Veeam Software Corporation and any of its affiliates (collectively "Veeam") are constantly committed to the highest standards of integrity and social responsibility, seeking continuously to conduct its business in an honest, ethical, and legally compliant manner. Veeam expects all of its Suppliers engaged in the provision of goods and services to Veeam to make a similar commitment, and to conduct their business with integrity and transparency.
The Veeam Supplier Code of Conduct (herein the "Code") describes and sets Veeam’s expectations on how its Suppliers should conduct business. Veeam requires Suppliers to act in accordance with this Code and with all applicable laws and regulations within the geographies in which they operate, and to be open and cooperative with regulators that enforce such laws. Suppliers must impose substantially similar obligations to those set forth herein on their own suppliers, sub-contractors, agents, and anyone acting on their behalf for Veeam related services. In cases when instances outlined in this Code differ from the ones in local laws, Suppliers are compelled to follow them within the frameworks of the local laws and contact Veeam regarding the discrepancies.
This Code may be amended from time to time by Veeam, and the Supplier shall comply with the then-current version of the Supplier Code of Conduct.
This Code reflects Veeam’s values and sets forth what is required and what principles are expected to be followed by Suppliers with respect to the following topics:
Veeam supports the U.N. Universal Declaration of Human Rights and the International Labor Organization’s International Labor Standards and strives to adhere to the principles set forth in these standards and expects its Suppliers to do the same.
Veeam is committed to upholding the human rights of its employees, and to treating them with dignity and respect. This applies to all employees, including temporary, student, contract, and any other type of employee. The labor standards include the following:
Veeam does not tolerate violations of human rights in any form and expects its Suppliers to support and enable practices to maintain a respectful and safe workplace. Suppliers will clearly define and communicate their disciplinary policies and procedures in support of these requirements.
Suppliers are expected to conduct their business and operations in a way that respects human rights by treating their own employees, and those working for their suppliers, with dignity and promoting fair employment practices. This includes, and is not limited to: (a) providing fair and competitive wages; (b) avoiding any restrictions around the freedom and mobility of workers; (c) supporting only voluntary work and respect the right of workers to terminate their employment at any time after reasonable notice agreed upon in the workers’ contract, and to give workers all owed compensation; (d) prohibiting disrespectful behavior (any type of harassment, bullying, discrimination, verbal abuse and violence of any kind); (e) prohibiting use of child, forced, bonded or indentured labor or prison labor; and (f) not engaging in human trafficking for any purposes and under any circumstances.
Suppliers are expected to identify risks and adverse human rights impacts related to their activities and through their business relationships. They should take appropriate steps to reduce risks and ensure their operations do not cause or contribute to human rights abuses, and to remedy any adverse impacts directly caused, or contributed to, by their activities or through business relationships. Veeam encourages its Suppliers to implement a comprehensive plan that is monitored. Such plan should include an audit schedule, risk assessment plan, feedback channels, awareness of forced labor issues, training and education programs, and should outline the process for escalating and managing any violations.
Suppliers should not retain any form of original employee identification (identity cards, passports, immigration documents or work permits), nor destroy or deny access to such documentation, as a condition of employment unless required by applicable law.
Suppliers shall make available to all employees within their operations an effective grievance mechanism to address and disclose a workplace problem or concern where grievances relating to labor practices can be anonymously raised, without fear of retaliation.
Suppliers are expected to respect the rights of employees to associate freely, to take part in collective bargaining in consideration of laws and regulations, and discuss working conditions without fear of harassment, intimidation, penalty, interference, or retaliation. Suppliers are expected to recognize, respect, and not prevent any ability to exercise lawful rights of free association, within the appropriate legal framework.
Suppliers are not allowed to use any kind of fraudulent or misleading practices during the hiring process. Veeam expects all employment and terminations to be conducted in a fair manner by its Suppliers.
Suppliers are expected to provide all employees with a written employment contract in a language accessible and comprehensible for the employee, setting out the terms and conditions in accordance with the local relevant legal authority.
Suppliers are expected to operate in consideration of the local laws and standards regulating employment, resting hours, maximum consecutive days of work and annual leave.
Veeam expects its Suppliers to adequately compensate its employees in accordance with applicable laws and regulations to include but not be limited to adherence to minimum wage laws, legally mandated benefits, and overtime compensation. Suppliers must not allow deduction from wages as a disciplinary measure nor permit any other deductions which are not provided by the local law.
During Suppliers’ employment recruitment process, appropriate due diligence and ongoing management must be undertaken by Suppliers to ensure that risks are effectively mitigated. Suppliers are expected to use appropriately trained recruiters, including employment agencies, and recruiting companies to support compliance with international standards and to respect local labor laws.
Suppliers must ensure that Child Labor is not utilized. The term “child” refers to any person under the minimum legal age for employment where work is performed.
Veeam expects Suppliers to implement sound health and safety practices across their business operations. Suppliers shall monitor workers’ exposure to potential safety related incidents through proper design, engineering and administrative controls, preventative maintenance and safe work procedures, and ongoing safety instructions and trainings. Suppliers must make sure that they conduct operations in compliance with all applicable health and safety laws and regulations, and workers will not be disciplined or retaliated against for raising or disclosing any safety concerns.
Suppliers will identify and address potential emergency situations and events, and will minimize their impact by implementing written emergency plans and proper recovery plans.
Suppliers must warrant that they have procedures and systems in place to prevent, manage, track, and report occupational injuries and illnesses. This includes, but is not limited to employees reporting, classifying, and recording injury and illness cases, providing necessary medical treatment, investigating such cases, and implementing corrective actions. Employees should be prevented from performing work activities that are likely to jeopardize their health, safety, or well-being.
Veeam fosters an inclusive culture, and considers that diversity should be supported, while discrimination of any form will not be tolerated. Suppliers must comply with all applicable laws and regulations relating to anti-discrimination.
Suppliers should comply with the United Nations’ 1948 Universal Declaration of Human Rights. As such, Veeam’s Suppliers should be committed to providing liberty, dignity, and equal rights to all their employees, regardless of gender, race, religion, and other protected classes.
Veeam expects Suppliers to treat each person with dignity and respect, to provide equality in opportunities and in employment to the fullest extent of the law. Suppliers will not engage in discrimination based on race, color, age, gender, sexual orientation, ethnicity, disability, pregnancy, religion, political affiliation, union membership, marital status, or other protected classes in their employment practices.
Veeam has zero-tolerance for any type of harassment, harmful, adverse, or toxic behaviors, and expects Suppliers to make sure this non-tolerance is respected. Suppliers will not tolerate harsh or inhumane treatments, including any type of harassments, sexual abuses, other forms of abuse or harassment, whether mental or physical, and will clearly define and communicate to workers their disciplinary policies and procedures in support of these requirements.
Veeam expects Suppliers to adhere to bribery and anti-corruption laws and regulations. Corrupt arrangements, including bribes, are strictly prohibited and will not be tolerated.
Suppliers must comply with all applicable trade control laws and regulations in the import, export, re-export or transfer of goods and services (including software and technology). All invoices and any customs or similar documentation submitted to Veeam or governmental authorities in connection with transactions involving Veeam must accurately describe the goods and services provided and the prices thereof.
Veeam’s Suppliers are expected to compete on the merits of their products and services in a fair and transparent manner. Veeam’s Suppliers are prohibited from providing or offering gifts of significant value to Veeam employees that could inappropriately influence Veeam’s business decisions, and must not use the exchange of business courtesies to gain an unfair competitive advantage. Any form of gifts, including but not limited to, vouchers, meals, entertainment, travels, significant amount of cash or cash equivalent can be perceived as object of bribery and should not be offered, nor accepted.
A “conflict of interest” is considered any circumstance, transaction or relationship directly or indirectly involving a Supplier in which the private interest of any director, executive, employee, representative or agent of Veeam or the Supplier improperly interferes with the interests of Veeam, or with Veeam employees’ or Suppliers' duties owed to Veeam. Veeam expects Suppliers to avoid any situation that could result in a conflict of interest with a Veeam employee, including but not limited to situations where Veeam employee’s business judgement or decision making is influenced by that business relationship.
Suppliers are expected to avoid all conflicts of interest or situations giving the appearance of a conflict of interest between them and Veeam by ensuring that they disclose any personal or outside business arrangements between their employees and themselves and any Veeam employees or their families.
Suppliers are obligated to report and provide immediate notification to all affected parties in the event that an actual or potential conflict of interest arises.
Suppliers are expected to create, store, and maintain business records, not altering any record entry to conceal or misrepresent the underlying transaction represented by it, and have in place appropriate controls to ensure the activities are accurately and securely performed.
All records, regardless of format, such as or related to human rights, health and safety, environmental practices, business activities, or financial situations shall be disclosed by Suppliers in accordance with applicable laws and regulations, and prevalent industry proceedings. Suppliers’ records should be retained based on the applicable legal retention requirements or for a minimum period of 7 years. Any intent of Suppliers to distort or alter in any way the records is unacceptable and may culminate in withdrawal of Veeam from the business relationship with the Suppliers and result in legal action.
Suppliers are prohibited from disclosing any confidential information as it relates to Veeam and are required to ensure that all sensitive, confidentially classified and proprietary information, including personal data of employees, business practices and financial information of Veeam is appropriately protected from unauthorized access, destruction, use, modification and disclosure, through appropriate physical and electronic security procedures.
In their business relationship with Veeam, Suppliers must comply with all applicable data privacy laws and regulations and must report promptly to Veeam any suspected or actual data breach, or any security incidents.
To determine whether Suppliers are compliant with this Code, Veeam reserves the right to perform an audit, when deemed necessary. Veeam may solicit any Supplier to complete self-assessment trainings or questionnaires, perform internal controls and to disclose relevant policies or procedures to Veeam, to participate in and provide information to any assessment/rating platform engaged by Veeam, or to be subject to announced and unannounced on-site direct and/or third-party audits or evaluations of the Supplier’s facilities, records, and operations.
Suppliers are required to have their own due diligence process in place to ensure full compliancy with this Code is met.
Veeam’s Suppliers must cooperate with requests for inspections, audits, and investigations by Veeam or any of its authorized agents, as well as requests for environmental, social, and governance information. If Veeam determines that any Supplier has violated this Code, Veeam may, at its sole discretion, require the Supplier to implement corrective actions. If however the Supplier fails to immediately implement any requested corrective actions, Veeam may suspend or terminate any contracts or orders between Veeam and the Supplier.
Suppliers agree that they shall not, directly or indirectly, either for their own benefit or for the benefit of another person, (a) make any solicitation to employ Veeam’s personnel without the written consent of Veeam, (b) in any way interfere with the relationship between Veeam and any employee of Veeam, or (c) induce or attempt to induce any customer, Supplier, or business relations of Veeam to cease doing business with Veeam or otherwise interfere with the relationship between Veeam and any other party.
An important part of upholding the Code is ensuring that Suppliers only do business with others that adhere to the same standards of ethics and compliance.
Suppliers may not engage in any activity prohibited by this Code by knowingly employing or failing to impose appropriate corrective action, up to and including termination, upon a sub-contractor or Sub-Supplier who performs the prohibited activity on behalf of Veeam’s Suppliers.
Suppliers must notify Veeam prior of any intent and obtain written consent from Veeam to engage a sub-contractor to fulfill the Supplier’s obligations.
Veeam requires suppliers to protect personal data in compliance with all applicable privacy and data protection laws. Personal data provided by or on behalf of Veeam should only be used, accessed, and disclosed as permitted by and strictly in accordance with the contractual terms and conditions agreed with Veeam.
Suppliers shall comply with all applicable privacy, data protection, and information security laws and regulatory and judicial requirements regarding the collection, storage, processing, transmission, or disclosure of data, whether provided by Veeam or any party on its behalf, or obtained by Suppliers, including on behalf of Veeam or its customers. Upon request, Supplier shall execute appropriate data protection and transfer agreements with Veeam in any form that Veeam or its customers are required by applicable laws to execute with service providers or to flow down to sub-contractors.
Veeam requires its Suppliers to comply with all applicable laws governing Intellectual Property Rights assertions, including protection against disclosure, and instructing and monitoring their workers on how to adequately manage (access, use, transfer) intellectual property.
Suppliers warrant that when doing business with Veeam, Intellectual Property Rights will be respected, transfer of technology and know-how will be performed in a manner and using methods that protect Intellectual Property Rights, and Suppliers and customers’ information will be continuously safeguarded.
Veeam’s intellectual property, confidential information, patented technology, documentation, or other materials must not be used without permission or outside the scope of work performed for Veeam. Suppliers are prohibited from using Veeam’ trademarks, images, logos, or other materials owned or controlled by Veeam, unless explicitly authorized and instructed in writing by Veeam.
Every Veeam employee involved in the end-to-end procurement activities within the organization shall use their best endeavors to ensure that Veeam’s purchasing and contractual activities are ethical, transparent and provide maximum competitiveness and fairness to Suppliers.
This Code shall be read and reviewed by Suppliers regularly on an annual basis and made known through trainings or any instructing methods to any Supplier’s employees, sub-contractors, and sub-suppliers working on Veeam matters.
Suppliers shall acknowledge that they have read and will abide by the Code with a signature by an authorized representative of the Supplier. All Suppliers that will be granted access to the Veeam network or buildings should acknowledge and have training on the Code. The requirements for accessing Veeam networks and facilities should be linked to this Code.
To meet social responsibilities and to achieve success, Veeam’s Suppliers shall uphold the highest standards of ethics including compliance with the following:
Trade
As a global company powering location-based services for organizations and people around the world, Veeam is required to comply with the USA, the EU, UK, UN, and other countries trade sanctions, and export controls which restrict where and with whom Veeam can do business, including even indirectly through partners. It is of high importance for Veeam to take notice where and by whom its services and solutions are being provided and accessed, and where its products, services and technology is sourced from.
Suppliers shall comply with all applicable international laws, national laws, regulations, and other controls which govern the transfer, access, export, re-export, and import of products, services, and technology, and must maintain, where applicable, robust compliance programs and policies to manage technologies, products, and technical data that is controlled or restricted by trading laws. Suppliers must not provide controlled technologies, products, or technical data to Veeam, without notifying Veeam of such controls as necessary for Veeam to maintain compliance with applicable laws.
Anti-Trust
Veeam’s Suppliers must understand and comply with all applicable fair business, advertising, and competition laws, including fair trading and antitrust laws.
Veeam’s policy is to compete in an ethical manner while complying with global anti-trust and competition laws. Anti-trust and competition laws are designed to protect consumers and competitors against unfair business practices, and to promote and maintain competition on the free market. These laws prohibit or restrict activities related to fixing, coordinating, or controlling prices and allocating or dividing customers, territories, or markets. As a result, Suppliers should take care in any communications with competitors about any aspect of Veeam’s business.
Veeam’s Suppliers must be committed to dealing honestly, ethically, respectfully, and fairly with each other and Veeam’s competitors, customers, and other Suppliers. Suppliers must not make false, misleading, deceiving, or fraudulent statements regarding Veeam’s products and services to any other business or person. Suppliers must not take unfair advantage of anyone through manipulation, concealment, abuse of privileged information, misrepresentation, or any other unfair dealing practice.
Anti-Corruption
Veeam has a no tolerance for corruption. Suppliers shall comply with Veeam's Anti-Corruption Policy and all applicable anti-corruption laws, regulations, and standards. Suppliers shall not, directly or indirectly offer, give, and/or receive payments or incentives to influence any person or government official. Suppliers will ensure maintenance of accurate books and records, implementing monitoring and enforcement procedures to ensure compliance with anti-corruption laws.