Accolite’s Supplier Code of Conduct sets for key supplier (“Supplier”) standards (“Supplier Standards”), which align with our Code of Conduct & Ethics, apply to all of our third-party representatives, suppliers, vendors, subcontractors and business development agents and their parent, subsidiary and affiliated entities, or collectively, Suppliers, including Suppliers engaged by Accolite Digital Group Inc. and/or its affiliates (individually and collectively, “Accolite”, the “Company”, “we”, “our” or “us”).

All Suppliers are responsible to ensure that their employees, including temporary, migrant, student, contract, and direct employees, performing services in relation to Accolite business are familiar, and comply, with these Supplier Standards. Accolite expects its Suppliers to adopt similar standards within their own businesses and apply those standards to their next-tier suppliers (e.g., subcontractors).

The Supplier Standards are not intended to conflict with or modify any existing contractual terms between Accolite and its Suppliers. The Standards are intended to offer guidance for Accolite’s suppliers and, should a conflict arise, any existing contractual terms and conditions will take precedence.

The relationship between Accolite and its direct and indirect affiliates and its Suppliers is an integral part of achieving and maintaining high performance in Accolite’s business. Accolite is committed to working with reputable business partners who share our dedication to ethical business conduct and policies.

Suppliers are required to comply with all applicable laws, regulations, and rules in the countries in which the Supplier is located or does business, including relevant international laws and regulations such as those related to business integrity, human rights, health and safety, trade, and the environment.

Suppliers must conduct business interactions and activities with integrity and must, without limitation:

Conduct business in compliance with antitrust and fair competition laws that govern the jurisdiction(s) in which they conduct business. Suppliers must avoid agreements and practices that have a restrictive effect on competition such as price fixing, market allocation, or abuse of a dominant position.

1. Comply with all applicable laws, including all applicable anti-corruption laws, including the U.S. Foreign Corrupt Practices Act (“FCPA”), the U.K. Bribery Act 2010, the India Prevention of Corruption Act of 1988, and local anti-corruption laws, as well as applicable laws governing lobbying, gifts, donations, hiring and payments to public officials, political campaign contribution laws and other related regulations. In addition, Accolite expects Suppliers to make reasonable efforts to implement procedures to ensure compliance with all applicable laws, including, without limitation, laws related to employment, immigration, and anti-corruption.
2. Suppliers must engage and/or employ only those personnel who have a legal right to work in all applicable geographies in which such personnel may operate.
3. Suppliers must not engage, directly or indirectly, in bribery or corruption. Suppliers must not promise, authorize, offer, or pay anything of value (including but not limited to gifts, travel, hospitality, charitable donations, or employment) to any person, including in particular any “Government Official,” in order to improperly influence any act or decision of such official for the purpose of obtaining or retaining business or any improper business advantage related to Accolite or that would otherwise constitute a bribe, facilitation payment, kickback, or other illegal payment or benefit. A Government Official is any individual acting in an official capacity for or on behalf of any government or government division, department, agency, or instrumentality of such a government or organization, political party, or company or entity owned or controlled by or acting on behalf of any of the above.
4. Implement sufficiently robust risk management procedures and internal controls to detect, prevent, deter and respond to all forms of financial crime, including tax evasion, facilitation of tax evasion, money laundering, fraud and the financing of terrorism.
5. Honestly and accurately maintain books and records, including receipts and expenses, related to Accolite’s business, and report all business information and comply with all applicable laws regarding their completion and accuracy. Suppliers shall make such books and records available for review by Accolite, or by an independent party agreed upon by the Supplier and Accolite, at Accolite’s reasonable request. Suppliers must create, retain and dispose of business records in compliance with all applicable legal and regulatory requirements.
6. Be clear, transparent, and truthful in providing information to Accolite. Suppliers must not engage with Accolite employees in any way that could cause a potential or actual conflict of interest, for example dealing with any Accolite employee who has a close personal relationship with anyone that holds a financial interest in the Supplier, including their family members, intimate partners and close friends. Suppliers must not seek to take advantage through concealment, manipulation, abuse of confidential information, misrepresentation of facts or any other unfair dealing practice.
7. Suppliers must not unlawfully use insider information relating to Accolite for material gain or disclose insider information to unauthorized persons. Suppliers must not buy or sell Accolite securities when in possession of information about Accolite that is (a) not available to the investing public and (b) could influence an investor’s decision to buy or sell the security.
8. Suppliers must not engage subcontractors in performing work for Accolite without prior notification. Accolite generally prohibits Suppliers from using subcontractors in performing their work for Accolite unless Accolite gives prior written approval, and then only after the Supplier acknowledges that it has provided the subcontractor a copy of this document.
9. Comply with applicable Trade Control laws and regulations of the countries and jurisdictions in which Accolite operates worldwide (i.e., export controls, economic sanctions, import/customs, and anti-boycott laws). This includes:
   1. Avoiding the “embargoed” jurisdictions that Accolite does not do any business or transact with – directly or indirectly. These jurisdictions currently include Cuba, Iran, North Korea, and Syria, as well as the Crimea, Donetsk People’s Republic, and Luhansk People’s Republic regions of Ukraine.
   2. Being aware of the significant sanctions and trade controls on certain other countries, including but not limited to, Russia, Belarus, Burma / Myanmar, and Venezuela that restrict the ability to engage or transact with parties there.
   3. Ensuring that Accolite does not work with certain persons and companies – “denied parties” – because they are named on lists published by governmental authorities, including OFAC’s Specially Designated Nationals (“SDN”) list, BIS’ Entity List, Her Majesty’s Treasury Sanctions List, and EU Consolidated List of Financial Sanctions.
   4. Recognizing that Trade Controls, such as the US Export Administration Regulations, EU Dual Use Export Control Annex, and UK Strategic Export Control Lists, govern the export of products, hardware, software, data, services, and technology around the world.

Accolite respects, considers, integrates and promotes internationally recognized human rights in accordance with principles outlined in the United Nations Declaration of Human Rights and the International Labour Organization’s (ILO) Declaration on Fundamental Principles and Rights at Work.

Accolite expects its Suppliers to commit to these same principles concerning fundamental rights at work in the eight core conventions of the ILO’s Declaration and conventions on working hours. In addition, we expect our Suppliers to respect, in particular, the rights of women, children, migrants and other vulnerable groups and individuals, in accordance with the ILO conventions and the Convention on the Rights of the Child. Accolite’s standards on labor and human rights specifically include the following requirements:

1. Prohibition on Discrimination.
   Suppliers must provide a workplace free from discrimination, harassment, or any type of abuse. Suppliers must not discriminate against a person’s Legally Protected Characteristics, such as race, color, religion, gender identity, pregnancy, age, national origin, sexual orientation, marital status, disability status, veteran status, or freedom of association, including political affiliations and union memberships, when making employment decisions, including recruiting, hiring, training, promotion, termination, or providing other terms and conditions of employment. Suppliers should also promote diverse and inclusive workplace environments where everyone is treated with respect and where people are encouraged to embrace diverse backgrounds, cultures and thought. In addition, Suppliers should make reasonable efforts to engage under-represented diverse businesses such as minority-owned, women-owned, disabled-owned, LGBTQ-owned and veteran-owned companies (where it is legal to classify suppliers in these groups) when making their own sourcing decisions.
2. Prohibition on Child Labor.
   Accolite strictly prohibits the use of child labor in any of the Supplier’s operations. Suppliers must not employ workers younger than the greater of (a) 15 years of age, or 14 where the local law allows such exception consistent with International Labor Organization guidelines, or (b) the age for completing compulsory education, or (c) the minimum age established by law n the country of operations. In addition, Suppliers must comply with all legal requirements for authorized young workers (including students and interns), particularly those pertaining to hours of work, wages and working conditions.
3. Prohibition on Forced Labor.
   All forms of forced or compulsory labor, such as prison labor, bonded labor, or indentured labor, are forbidden in any operations. Forced overtime and human trafficking are also strictly prohibited. Additionally, Accolite expects Suppliers to follow responsible recruitment practices to prevent forced labor and other forms of modern slavery. Suppliers and their abor agents and subagents shall not hold, destroy, conceal, confiscate, or deny workers access to their identity or immigration documents.
4. Prohibition on charging Workers for employment:
   Suppliers should not charge any recruitment or other related fees to workers for employment. If any such fees are found to have been charged by the Suppliers to workers, such fees shall be repaid to the workers immediately.
5. Commitment to Health and Safety.
   Suppliers must provide clean, safe and healthy working conditions for all employees. Suppliers must comply with all applicable, legally mandated standards for workplace health and safety in the countries in which they operate, and Accolite encourages Suppliers to implement industry best practices.
6. Fair Wages and Benefits.
   Suppliers must pay workers according to any applicable minimum wage, as well as any legally mandated overtime premium for all hours worked. Suppliers also must ensure that any legally mandated benefits are being provided to their employees and that there are no illegal deductions for employee benefits. Workers must be provided with a timely and understandable wage statement that includes sufficient information to verify accurate compensation for work performed. Suppliers shall also take steps to ensure equal pay for equal work and that remuneration for work of equal value is established without discrimination.
7. Working Hours.
   Working hours are not to exceed the maximum set by local law. Furthermore, a standard workweek should not exceed 48 hours or 60 hours, including overtime, except in emergency or unusual situations. All overtime must be voluntary and workers must be allowed at least one day off every seven days.
8. Freedom of Association and Collective Bargaining.
   Suppliers must respect the right of all workers to form and join, or not join, a trade union of their choice (or equivalent worker bodies where the right to freedom of association and collective bargaining is restricted under law) and to bargain collectively. Suppliers will prohibit any form of intimidation, harassment, retaliation and violence against workers exercising these rights.
9. Commitment to Responsible Sourcing.
   Suppliers will be committed to sourcing goods and services for Accolite in alignment with all the principles and standards laid out in Accolite’s Supplier Code of Conduct. Suppliers should give exceptional emphasis to sourcing with the same fundamental support of human rights, labor, health and safety, environment and ethics as set forth in these Supplier Standards. This commitment also applies to the responsible sourcing of minerals, including conflict minerals. Suppliers must take steps to determine if their products contain conflict minerals (including tin, tantalum, gold and tungsten) and, if so, implement supply chain processes to identify the sources of these minerals and support efforts to eradicate the use of conflict minerals, which directly or indirectly finance or benefit armed groups in the Democratic Republic of Congo or adjoining countries.

Accolite encourages its Suppliers to draw upon internationally recognized principles to advance social and environmental responsibility.

1. Compliance with all Applicable Environmental Laws.
   Suppliers must comply with all local environmental laws applicable to their operations in the countries in which they operate.
2. Environmental Management.
   Accolite encourages Suppliers to focus on continuous improvement of environmental performance, including in the areas of water, waste, chemicals and energy and emissions management. In particular, we encourage Suppliers to begin their transition away from fossil fuel-based energy sources and toward net-zero greenhouse gas (GHG) emissions goals. Accolite aims to reduce the Scope 3 emissions associated with our supply chain. We are encouraging our Suppliers to set their own net zero emissions reduction targets and in some cases supporting them to do so.
   
   At a minimum, Accolite requests Suppliers to have policies and procedures in place to measure and reduce GHG emissions and be able to identify potential improvements to the goods and services being provided that will in turn contribute to reducing Accolite’s emissions. Accolite may request information on Supplier’s GHG emissions and reduction planning.
   

Suppliers will respect intellectual property rights, protect confidential information and comply with privacy rules and regulations. All Accolite Suppliers must, without limitation:

1. Protect and responsibly use the physical and intellectual assets of Accolite, including intellectual property, tangible property, supplies, consumables and equipment, when authorized by Accolite to use such assets.
2. Respect and protect the intellectual property rights of all parties by using only information technology and software that has been legitimately acquired and licensed.
3. Use software, hardware and content only in accordance with their associated licenses or terms of use.
4. Use Accolite-provided information technology and systems (including email) only for authorized Accolite business-related purposes. Accolite strictly prohibits Suppliers from using Accolite-provided technology and systems to (1) create, access, store, print, solicit, or send any material that is intimidating, harassing, threatening, abusive, sexually explicit, or otherwise offensive or inappropriate, or (2) send any false, derogatory, or malicious communications. Any solicitation of Accolite employees using information gathered from Accolite-provided technology or systems is prohibited.
5. Consider all data stored or transmitted on Accolite-owned or leased equipment to be the property of Accolite. Accolite may monitor all use of the corporate network and all systems (including email) and may access all data stored or transmitted using the Accolite network.
6. Comply with the intellectual property ownership rights of Accolite and others, including but not limited to copyrights, patents, trademarks and trade secrets.
7. Manage the transfer of technology and know-how in a manner that protects intellectual property rights.
8. Follow all local privacy and data protection laws.
9. Provide clear and accurate privacy notices when collecting or processing personal data.
10. Honor privacy choices by using data only as agreed to by Accolite representatives or Accolite’s customers.
11. Protect data by building secure products and services.

We expect our Suppliers and their third-party suppliers or subcontractors to comply with contractually agreed Information Security & Privacy requirements throughout the contracted period. Suppliers must:

1. Act in good faith to deliver Information Security & Privacy obligations in a timely manner, including but not limited to extending support to annual audits and risk assessments, ensuring third party assessments and attestations are kept current ex: ISO 27001, SOC2 Type 2), meeting regulatory requirements at all times (ex: GDPR, PCI DSS, HIPAA), notifying Accolite proactively of lapse in any of the aforementioned, and mitigating and cooperating with Accolite in the resolution of any security incidents or breaches impacting Accolite or its customers.
2. Notify Accolite:
   1. Within contractually agreed upon timeframes of any security incident that impacts Accolite or our customers at incidents@accolitedigital.com.
   2. As soon as reasonably possible of any change in their security management or controls affecting the services or solutions provided to Accolite.
3. Adhere to and maintain security standards commensurate with industry recognized security frameworks (ISO/IEC 27001, SOC 2 Type 2, NIST CSF) and Accolite’s security standards.
4. Obtain approval from Accolite’s Corporate Security team prior to performing any integration between the infrastructure of:
   1. Accolite and Suppliers,
   2. Accolite’s Customers and Suppliers,
   3. or between Accolite , Accolite’s Customers & Suppliers.
   4. Assets involved in integration must be updated with current patch levels and their configuration must be hardened and follow
      1. “least privilege policy.”
5. Mitigate, within contractually agreed upon turnaround times, any risks discovered through Accolite’s or any external accredited party’s security assessments or audits.
6. Provide appropriate physical and technical security measures to protect Accolite’s or its clients’ data in its possession throughout the contracted period against unauthorized access, usage, destruction and modification.
7. Terminate the integration of its IT platforms or those of its third-party suppliers with Accolite’s or our clients’ IT platforms, delete relevant security credentials created in supplier systems at the time of contract termination or when the need for such integration ceases and provide written confirmation to Accolite of such termination.
   1. Upon termination as agreed in the Supplier’s contract, any assets and/or confidential data must be returned or deleted.

Accolite strives to align, centralize and integrate disciplines and capabilities to deliver timely and effective incident identification, impact assessments, escalation, communication, and resolution. The resiliency efforts extend beyond the assets of Accolite to the third-party service providers that support our business processes.

Accolite expects its suppliers to manage business continuity risk to ensure availability of critical services to Accolite during a disaster event. It is a requirement that each supplier maintain a comprehensive business continuity program that addresses the loss of facilities, technology, human capital, or suppliers necessary to support Accolite. We routinely request collaborative disaster recovery testing with our Suppliers to appraise their resiliency and identify potential issues that would impact continuous service delivery to our customers. Suppliers are expected to share these plans as requested.

These Supplier Standards are incorporated into the Agreement between Suppliers and Accolite by reference. Compliance with these Supplier Standards is mandatory. At the same time, should these Standards conflict with the terms of any Agreement, any existing contractual terms and conditions will take precedence.

Accolite reserves the right to monitor and audit each supplier’s compliance with the Supplier Standards including, but not limited to, conducting on-site audits of our Suppliers’ premises, IT systems and infrastructure. Suppliers should maintain all documentation necessary to demonstrate compliance with the Supplier Standards and cooperate with Accolite associates or third-party monitoring firms in connection with such inspections, or other Accolite-initiated fact-finding inquiries related to Supplier’s work for Accolite.

Failure to comply with these Supplier Standards may lead to consequences, including termination as a Supplier to Accolite.

Suppliers, and their employees and supply chains, are obliged to inform Accolite immediately if they suspect or become aware of any unethical conduct, actual or potential violation of the Supplier Standards or of any applicable law, regulation or rule. Reports can be made to your business sponsor and/or the Accolite Compliance team (Compliance@Accolitedigital.com), anonymously where legally permissible. Accolite does not retaliate against anyone for submitting in good faith a report of suspected or known misconduct, nor does Accolite tolerate others retaliating.

1. To make a report by telephone, dial the number specific to your country and follow the prompts.
   1. U.S., Canada, Central America and South America: +1 972 586 7778
   2. India / APAC / EU / Other Locations: +91 40 3001 1234, +91 80 6782 1234

If any part of the Supplier Standards is unclear, please reach out to your business sponsor or contact the Accolite Compliance team (Compliance@Accolitedigital.com).