job.
4.4 All selection will be thorough, conducted against defined criteria and will deal only with the applicant’s suitability for the job. Where it is necessary to ask questions relating to personal circumstances, these will be related purely to job requirements and asked all candidates.
4.5 All Ciklum Group are committed to ensuring that external partners active in the recruitment process, including but not limited to temporary agencies, recruitment agencies, public job agencies and executive search companies, are made aware of the principles and approaches of this Policy, and the Ciklum Group commitment to implementing its goals.
EMPLOYMENT
5.1 Terms and conditions of employment with any of the Group Company shall be drawn up with reference to this Policy.
5.2 Ciklum Group takes care to ensure that our policies and procedures operate fairly and consistently and in a non-discriminatory way against any of the Protected Characteristics.
5.3 Members of the Personnel who have a disability are encouraged to tell their Line manager about their condition, in order that the Group Company may consult with them about possible adjustments.
5.4 Group Company’s fixed-term and part-time members of the Personnel shall be offered appropriate access to benefits, training, promotion and permanent employment opportunities.
5.5 Any reasonable adjustments to working conditions which would assist member of the Personnel in performance of his/her duties will be considered and will be accommodated where possible and proportionate to the needs of the job. Each Group Company shall ensure that requests to alter working hours are dealt with appropriately.
5.6 If the Group Company considers that a particular adjustment would not be reasonable, the reasons for this have to be explained to the Employee and the Group Company shall aim to find an alternative solution (where possible).
COMPENSATION AND BENEFITS / REMUNERATION
6.1 The remuneration system of the Ciklum Group defines the total compensation / remuneration of the Personnel on the basis of the role covered, the scope of responsibilities, performance outcomes and the overall quality of the contribution to business results.
6.2 Within the existing remuneration framework, the Ciklum Group is committed to ensuring fair treatment in terms of compensation and benefits / remuneration without relation to any of the Protected Characteristics.
FACILITIES AND SERVICES
7.1 The Group Company’s conditions of facilities and service will be available to all members of the Personnel who should have access to them and there should be no unlawful obstacles to accessing them.
7.2 Where such arrangements put the member of the Personnel at a substantial disadvantage, the Group Company will consider whether adjustments are possible and appropriate in order to eliminate the disadvantage.
PROMOTION
8.1 Assessment criteria for performance and development reviews, as well as any of the talent management processes, will be based on merit and the needs of the job and will not be unlawfully discriminatory.
8.2 Where arrangements in relation to promotion or transfer may put the member of the Personnel at a substantial disadvantage, the Group Company will consider whether adjustments are possible and appropriate in order to eliminate the disadvantage.
TRAINING AND PROFESSIONAL DEVELOPMENT
9.1 The Ciklum Group is committed to promoting the goal of equal opportunities by ensuring that all members of the Personnel receive adequate education and training in this area and that “equal treatment” is included in existing and future training, induction programs and other forms of education and communication as appropriate.
9.2 All members of the Personnel will be encouraged to discuss their career prospects and training needs with their Line Manager or dedicated HR Business Partner / People Partner.
9.3 The Ciklum Group is committed to ensuring that external partners active in training and professional development process, including but not limited to consulting agencies and training centers, are made aware of the principles and approaches of this Policy, and the Ciklum Group commitment to implement its goals.
TERMINATION AND REFERENCES
10.1 Each member of the Personnel is to be protected from discrimination through to the last day of engagement with the Group Company and beyond to include references regardless of the termination reason.
10.2 Any of the Group Company’s internal policies and procedures will be applied without unlawful discrimination, whether they result in the giving of sanctions, dismissal or other disciplinary action.
10.3 Redundancy criteria and procedures will be fair and objective and will not include criteria which are contrary to the aims of this Policy and may be considered as discrimination against the Protected Characteristics.
ACTS OF DISCRIMINATION
11.1 Ciklum Group actively promotes equal opportunity and working relationships based upon mutual respect and valuing diversity.
11.2 In line with this Policy the following Acts of Discrimination shall not be tolerated in the workplace:
11.2.1 Unlawful Discrimination (direct and indirect)
11.2.1.1 Group Company Personnel shall not engage in acts of unlawful discrimination being either of the following:
11.2.1.2 Direct Discrimination – occurs where someone is treated less favorably because of one and/or several of the Protected Characteristics
11.2.1.3 Indirect discrimination – occurs where an individual is subject to an unjustified provision, criterion or practice that also puts others with the same Protected Characteristics at a particular disadvantage unless this criterion can be objectively justified
11.2.1.4 Intention or motivation of the person who engages in unlawful discriminatory behavior is irrelevant.
11.2.1.5 Act of discrimination shall be deemed unlawful if:
(a) It happens at work or on work related business (including all human resources processes and procedures covering the following areas according to Dignity and Respect at Work Policy: recruitment, employment, decisions on compensation and benefits, facilities and services, promotions, training and professional development, termination and references, grievance, as well as in the course of providing or receiving goods and services)
(b) It is based on or happens because of, one of the grounds or reasons which the law sets out as unlawful 11.2.1.6 Ciklum Group takes care to ensure that our policies and procedures operate fairly and consistently and in a non-discriminatory way against any of the Protected Characteristics.
11.2.2 Harassment
11.2.2.1 Group Company Personnel shall not engage in any forms of harassment.
11.2.2.2 Harassment occurs when there is unwanted and/or unreciprocated conduct which has the purpose or effect of violating an individual’s dignity or creating an interrogating, degrading, hostile offensive, humiliating, insulting or intimidating environment for the Personnel member in question and which the harasser knew or should have known was likely to cause offence to the victim.
11.2.2.3 For the purposes of this Policy harassment may include but is not limited to the following:
(a) Unwanted non-verbal, verbal or physical abuse which is derogatory, potentially offensive, embarrassing, humiliating or intimidating
(b) Inappropriate, suggestive or uninvited comments
(c) Displays of offensive images, literature and pictures
(d) Unwelcome propositions, both verbal and physical
(e) Repeated unwelcome invitations
(f) Offensive, insensitive and/or intrusive quips and jokes related to a person’s Protected Characteristic
(g) Questions, taunting, name calling, innuendo and any exchange intended to offend on the basis of stereotyped characteristics
(h) Stalking
(i) Persecution.
11.2.2.4 Sexual harassment occurs if there is an unwelcome act or unwelcome conduct of a sexual nature where a reasonable person, having regard to all the circumstances, would have anticipated the possibility that the person on the receiving end of that act or conduct would be offended, humiliated or intimidated by it. 11.2.2.5 Sexual Harassment may include but is not limited to the following:
(a) Sexual propositions or advances
(b) Unnecessary familiarity, e.g. brushing up against or constantly staring at a person
(c) Unwanted physical contact
(d) Offensive sexual gestures, innuendos or sexual jokes
(e) Unwelcome comments, questions and/or teasing about a person’s private life
(f) Display or circulation of sexual material, including emails, magazines, posters
(g) Sexual assault.
11.2.2.6 Sexual harassment may occur even if the person engaging in the unwelcome act or conduct did not intend to sexually harass. A single act is enough to constitute sexual harassment.
11.2.2.7 The mutual attraction between members of the Personnel and personal workplace relationships where behavior is consensual and lawful, do not fall within the constraints of this Policy, however where they interfere with working practices and requirements they will become a Group Company concern.
11.2.2.8 Some forms of harassment are also criminal offences and may incur prosecution under the local legislation.
11.2.3 Bullying
11.2.3.1 Group Company Personnel shall not engage in any form of bullying behavior.
11.2.3.2 Bullying occurs as a result of repeated, unreasonable behavior by one or more persons directed towards one or more members of the Personnel or other persons in the workplace that create a risk to health and safety of the recipient of that behavior.
11.2.3.3 Unreasonable behavior means behavior by a person that a reasonable person, having regard to the circumstances, would see as unreasonable, including behavior that victimizes, humiliates, intimidates, threatens, undermines or demeans another person.
11.2.3.4 Bullying can range from seemingly trivial banter to explicit abuse against an individual. It often involves, but is not limited to, a misuse of power, position or knowledge to criticize, humiliate or seriously undermine an individual.
11.2.3.5 Bullying may include but is not limited to the following: (a) Deliberately and repeatedly excluding, isolating or marginalizing someone from normal work activities
(b) Unwanted non-verbal, verbal or physical abuse which is derogatory, potentially offensive
(c) Aggressive, threatening or hostile behavior
(d) Embarrassing, humiliating or intimidating
(e) Verbal abuse to include shouting and physical gestures used to frighten or intimidate.
11.2.3.6 Bullying can occur even if the person who engaged in the behavior did not intend to bully or was not motivated by malice.
11.2.3.7 Bullying shall not include reasonable management action carried out in a reasonable manner including, for example:
(a) Genuine and reasonable disciplinary action
(b) Constructively delivered feedback and/or performance counselling.
11.2.4 Vilification
11.2.4.1 Group Company Personnel must not vilify others in the workplace.
11.2.4.2 Vilification is a public act that could incite or encourage hatred, serious contempt or severe ridicule towards individuals or groups because of their Protected Characteristics.
11.2.5 Victimization
11.2.5.1 All Group Personnel shall not be victimized or treated less favorably for making a complaint under this Policy in good faith.
11.2.5.2 Victimization includes any unfavorable treatment of a person who has made a complaint or been involved in the enquiry or investigation of a complaint, with respect to allegations of discrimination, harassment, bullying, and/or vilification.
11.2.5.3 Each Group Company shall take all reasonable steps to ensure that Personnel are protected against victimization or retaliation. It will be regarded as a disciplinary offence to victimize or retaliate against a member of the Personnel for bringing a complaint in accordance with this Policy.
GRIEVANCE
12.1 This Policy is designed to encourage and define acceptable and unacceptable standards of behavior and detail the steps that can be taken if an individual feels they are being unlawfully harassed, discriminated against or bullied in the workplace. The aim is to ensure consistent and fair treatment for all Personnel.
12.2 Disciplinary action will be taken against any member of the Personnel who is found to have committed an Act of Discrimination contrary to this Policy under the Group Company’s Disciplinary and Grievance Procedure. Such behavior may constitute gross misconduct and, therefore, may result in dismissal. The Ciklum Group takes a strict approach to serious breaches of this Policy.
12.3 Group Companies’ Personnel may consider the following options to remedy the case:
12.3.1 Informal Action
12.3.1.1 In some instances, it will be sufficient for the recipient to raise the problem informally with the person who is creating it, pointing out that their conduct is unwelcome, offensive or is interfering with their work.
12.3.1.2 A member of the Personnel who finds it intimidating or embarrassing to raise the problem direct with the person creating the problem may seek advice or support from their Line Manager and/or dedicated HR Business Partner / People Partner
12.3.1.3 It is advisable to keep a record (including times and dates) of any conversations you may have with the person causing the problem
during any informal attempts to rectify the situation.
12.3.2 Formal Action
12.3.2.1 This will generally be appropriate when informal action has proved ineffective or in any of serious instances of discrimination, harassment, bullying, vilification and/or victimization. In these circumstances, the Group Company’s Disciplinary and Grievance Procedure should be followed. An investigating manager shall carry out a thorough and timely investigation of the complaint taking into account the rights of the complainant and the alleged perpetrator, who will receive clear details of the complaint.
12.3.2.2 The investigation shall involve taking witness statements from other members of the Personnel who were witnesses to the alleged act(s). In the event disciplinary action is to be taken against the instigator, all witness statements will be disclosed and the perpetrator will be progressed through the Group Company’s Disciplinary and Grievance Procedure.
12.3.2.3 The Company will aim to maintain confidentiality for all parties throughout any investigations wherever practicable and will deal with all matters sensitively.
12.3.2.4 At every stage, the member of the Personnel who believes that she/he is being treated unacceptably, and the alleged instigator, have the right to be accompanied and/or represented by a work colleague and/or other legal representatives (if any). The exercising or waiving of this right will be recorded in the documentation.
12.3.2.5 If the allegations are founded, then the appropriate response will be invoked through the Group Company’s Disciplinary and Grievance Procedure.
12.4 Any complaints made by Group Companies Personnel in bad faith (malicious and vexatious allegations) will be dealt with as a disciplinary matter in accordance with the Group Company’s Disciplinary and Grievance Procedure.
RESPONSIBILITIES
13.1 This Policy is expected to affect the corporate culture and to embed equality, diversity and respect at all levels of the Ciklum Group. Therefore, all Personnel play an active role and are responsible for the Policy application. However, specific functions play key roles in the process, as outlined below.
13.2 The Organizational Development and Internal HR Division defines, sponsors and approves the overall equal opportunities strategy / approach, and will establish specific objectives linked to the strategy. Within its accountability the Organizational Development and Internal HR Division is responsible for:
13.2.1 Leading the design of the equal opportunities and respect at work strategy
13.2.2 Monitoring the strategy implementation and related achievements and improvements on regular basis
13.2.3 Ensuring that the strategy is embodied in every HR process and action
13.2.4 Making recommendations to management in relation to the objectives for achieving the status of equal opportunities and diversity employer and the initiatives supporting these objectives
13.2.5 Updating and amending this Policy, if necessary, based on its effectiveness.
13.3 All managers and heads of organizational structures of the Group Company’s level are accountable for managing HR processes (selection of candidates, appointments, promotions, development initiatives) on the basis of individual merit and competence, personal aspirations and fit the open position with the support of HR function. In the execution of their role they have to ensure:
13.3.1 The Policy is applied consistently to all Ciklum Group Personnel
13.3.1 Team members are aware and fully understand principles set forth in this Policy
13.3.2 Any complaints raised in respect of this Policy are properly investigated and responded to. All such offences, without exception, will be thoroughly investigated in a timely manner and may be regarded as gross misconduct which carries an ultimate penalty of dismissal for the perpetrator
13.3.3 Members of the Personnel feel able to raise concerns in the knowledge that no individual will be penalized or victimized for raising such a concern
13.3.4 Ensuring that local HR functions are involved where there is a requirement to progress an individual through the Group Company’s Disciplinary and Grievance Procedure for failing to adhere to this Policy.
13.4 All Group Companies’ Personnel are requested to:
13.4.1 Behave in accordance with this Policy
13.4.2 Treat colleagues with sensitivity, respect and courtesy at all times
13.4.3 Draw matters of concern to the attention of the appropriate level of management
13.4.4 Consider the impact of their behavior towards another person and remember individualization means what is offensive to one person may not be offensive to another
13.4.5 Respect confidentiality if engaged into complaint resolution process to ensure that the integrity of the investigation process is maintained at all times and to protect the privacy of the persons involved in the complaint
13.4.6 Not to discuss with any other members of the Personnel or with any other external third party the allegations, the matters that were discussed during the investigation, and responses to allegations or any matters raised during the investigation if engaged into complaint resolution process
13.4.7 Promote a culture of inclusion, the spirit of the policy on equality and respect at work and highlighting controversial cases at SpeakUp@ciklum.com.
COMMUNICATION AND IMPLEMENTATION
14.1 All Group Companies’ Personnel and new hires must become familiar with this Policy through various initiatives that include, among others, internal communication and news on local intranets. In order to reach the widest audience possible, when appropriate or necessary, the present Policy may be translated into the local languages of the countries in which our Group operates and communicated to the trade union organizations in relevant jurisdictions (if any).
14.2 Each of the Group Companies shall be accountable for circulation of this Policy to its suppliers and subcontractors.
14.3 For clarifications on the content of this Policy or for support on operational aspects of the process disciplined by the regulation itself, the interested functions/ legal entities can refer to the Group Company’s local HR Professional and/or Global HR Support Department at hr_support@cikum.com.
Anti-Slavery and Anti-Human Trafficking Statement
Introduction
This Slavery and Human Trafficking Statement is made on behalf of Ciklum Holding UK Limited and is supported by the group of companies under the control of Ciklum Group Limited, BVI (collectively -“Ciklum”), and operating under Ciklum’s trademarks worldwide.
Ciklum has a zero tolerance approach to slavery and human trafficking. We are committed to addressing the contents of the Modern Slavery Act 2015 and to ensuring that there is no modern slavery or human trafficking in our supply chains or in any part of our business.
Organisational Structure
Ciklum is a global software engineering and technology partner. We deliver software engineering excellence to Fortune 500 and fast-growing organizations in the United Kingdom, European Union and the USA. Details of the Group’s sales and delivery office locations can be found on the company’s website.
Policies in relation to slavery and human trafficking
Tone at the Top
Ciklum Global Code of Conduct promotes and supports our staff to act with respect towards human rights and is obligatory for acknowledgement and implementation at all times. When in doubt about any breach of human rights, our employees can speak up according to procedures set up in the Code of Conduct.
Due Diligence of third parties
We are committed to acting ethically and with integrity in all our business relationships and expect the same from our counterparties.
We have implemented robust due diligence procedures with respect to all third parties, their beneficiaries and top executives we are going to cooperate with.
Speak Up for reporting concerns
We also have a Whistleblowing Policy in place. The Whistleblowing Policy supports different channels of anonymous and non-anonymous reporting and is available at our web-site. Ciklumers may raise their concerns regarding potential wrongdoing or breaches of the law, including modern slavery laws, in confidence and without fear of disciplinary action.
Training and awareness
Ciklum provides annual Compliance training mandatory for all Ciklumers covering such topics as compliance with laws and regulations, bribery and corruption, ethical behaviors,and sanctions compliance.
This statement is being reviewed annually and made available on our website.
MR. KULRAJ SMAGH
DIRECTOR
For and on behalf of
CIKLUM HOLDING UK LIMITED
04 November 2022
Whistleblower Policy
Definitions
Board of Directors
Board of Directors of Ciklum Group Limited, BVI
Ciklum, Ciklum Group, the Company, the Group
Ciklum or Ciklum Group, the Company, the Group is a group of companies under the control of Ciklum
Group Limited, BVI, and operating under Ciklum Trademark
Corruption
Corrupt conduct or corruption is the abuse of entrusted power for one’s gain
Ciklumers
Employees of Ciklum, and others performing work for, or on behalf of, Ciklum
Management
Top management, C-level officers, Vice Presidents, Directors, Heads of Departments
Top management
The person(s) who direct(s) and control(s) Ciklum at the highest level.
Whistleblower
A whistleblower is any individual reporting on unlawful activities, fraud, or misconduct. Whistleblowers
can become aware of the misconduct through witnessing or being told about it both in and outside
Ciklum.
Introduction
Ciklum maintains and improves a compliance system respecting the highest standards of integrity,
regulations, fighting corruption, fraud, and anti-competitive ways of working.
Individuals aware of wrongdoings are expected to disclose them to Ciklum. Ciklum maintains a
whistleblower helpline as a safe communication channel for whistleblowers to share concerns on
misconduct and unethical behavior.
This Policy sets the framework and process of collecting and handling the information from
whistleblowers.
Requirements of the Policy are mandatory for all Ciklumers. This Policy is owned by the officer in charge of the Compliance function and is being approved by the Group CEO. The Policy is subject to regular review and updating as needed.
Reporting Channels
The whistleblowing information is being collected through five channels below:
1) reporting to a line manager at Ciklum, verbal or written;
2) reporting to Compliance function – verbally or in writing to compliance@ciklum.com.
Messages incoming through the above channels are registered and managed by the Compliance function at Speak Up helpline platform.
All Ciklumers and third parties have 24/7/365 direct access to the Speak Up helpline either with or without providing the name through:
3) Calling the 24/7/365 toll-free phone numbers listed at https://app.integritycounts.ca/call-the-hotline for the reporting by phone;
4) Reporting to ciklum@integritycounts.ca, e. g. if a reporter does not feel comfortable speaking with a live operator or does not have a private location available to make a call. The email is secure, confidential, and accessible 24/7/356;
5) Accessing the Speak Up helpline web platform at https://www.integritycounts.ca/org/ciklum. The link provides access to a safe global 24/7/365 reporting through the web.
The external provider supports managing and storage of all the Speak Up reports incoming through the above channels. The messages are being transferred for handling by the Compliance function.
At drafting a message a reporter can exclude its undesirable recipients. If a reporter excludes the Compliance function from the notification the message proceeds to the officer in charge of Human Resources.
Investigation and Reporting
Upon message receipt, the Compliance function decides if to investigate or to forward the message to a function best fit to the subject.
Compliance function investigates cases of fraud, bribery, Code of Conduct violations, financial crime, and other compliance risks as of the Compliance Policy.
The officer in charge of the Compliance function validates results, considers corrective actions with stakeholders, and approves an internal investigation report.
Allegations of top management, bribery or corruption, other material reputation, or financial damage are being reported to the Board of Directors.
Guidance on internal investigations is set in the Ciklum Internal Investigation Procedure that defines:
- decision-making to investigate;
- preparing and handling investigations;
- investigation conclusions and reporting;
- enforcement of corrective measures.
Training and Awareness
The Compliance function handles Ciklumers’ awareness of this Policy, ways to report, and non-retaliation for reporting in good faith.
This Policy and Speak Up reporting channels are accessible both at internal and external websites for use by any parties.
On a regular basis, all Ciklumers complete the Annual online Compliance course including a section on Speak Up.
Breaches
Speak Up helpline should not be used for reporting known untrue information or to be used as a revenge instrument. Ciklum reserves a right to apply disciplinary actions to Ciklumers being noticed in such unethical behaviors.
Ciklum prohibits discrimination or retaliation of anyone who reports a concern in good faith. Breaching this will result in disciplinary action, possible termination of relations, and civil, criminal, and administrative penalties.
Privacy Notice
Contact information for privacy matters
If you have any questions regarding your personal data, feel free to contact our Data Protection Officer via data.privacy@ciklum.com.
Sources of your personal data
Ciklum collects and processes information that
- you personally provided to us in hard copies, sent by email or through messengers to our representatives;
- we generate internally during performance of a contract between you and Ciklum;
- you provide during interaction with our web sites, through cookies (please see Cookie policy for details) and web forms;
- we obtain from third parties, integrated services or recruitment agencies;
- we obtain from open sources, social media sources, public web sites or press releases.
Ciklum will not process your personal data if such is prohibited by applicable data protection laws or regulations.
Purposes of processing
Ciklum processes your personal data linked to particular purposes and corresponding legal bases outlined below:
- purposes to which you agree in a consent form;
- for the fulfilment of the contract as further specified in our contracts with employees, clients and consultants;
- in order to comply with legal obligations specified in a particular law or regulation;
- legitimate interests pursued by Ciklum group members, except where such interests are overridden by your interests or fundamental rights and freedoms.
Please expand the relevant section below for further information. Please consider that you may belong to more than one category. If you need further assistance, please contact our Data Protection Officer via data.privacy@ciklum.com.
In case Ciklum is planning to change the purpose of processing to such that is incompatible with the original one, we will contact you to provide you with further information on purposes for processing prior to it taking place, at all times ensuring appropriate legal basis for processing, which may include asking for your additional consent.
Ciklum does not process your personal data for automated decision-making, including profiling. For cases where automatic processing is performed, Ciklum will inform you additionally in the relevant section of this notice.
Recipients of personal data
Ciklum Group consists of the following entities: Ciklum Holding UK Limited (UK), Ciklum UK Limited (UK), Ciklum Operations UK Limited (UK), Ciklum SA (Switzerland), Ciklum APS (Denmark), , Ciklum Inc. (USA) , Ciklum Services Ltd. (Israel), Ciklum GmbH (Germany), Ciklum LLC (Ukraine), Ciklum Ukraine LLC (Ukraine), Ciklum Pakistan (Private) Limited (Pakistan), CIKLUM INDIA PRIVATE LIMITED (India), CIKLUM IT SPAIN, S.L. (Spain), Ciklum Bulgaria LTD (Bulgaria), CIKLUM SP. Z O.O. (Poland), CN Group CZ a.s. (Czech Republic) and CN GROUP RO S.R.L. (Romania).
All your personal data will be kept strictly confidential and will not be disclosed to unauthorized third parties or made public without your prior notification by this notice or in person. Ciklum will not transfer your personal data internationally without reasonably ensuring that the rights and freedoms of you as the data subject are protected.
We never sell your data or share it with other third parties in order to obtain direct or indirect financial gains.
To obtain information about third-party recipients of your personal data, please expand the relevant section below. Please consider that you may belong to more than one category. If you need further assistance, please contact our Data Protection Officer via data.privacy@ciklum.com.
Where Ciklum stores your personal data
We use a variety of security technologies and procedures to help protect your personal data from unauthorized access, use or disclosure. We secure the personal data you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure. All personal data is protected using appropriate physical, technical and organizational measures. Ciklum entities are certified with ISO27001 and regularly updated to comply with industry standards.
Please mind that transmission of information via the Internet (including by email) is not completely secure, and, although Ciklum will do its best to protect your personal data, we cannot guarantee the security of your data in transfer. Accordingly, please proceed with any such transmission at your own risk.
Ciklum uses third party service providers, some of which are located outside of the European Union. This means that we may transfer personal information to countries outside of the European Union. When we do, we ensure that an adequate level of protection is provided for the information by following the requirements of the European Commission, local data protection legislations and the GDPR in the countries where Ciklum has offices:
- We may transfer personal information to countries that have privacy laws that have been recognised by the country from which the data are transferred as providing similar protections for the data (‘adequacy decision’);
- We may enter into written agreements, such as Standard Contractual Clauses and other data transfer agreements, that require the recipients to provide the same level of protection;
- We may rely on other transfer mechanisms approved by authorities in the country from which the data are transferred;
- We may seek your consent for transfers of your personal information for specific purposes.
When we transfer your information outside of the European Union, we make sure that service provider is maintaining appropriate security measures to protect your personal information. Following Brexit the GDPR is no longer apply domestically to the UK any longer, when processing operations of Ciklum fall within the applicability of UK data protection law (Data Protection Act 2018 and UK-GDPR) we ensure that we stay compliant and follow guidelines of Information Commissioner’s Office. When we transfer your data to third countries we ensure it is done in accordance with updated international transfer rulings, which may include entering into International Data Transfer Agreement.
Storage period
We store your personal data for a limited period of time, which varies depending on type of data, the purposes of processing, legal requirements and duration of contractual relationship with Ciklum.
To obtain information about the storage period of your personal data, please expand the relevant section below. Please consider that you may belong to more than one category. If you need further assistance, please contact our Data Protection Officer via data.privacy@ciklum.com.
Your rights
As a data subject you have the following rights:
- right to obtain information in relation to your personal data;
- right to access your personal data;
- right to data portability;
- right to withdraw the consent;
- right to correct mistakes in your personal data;
- right to stop the unwarranted processing;
- right to be forgotten (erase your personal data);
- right to be aware of the existence of the automated individual decision-making and to object in this regard;
- right to lodge a complaint to a supervisory authority.
Ciklumers
Sources of your personal data
Ciklum collects and process the information originated as follows:
- Information that you personally provide, e.g. by filling in questionnaires or during the communication with HR department specialists, information entered into IT systems to which you have been granted access with, provided on paper or sent in corporate emails.
- Information collected directly from you, including fingerprints for your unique identification for provision of access to Ciklum premises (if you consented for it).
- Information that you store at company-owned equipment provided to you;
- Data provided by third parties, e.g., information collected and provided to us by third parties for execution of a contract and maintenance of contractual relationship between you and Ciklum. This data may include feedback from clients that have experience of working with you, background check results, compliance check results, whistle-blower reports or feedback from Ciklum client representatives;
- Data generated internally, e.g., your login in the systems, logs of performed actions in the internal systems and corporate network, CCTV footage, videos created during interview with you, corporate structure data, collaboration history, data obtained from your team leads, other Ciklumer.
Types of information
Ciklum collects and processes the following types of information:
- For the purpose of maintenance of employment records:
name, surname, date of birth, gender, citizenship, marital status, division, department, position, passport details, passport scan, tax id scan copy, marriage certificate, birth certificate, social security number, driving licenses, relatives’ passport, email, phone number, skype, registration address, residence address, country, town, education, diplomas, certificates, employment history, work experience, CV, references, contracts and amendments to the contracts, start date, end of probation date, background check results, evaluation (after interview), link to social profiles, job satisfaction surveys, information about unavailability reasons (including health certificates if applicable), reasons for termination of the employment - For the purpose of maintenance of records for individual contractors/entrepreneurs:
name, surname, date of birth, gender, citizenship, division, department, position, passport details, passport scan, tax id scan copy, social security number, email, phone number, skype, registration address, residence address, country, town, education, diplomas, certificates, employment history/work experience, CV, references, individual entrepreneur documents scans, individual entrepreneur reports, information about remuneration, contracts and amendments to the contracts, acts on performed work, start date, end of trial period, background check results, evaluation (after interview), link to social profiles, information about unavailability reasons (including health certificates if applicable), reasons for termination of contract - For the purpose of workplace administration:
name, surname, position, passport number, email, phone - For the purpose of ensuring a physical security within Ciklum premises or provision of parking spaces:
name, surname, photo, email, phone, passport number, project, license plate, car model, fingerprints, CCTV footage - For the purpose of business trip management and related financial accounting:
name, surname, date of birth, phone, email, itinerary project, department, budget holder name, budget holder surname, travel dates, destination, passport scan copy, passport issuing date, passport expiration date, passport number, citizenship, tax id scan copy, information from your ERM profile, reservation details, travel documents, travel costs - For the purpose of event organisation, including holiday events for kids: name, surname, date of birth, gender, citizenship, division, department, position, project, email, phone, location, photo, video interviews, name and surname (of a child), date of birth (of a child), photo and video with participants of the events
- For the purpose of background and compliance check:
name, surname, passport id, tax id scan copy (in some of the locations), information obtained during the check from publicly available and generated sources - For the purpose of providing reports to the local authorities in some countries upon request and compliance with local legislations with respect to social protection and fair working environment (including Royal Decree-Law 8/2019 in Spain):
name, surname, gender, national id, SSN, ciklum email, location, working hours, days of absence
Please review our corporate policies and procedures to obtain more information about personal data processing practices in Ciklum.
Purposes of processing
Ciklum processes data for the fulfilment of the contract or in order to comply with legal obligations specified in a particular law or regulation, which may vary in countries where we operate. When personal data is processed based on a legitimate interest of Ciklum as an employer, partner or service provider we ensure that your interests as a data subject are not overridden by your interests or fundamental rights and freedoms. Data is processed for following purposes:
- Maintenance of employment records: Official employment documents processing, resourcing, team management, establishment of contractual relationships, employment, employment & performance of a contract, remuneration.
- Maintenance of records for individual contractors/entrepreneurs: Ciklumers’ accounting and performance of contractual obligations, resourcing, team management, establishment of contractual relationships.
- Workplace administration: identifying workplace location, workspace administration and maintenance, procurement of services / equipment with delivery to office, user access management, business cards creation, provision of physical access to premises and parking slots, informing Ciklumers by sending SMS to their personal phone numbers in case of emergency, obligatory evacuation requirement or massive troubleshooting of Ciklum networks disabling any other means of communication.
- Provision of benefits and payments to Ciklumers: payments to Ciklumers, medical insurance, pension fund reporting.
- Financial accounting and operations: financial accounting, reimbursement, payment of taxes, bank account opening, financial audit, financial reporting, payments for services, obligatory payments.
- Provision of access to information resources and hardware: provision access to information resources, software accounting, hardware accounting.
- Internal and external communication: communications, promo actions and marketing, event organisation, informing Ciklumers by sending SMS to their personal phone numbers in case of emergency, obligatory evacuation requirement or massive troubleshooting of Ciklum networks disabling any other means of communication.
- Performance of services: software development, project delivery, management of the projects.
- Business trips management: business trips organization, business trips accountancy, taxi booking.
- Support during relocation to different offices of Ciklum and client sites: relocation, obtaining a work permit and visa opening, support during immigration, monitoring of visas and initiation of work and residence permit extension, related consulting.
- Operational support and maintenance: service request management, business continuity management, infrastructure support, system testing.
- Protection of Ciklum's assets: Information security monitoring and troubleshooting.
- Time tracking for employees in selected locations: collection, processing and storage of information related to worked hours, vacations, days of absence, required to provide reports to the Governmental Authorities according to local regulations.
- Education, knowledge and performance management.
- Whistleblowing.
- Background and compliance checks.
Recipients
Your personal data may be wholly or partially disclosed to the following third parties:
- companies of the Ciklum Group;
- client, whom you are providing services too, for performance of a contract;
- external accounting service providers in your country, for provision of accounting and payment services;
- external tutors, knowledge management providers or other service providers that assess your performance and may suggests for you points for improvement;
- external providers of benefits;
- external providers that provide services of transportations, accommodation or other service providers that may support during business trip;
- external auditors;
- service providers supplying and servicing our internal system;
- attorneys and legal councils;
- banks and other financial service providers for transfer of remuneration for your services;
- governmental entities where required by law or mandatory order;
- third parties that issues visas and work permits, including embassies, immigration offices, etc., if you requested a relocation;
- landlords and other providers of physical security services in our offices;
- security operation centers and other service providers;
- printing service providers;
- telecommunication services providers.
Retention period
Based on the type of processed personal data, it may be stored for a different period of time from 1 month (CCTV video records and some logs) up to a period of time that is required by applicable law. If you need more information, please, contact our Data Protection Officer via data.privacy@ciklum.com.
Data Protection and COVID-19
This Notice is designed to advise you about how we may seek to collect and hold additional personal data about you in relation to the unprecedented challenges we are all facing during the Coronavirus pandemic (COVID-19).
In addition to listed above information, during this time we collect the date and time of the office visit, record of chosen by your desk, as well as voluntarily provided to us information by you and/or your colleagues about COVID-19 cases and potential contact circles within the Ciklum premises.
The above personal data will be used by our Facility Management Team and other relevant departments to ensure that Ciklum offices are compliant with the local requirements with respect to the prevention of the spread of COVID-19 during the pandemic. The information of your active booking will be visible to other Ciklumers for them to be able to plan office visits based on the current desk availability. This is because not all Ciklumers will be able to attend offices simultaneously and the desk booking system is intended to ensure that every Ciklumer’s visit to the office is as pleasant and convenient as possible during the pandemic.
We will also use the bookings history if there happens to be a reported COVID-19 case in the office in order to identify the Ciklumers who potentially may have been in contact with the carrier. Please note that in this case, Ciklum will contact you via business email or personal phone number you have shared with us to provide you with emergency information.
Your personal data will be kept confidential at all times and will not be disclosed to any third party, except in the following cases:
- booking process – to a third-party provider of the workplace booking and management system, Office Space Software.
- email distribution and emergency information provision – to third-party providers of global or local email/telephone communication services, e.g., G Suite by Google, Inc.)
The data collected by Ciklum is stored within the information technology systems owned and operated by Ciklum, as well as in cloud-based systems. We will only keep your information for as long as it is necessary, that is during the quarantine measures in the countries where Ciklum has offices, taking into account government advice and the on-going risk presented by COVID-19.
If you have any questions regarding your personal data, please contact the Data Privacy Team via data.privacy@ciklum.com.
Candidates
Types of information
Ciklum collects and processes any information that was provided by you directly to us or by the companies acting as recruitment agencies or your referees, or from publicly available social networks and platforms where you have published your CV and contact details. Ciklum processes your personal data including your name, email, phone, skype, links for social media profiles, work experience, technologies, education, location, feedback from interviewers and client representatives etc. We do not collect sensitive personal data for recruitment purposes. Please note that in case you provide sensitive data voluntarily, for example by including it in your CV, Ciklum may store this personal data in files that you provided, which become attached to your profile in our internal systems, but will not process or use the data for other purposes than storage.
Purposes of processing
All personal data is collected and processed only for the following purposes:
- entering your information into Ciklum’s internal systems in order to contact you, track your feedback on proposed openings, match your profile with new openings compatible with your set of skills, keep comments and feedback provided after interviews and manage the recruitment process;
- establishment of a contractual relationship between you and Ciklum. Additional information may be requested from you by Ciklum Recruitment representatives in order to prepare the contract of proceed with background and compliance checks;
- technical maintenance of our internal systems, including data back-up, data migration without any modification of your personal data.
- reporting and analysis of recruitment processes, improvement and optimisation of talent management, such reports may include information identifying you indirectly, or anonymised data created based on your profile.
- if you are participating in one of the reward campaigns, we process your information to choose a winner and announce your name and surname to other participants. Additional information may be requested by Ciklum representatives in order to send you a present.
Recipients
Your personal data may be wholly or partially disclosed to the following third parties:
- companies of the Ciklum Group;
- email service provider if the data is transferred to us via Internet;
- our client representatives if they are participating in candidates interview and approval for opened positions;
- service providers supplying and servicing our internal system for candidates relations management.
- external providers used to choose a winner in a transparent manner and send you a certificate or reward.
Retention period
Retention period of your data may vary based on current legislative requirements. Ciklum does not store your personal data for a period longer than 3 years from the last contact with you, if you provide your consent for personal data processing, or 3 month, if you did not provide such consent. If you would like to be erased from the Ciklum candidates database earlier, please contact our Data Protection Officer via data.privacy@ciklum.com.
Background checks
Ciklum performs background and compliance checks in order to protect Ciklum and our clients confidential information and ensure a safe environment within the organisation. Background checks performed based on the legitimate interest of Ciklum, considering that GDPR principles such as proportionality and data minimization are implemented.
Checks performed based on the following information provided by you: full name, citizenship, country of residence, birth date, national identity document series and number (in some of the countries) and Tax ID (in some of the countries).
We perform checks via open sources, aggregated open sources or medias against following parameters: illegal or criminal activity, embezzlement, fraud, corruption or bribery; money laundering and slave trafficking; appearance in the sanction lists; conflicts of interest and/or relationships with persons on the sanction lists, or persons connected to government officials, large financial corporations and political parties.
Findings of background and compliance checks will be communicated to you by Ciklum representatives. Ciklum will keep results of the check confidential and will not disclose it to any third parties, this information kept with absolute care and only available to specialists of the Compliance Department and management.
Data will be retained according to the requirements of applicable legislation and in any case for no longer than 3 years from the data of check.
Parameters of background checks and data used during the checks may vary in countries where Ciklum operates. Detailed information will be provided to you by the Ciklum Recruitment representative.
Office Visitors
Types of information
Ciklum processes personal data like your contact details and full name, email, date and time of visit, signature, and video records created during your visit.
Purposes of processing
All personal data is collected and processed only for the following purposes:
- to ensure the physical and information security of the premises;
- to protect your safety during the visit of the premises;
- to provide you with other administrative services (taxi, catering services, etc.) to ensure that your visit to Ciklum`s premises will be pleasant and convenient.
Recipients
Your personal data may be wholly or partially disclosed to the following third parties:
- companies of the Ciklum Group;
- service providers supplying and servicing maintenance of the visitor management system;
- service providers of physical security guard services;
- email service providers if data is transferred via email;
- business center owners and other administrative service providers (taxi service, catering service) which ensure that your visit to Ciklum`s premises will be pleasant and convenient.
Retention period
Based on the type of information your personal data may be stored in our internal systems for up to 3 years, however, video records created during your visit are stored for no longer than 1 month. If you would like to obtain more details, please contact our Data Protection Officer via data.privacy@ciklum.com.
Web-Site Visitors
Types of information
During visiting our website Ciklum may collect information directly entered by you in contact us forms or through cookies, beacons and other trackers. You can manage the collection of cookies and withdraw your consent at any time. If you consented to cookie collection Ciklum may process your personal data which include your IP, location, visited web pages on our web-site, and, if you filled “contact us form”, your name, email, phone and country and information in text of the message.
All personal data is collected and processed only for the following purposes:
- to ensure stable operation of Ciklum web site;
- to recognise you when you return to our website;
- to monitor popularity of our publication and web-pages;
- to provide you with relevant and personalised information on our web site and web sites of our partners;
- to provide you more information about the content you previously reviewed and adjust the website to your interests;
- to send you information about our products and services;
- to provide you with valuable and important information related to our products and services.
Recipients
Your personal data may be wholly or partially disclosed to the following third parties:
- companies of the Ciklum Group;
- our partners which may deliver relevant information to you through advertisement, publications and other materials;
- email service provider if the data is transferred to us via email or “contact us” form;
- service providers supplying and servicing our internal system for customer relation management;
Retention period
Information collected through cookies, beacons and other trackers is retained no longer than 6 months, however, based on collected information impersonalised and aggregated statistics can be created and processed. Please review the Cookie Policy for more information.
Information entered by you in “contact us” form can be stored and retained for 12 months from the last contact date (please see section for representatives of potential clients for additional information).
Event Participants
Types of information
Ciklum collects and processes information provided by you directly to us or via intermediaries when registering or participating in an event. In this case, Ciklum processes your personal data such as full name, contact details, photos and videos to which you are a participant made during the event. If you leave your contacts to our representatives in order to hear more about Ciklum jobs, we will also process information about your professional experience and technologies in which you are proficient / industry and your current job position (please refer to Candidates for more information).
Purposes of processing
Depending on your role in the event, your personal data may be processed for one or several of the following purposes:
- to organise current public events and prepare materials that will suit your professional experience and may be relevant for your current job position or industry;
- to share information about current public events in social media platforms and on other public websites;
- to invite you to an event that might be interesting for you and might promote your technical skills or boost your company performance;
- to provide you with information about job positions / service offerings that may be interesting for you;
- to publish information (photo and / or video that may contain your image) on the external websites to invite participants for the event;
- to publish information (photo and / or video that may contain your image) on the external Ciklum websites.
Recipients
Your personal data may be wholly or partially disclosed to third parties in the following cases:
- companies of the Ciklum Group;
- email service provider if the data is transferred to us via Internet;
- providers of external services that are used for collection of your personal data, in particular when registering for the event;
- external speakers that will present during the event;
- external web resources on which photos and videos from the events will be published.
Retention period
Your personal data is stored no longer than 3 years from the date of the event. Please mind that you may be included into other categories described in this notice (including “Candidate” or “Office Visitor”) category during the event and if so, please read the corresponding section of this notice.
Event Speakers
Types of information
Ciklum collects and processes information provided by you if you were invited as speaker to one of the events organised by us. In this case, Ciklum processes personal data like your name, email, photo, and professional experience. Ciklum also may process photos and videos to which you are a participant.
Purposes of processing
Your personal data is collected and processed based solely on your consent (unless we pay you for the event, in which case please refer to the section about Representatives of Vendors and Service Providers) in order to publish information at external web sites to invite participants to the event or to publish event report or other materials.
Recipients
- companies of the Ciklum Group;
- email service provider if the data is transferred to us via email;
- external web resources promoting the event and streaming providers.
Retention period
Retention period of personal data at the external resources is defined by the resource where personal data will be published. If you request deletion of your personal data Ciklum will take all reasonable efforts to delete such published information.
Representatives of Potential Clients
Types of information
Ciklum collects and processes information that is provided by you or other individuals on your behalf, as well as information available on public and open sources. In this case, Ciklum processes personal data related to the company or business you represent, including your name, email, job position, linkedIn profile etc. We do not send marketing emails to personal emails, sole traders or certain types of partnerships unless explicit consent is provided.
Purposes of processing
All personal data is collected and processed only for the following purposes:
- to establish a contractual relationship between your company and Ciklum;
- to provide you with valuable and important information about latest industry developments and regulations;
- to provide you with information about our services and products;
- to invite you as a participant to webinars and events held by Ciklum free of charge.
Recipients
Your personal data may be wholly or partially disclosed to the following third parties:
- companies of the Ciklum Group;
- email service provider if the data is transferred to us via email;
- service providers supplying and servicing our internal system for customer relation management.
Retention period
Personal data is retained for 12 month from the last contact, unless the contractual relationships are established.
Legal basis for processing
Ciklum has a legitimate interest in processing personal data related to the company or business you may represent, in order to personalise the communication we deliver and ensure the success of our marketing campaigns in order to increase our revenue. Processing of personal information helps us to create personalised and valuable content for you, which we provide free of charge. We consider that processing of such data is mutually beneficial and based on our assessment the processing will have minimal negative impact on you.
Ciklum does everything possible to make sure the measures are taken to process only business related information and ensure security of personal data processed. In addition to that we are adjusting the content so that communication you receive is directly related to your work, location, usage of our website or job title.
You may always unsubscribe from communications you received from us. You have all rights in relation to your personal data as further described in the first section of this Notice. Ciklum never sells your personal information or discloses it to third parties for other purposes than described in this section.
Representatives of Current or Former Clients
Types of information
Ciklum collects and processes information that is provided by you, other individuals from your company and/or entered into written contracts between your company and Ciklum. In this case, Ciklum processes personal data related to the company or business you represent like your name, email, company name and address, job position, phone number, social profile reference, Skype, emails sent from you to Ciklum etc.
If you require to obtain access to Ciklum premises and consented to use Ciklum`s fingerprint access system, Ciklum will collect and process your sensitive personal data, namely fingerprints. This is purely for your convenience and you may opt for using an access badge instead without any detriment.
Purposes of processing
All personal data is collected and processed only for the following purposes:
- to enter your information into internal IT systems in order to contact you with information related to our service offerings;
- to establish contractual relationship between your company and Ciklum;
- to execute the contract with your company and to maintain a good relationship with your company and its representatives;
- to prepare business cases and marketing materials with mentioning your company representatives in order to promote image of your company`s and Ciklum`s business (where permitted by contract);
- to invite your company’s representatives to participate in the events organised and hosted by Ciklum;
- to inform about changes in performance of the services and additional arrangements, if required;
- to provide information requested by your company or its representatives.
Recipients
Your personal data may be wholly or partially disclosed to the following third parties:
- companies of the Ciklum Group;
- email service provider if the data is transferred to us via email;
- service providers supplying and servicing our internal system for customer relation management;
- phone helpline service provider if you requested any kind of support via helpline;
- electronic signature service provider if contract with you was signed in electronic format;
- satisfaction survey organiser if you participate in customer satisfaction survey.
Retention period
Client and Client representative personal data is stored for 6 years after the end of contractual relationship with the Client. Contractual data may be stored by Ciklum longer, if it is required by law.
If personal data belongs to individual who is no longer represent a Client personal data may be deleted immediately (except email correspondence which may be used in order to execute contract with the Client) after provision of information to consideration of Ciklum’s Data Privacy Team via data.privacy@ciklum.com.
Representatives of Vendors and Service Providers
Types of information
Ciklum collects and processes information that is provided by you, other individuals from your company or is entered into written contracts between your company and Ciklum. In this case, Ciklum processes personal data like your name, email, company name and address, job position, phone number, social profile reference, Skype etc.
If you require to obtain access to Ciklum premises and consented to use Ciklum`s fingerprint access system, Ciklum will collect and process your sensitive personal data, namely fingerprints. This is purely for your convenience and you may opt for using an access badge instead without any detriment.
Purposes of processing
All personal data is collected and processed only for the following purposes:
- to enter your information into internal IT systems in order to contact you with information related to services that is provided by your company and / or you;
- to establish contractual relationship between your company and Ciklum;
- to execute the contract with your company and to maintain a good relationship with your company and its representatives;
- to inform about changes in performance of the services and additional arrangements, if required;
- to provide information requested by your company or its representatives.
Recipients
Your personal data may be wholly or partially disclosed to the following third parties:
- companies of the Ciklum Group;
- email service provider if the data is transferred to us via email;
- service providers supplying and servicing our internal system for customer relation management;
- electronic signature service provider if contract with you was signed in electronic format.
Retention period
Personal data is retained during performance of a contract with a Vendor or service provider plus the amount of time that is defined by law in your country.
If personal data belongs to an individual who no longer represents a Vendor or service provider, personal data may be deleted immediately after provision of information to consideration of Ciklum’s Data Privacy Team via data.privacy@ciklum.com.
Non-Ciklumers Participating in Relocation Plan
Types of information
When Ciklum supports you with relocation to other country we collect and process the following information (required information may vary based on the requirements of visa provision in country you are relocated to):
- Information about an individual applying for relocation to one of Ciklum`s offices: name, surname, maiden name (if applicable), date of birth, place of birth, nationality, current address, passport number, phone, email, registration address, marital status, countries of legal residency in the last 5 years, parents’ names, education, scan copy of travel passport, scan copy of previous travel passport, scan copy of national passport, photo, scan copies of diplomas, certificates, labour book, bank statement, individual entrepreneur registration documents, relocation country, native country, marital status, number of children, visa issue date, visa expiry date; residence permit number and expiry date, parents’ information (including name, surname, maiden name, data of birth), personal data of the family member who is an EEA citizen (including name, surname, maiden name, date of birth, social security number, if applicable).
- Information about adult dependents of the individual: name, surname, maiden name (if applicable), citizenship, relationship with the individual being relocated, phone, email, registration address, nationality, full names of parents, photo, passport number, date of birth, nationality at birth, place of birth, marital status, scan copy of travel passport, scan copy of previous travel passport, scan copy of national passport, travel passport number, date of issue, date of expiry, issuing authority, national passport number, tax number, US social security number (if applicable), address, email, phone, countries where the person lived, current occupation, Schengen and national visa information, parents’ information (including name, surname, maiden name, data of birth), personal data of the family member who is an EEA citizen (including name, surname, maiden name, date of birth, social security number, if applicable), scan copy of tax ID, scan copies of diplomas, certificates, labour book, relocation country, native country, number of children, visa issue date, visa expiry date; residence permit number and expiry date.
- Information about children participating in relocation: name, surname, gender, citizenship, place of birth, date of birth, passport number, US social security number (if applicable).
Purposes of processing
All personal data is processed in order to support your approved relocation (including information about your dependents and children, if applicable) to one of Ciklum`s offices of your choice or to our client’s location. Please note that you may always refuse collection and processing of your data and obtain work permit and visa without assistance by Ciklum.
Recipients
Your personal data may be wholly or partially disclosed to the following third parties:
- companies of the Ciklum Group;
- email service provider if the data is transferred to us via email;
- attorneys supporting visa opening process;
- embassies and immigration offices of the destination country;
a client sponsoring of your relocation; - service providers used for exchange of information between you, Ciklum and the above third parties.
Retention period
Personal data is retained during performance of contractual relationships with relocated individuals plus 1 year.
Cookie Policy
Introduction
This Policy applies to any websites or branded pages (hereinafter, “Sites” or “Ciklum Sites”) which are operated by or on behalf of Ciklum.
What are cookies
Cookies are files or pieces of information that may be stored on your computers (or other devices, such as smartphones or tablets) when you visit Ciklum Sites. This allows Ciklum Sites to operate properly, distinguish real users from bots to protect our website, remember your choices and preferences and provide you with targeted advertisements. A cookie will usually contain the name of the website the cookie has come from, the lifetime of the cookie (i.e. how long it will stay on your device), and the value, which is usually a randomly generated unique number. You may delete cookies from your device manually at any time.
How do Ciklum Sites use cookies
Ciklum Sites use cookies to identify your device and your interests, to remember your preferences, and to track how you use our Sites. We also use cookies and other tracking technologies to control access to certain content on our Sites, protect the Sites, and process any requests you make to us. To administer our Sites and for research purposes, Ciklum Sites also incorporates third-party services to track and analyse statistical usage and volume of information from users of the Sites. These third-party services use persistent cookies to help us improve user experience, manage the content of the Sites, as well as analyse how users navigate and use the Sites.
Our cookies are used for the following purposes:
Strictly Necessary/Technical
These cookies are necessary to allow us to operate our Sites and remember your choices with respect to cookies enabled.
Analytical/Performance
These cookies are used by Ciklum to analyse how our websites are used and their performance. For example, they track the most visited pages, and where the visitors come from. Such cookies also help us to remember your choices and preferences for future visits. They allow us to remember your device in-between visits.
Targeting/Advertising
These cookies collect information about your activities, provide us with analytical statistics and you with targeted advertising. We may also use our third-party service providers for this purpose. Such third-party providers (Google or Linkedin in particular) may collect information about your online activities over time and across different websites. Third-party service providers that generate these cookies have their own privacy policies and may use their cookies to target advertising to you on other websites, based on your visits to Ciklum Sites.
Cookies by categories
Ciklum Sites use the following types of cookies:
Category: Necessary (9)
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
COOKIE NAME |
PROVIDER |
TYPE |
EXPIRY |
__cf_bm |
HTTP |
1 day |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website. |
|||
__cf_bm |
HTTP |
1 day |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website. |
|||
CONSENT |
HTTP |
2 years |
|
First found URL: https://www.ciklum.com/blog/data-science-threats-and-opportunities Cookie purpose description: Used to detect if the visitor has accepted the marketing category in the cookie banner. This cookie is necessary for GDPR-compliance of the website. |
|||
CONSENT |
HTTP |
2 years |
|
First found URL: https://www.ciklum.com/blog/data-science-threats-and-opportunities Cookie purpose description: Used to detect if the visitor has accepted the marketing category in the cookie banner. This cookie is necessary for GDPR-compliance of the website. |
|||
CookieConsent |
HTTP |
1 year |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Stores the user's cookie consent state for the current domain |
|||
embed/v3/counters.gif |
Pixel |
Session |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Used to implement forms on the website. |
|||
embed/v3/counters.gif |
Pixel |
Session |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Used to implement forms on the website. |
|||
li_gc |
HTTP |
179 days |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Stores the user's cookie consent state for the current domain |
|||
test_cookie |
HTTP |
1 day |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Used to check if the user's browser supports cookies. |
|||
Category: Preferences (12)
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
COOKIE NAME |
PROVIDER |
TYPE |
EXPIRY |
lang |
HTTP |
Session |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Remembers the user's selected language version of a website |
|||
loglevel |
HTML |
Persistent |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Maintains settings and outputs when using the Developer Tools Console on current session. |
|||
VISITOR_INFO1_LIVE |
HTTP |
179 days |
|
First found URL: https://www.ciklum.com/blog/data-science-threats-and-opportunities Cookie purpose description: Tries to estimate the users' bandwidth on pages with integrated YouTube videos. |
|||
wistia-video-progress-# |
HTML |
Persistent |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Contains a timestamp for the website’s video-content. This allows the user to resume watching without having to start over, if the user leaves the video or website. |
|||
ytidb::LAST_RESULT_ENTRY_KEY |
HTML |
Persistent |
|
First found URL: https://www.ciklum.com/blog/data-science-threats-and-opportunities Cookie purpose description: Stores the user's video player preferences using embedded YouTube video |
|||
yt-remote-cast-available |
HTML |
Session |
|
First found URL: https://www.ciklum.com/blog/data-science-threats-and-opportunities Cookie purpose description: Stores the user's video player preferences using embedded YouTube video |
|||
yt-remote-cast-installed |
HTML |
Session |
|
First found URL: https://www.ciklum.com/blog/data-science-threats-and-opportunities Cookie purpose description: Stores the user's video player preferences using embedded YouTube video |
|||
yt-remote-connected-devices |
HTML |
Persistent |
|
First found URL: https://www.ciklum.com/blog/data-science-threats-and-opportunities Cookie purpose description: Stores the user's video player preferences using embedded YouTube video |
|||
yt-remote-device-id |
HTML |
Persistent |
|
First found URL: https://www.ciklum.com/blog/data-science-threats-and-opportunities Cookie purpose description: Stores the user's video player preferences using embedded YouTube video |
|||
yt-remote-fast-check-period |
HTML |
Session |
|
First found URL: https://www.ciklum.com/blog/data-science-threats-and-opportunities Cookie purpose description: Stores the user's video player preferences using embedded YouTube video |
|||
yt-remote-session-app |
HTML |
Session |
|
First found URL: https://www.ciklum.com/blog/data-science-threats-and-opportunities Cookie purpose description: Stores the user's video player preferences using embedded YouTube video |
|||
yt-remote-session-name |
HTML |
Session |
|
First found URL: https://www.ciklum.com/blog/data-science-threats-and-opportunities Cookie purpose description: Stores the user's video player preferences using embedded YouTube video |
|||
Category: Statistics (21)
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
COOKIE NAME |
PROVIDER |
TYPE |
EXPIRY |
__hssrc |
HTTP |
Session |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Used to recognise the visitor's browser upon reentry on the website. |
|||
_ga |
HTTP |
399 days |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Registers a unique ID that is used to generate statistical data on how the visitor uses the website. |
|||
_gat |
HTTP |
1 day |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Used by Google Analytics to throttle request rate |
|||
_gid |
HTTP |
1 day |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Registers a unique ID that is used to generate statistical data on how the visitor uses the website. |
|||
_hjAbsoluteSessionInProgress |
HTTP |
1 day |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: This cookie is used to count how many times a website has been visited by different visitors - this is done by assigning the visitor an ID, so the visitor does not get registered twice. |
|||
_hjFirstSeen |
HTTP |
1 day |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: This cookie is used to determine if the visitor has visited the website before, or if it is a new visitor on the website. |
|||
_hjIncludedInPageviewSample |
HTTP |
1 day |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Used to detect whether the user navigation and interactions are included in the website’s data analytics. |
|||
_hjIncludedInSessionSample |
HTTP |
1 day |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Registers data on visitors' website-behaviour. This is used for internal analysis and website optimization. |
|||
_hjRecordingLastActivity |
HTML |
Session |
|
First found URL: https://www.ciklum.com/case-studies/seeking-alpha Cookie purpose description: Sets a unique ID for the session. This allows the website to obtain data on visitor behaviour for statistical purposes. |
|||
_hjSession_# |
HTTP |
1 day |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Collects statistics on the visitor's visits to the website, such as the number of visits, average time spent on the website and what pages have been read. |
|||
_hjSessionUser_# |
HTTP |
1 year |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Collects statistics on the visitor's visits to the website, such as the number of visits, average time spent on the website and what pages have been read. |
|||
_hjTLDTest |
HTTP |
Session |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Registers statistical data on users' behaviour on the website. Used for internal analytics by the website operator. |
|||
AnalyticsSyncHistory |
HTTP |
29 days |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Used in connection with data-synchronization with third-party analysis service. |
|||
collect |
Pixel |
Session |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Used to send data to Google Analytics about the visitor's device and behavior. Tracks the visitor across devices and marketing channels. |
|||
hjViewportId |
HTML |
Session |
|
First found URL: https://www.ciklum.com/case-studies/seeking-alpha Cookie purpose description: Sets a unique ID for the session. This allows the website to obtain data on visitor behaviour for statistical purposes. |
|||
hubspotutk |
HTTP |
179 days |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Sets a unique ID for the session. This allows the website to obtain data on visitor behaviour for statistical purposes. |
|||
ln_or |
HTTP |
1 day |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Registers statistical data on users' behaviour on the website. Used for internal analytics by the website operator. |
|||
personalization_id |
HTTP |
399 days |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: This cookie is set by Twitter - The cookie allows the visitor to share content from the website onto their Twitter profile. |
|||
undefined |
HTML |
Persistent |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Collects data on visitor interaction with the website's video-content. This data is used to make the website's video-content more relevant towards the visitor. |
|||
wistia |
HTML |
Persistent |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Used by the website to track the visitor's use of video-content - The cookie roots from Wistia, which provides video-software to websites. |
|||
YSC |
HTTP |
Session |
|
First found URL: https://www.ciklum.com/blog/data-science-threats-and-opportunities Cookie purpose description: Registers a unique ID to keep statistics of what videos from YouTube the user has seen. |
|||
Category: Marketing (21)
Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.
COOKIE NAME |
PROVIDER |
TYPE |
EXPIRY |
#,# |
HTML |
Persistent |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Collects data on user behaviour and interaction in order to optimize the website and make advertisement on the website more relevant. |
|||
#,#_expiresAt |
HTML |
Persistent |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Collects data on user behaviour and interaction in order to optimize the website and make advertisement on the website more relevant. |
|||
__ptq.gif |
Pixel |
Session |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Sends data to the marketing platform Hubspot about the visitor's device and behaviour. Tracks the visitor across devices and marketing channels. |
|||
_fbp |
HTTP |
3 months |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers. |
|||
_gcl_au |
HTTP |
3 months |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Used by Google AdSense for experimenting with advertisement efficiency across websites using their services. |
|||
_hjRecordingEnabled |
HTML |
Session |
|
First found URL: https://www.ciklum.com/case-studies/seeking-alpha Cookie purpose description: This cookie is used to identify the visitor and optimize ad-relevance by collecting visitor data from multiple websites – this exchange of visitor data is normally provided by a third-party data-center or ad-exchange. |
|||
ads/ga-audiences |
Pixel |
Session |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor's online behaviour across websites. |
|||
bcookie |
HTTP |
1 year |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Used by the social networking service, LinkedIn, for tracking the use of embedded services. |
|||
bscookie |
HTTP |
1 year |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Used by the social networking service, LinkedIn, for tracking the use of embedded services. |
|||
DEVICE_INFO |
HTTP |
179 days |
|
First found URL: https://www.ciklum.com/blog/data-science-threats-and-opportunities Cookie purpose description: Used to track user’s interaction with embedded content. |
|||
fr |
HTTP |
3 months |
|
First found URL: https://www.ciklum.com/case-studies/seeking-alpha Cookie purpose description: Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers. |
|||
i/adsct |
Pixel |
Session |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: The cookie is used by Twitter.com in order to determine the number of visitors accessing the website through twitter advertisement content. |
|||
i/adsct |
Pixel |
Session |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: The cookie is used by Twitter.com in order to determine the number of visitors accessing the website through Twitter advertisement content. |
|||
IDE |
HTTP |
1 year |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Used by Google DoubleClick to register and report the website user's actions after viewing or clicking one of the advertiser's ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user. |
|||
lang |
HTTP |
Session |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Set by LinkedIn when a web page contains an embedded "Follow us" panel. |
|||
lidc |
HTTP |
1 day |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Used by the social networking service, LinkedIn, for tracking the use of embedded services. |
|||
muc_ads |
HTTP |
399 days |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Collects data on user behaviour and interaction in order to optimize the website and make advertisement on the website more relevant. |
|||
pagead/1p-user-list/# |
Pixel |
Session |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Tracks if the user has shown interest in specific products or events across multiple websites and detects how the user navigates between sites. This is used for measurement of advertisement efforts and facilitates payment of referral-fees between websites. |
|||
pagead/landing |
Pixel |
Session |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Collects data on visitor behaviour from multiple websites, in order to present more relevant advertisement - This also allows the website to limit the number of times that they are shown the same advertisement. |
|||
pagead/landing |
Pixel |
Session |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Collects data on visitor behaviour from multiple websites, in order to present more relevant advertisement - This also allows the website to limit the number of times that they are shown the same advertisement. |
|||
UserMatchHistory |
HTTP |
29 days |
|
First found URL: https://www.ciklum.com/ Cookie purpose description: Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences. |
|||