Code of Conduct
November 2024, WithSecure
WithSecure ™ purpose and values
The Code of Conduct should be read and understood in the context of WithSecure’s Purpose and Values – they guide our personal behaviour in all situations.
Foundation of trust – trust is built and sustained by our values. Each value has a set of key behaviours and leadership principles linked to them.
Our purpose is to build and sustain digital trust, confidence and equity. This places trust at the heart of our business and our organization. We value being trustworthy to our customers and to each other.
Trust is, in turn, built and sustained by our values, which are: Integrity, which means We do the right things for the right reasons; Excellence: that We are passionate about quality and impact; Experimentation: which relates to our drive for growth & continuous improvement; and Care: being mindful that We’re in this together.
Applicability
The Code of Conduct applies to all persons working for WithSecure, anywhere WithSecure operates.
In addition to the principles in this Code of Conduct, persons working for WithSecure must comply with WithSecure’s internal policies, guidelines and processes as well as applicable local laws.
In some cases, local laws may be less restrictive than the principles discussed here. In those situations, the Code of Conduct should be followed. If local laws are more restrictive than these standards, local laws apply.
WithSecure suppliers and partners must also comply with this Code of Conduct, and WithSecure reserves the right to conduct audits at its own discretion.
WithSecure ™ Code of Conduct
WithSecure’s Code of Conduct contains fourteen guiding principles.
- Building and sustaining digital trust, confidence and equity
- Privacy and Security
- Intellectual Property Rights and Confidentiality
- Responsible use of A.I.
- Wellbeing, Inclusion, Diversity, and Equity
- Protecting Human Rights
- Sustainability
- No Corruption or Bribery
- Preventing Conflicts of Interest
- Securities Markets Compliance
- Trade Compliance
- Fair Competition
- Working with Responsible Suppliers
- Whistleblowing
Building and sustaining digital trust, confidence and equity
Our Commitment to Cyber Security and Ethical Conduct
We exist to build and sustain digital trust, confidence and equity in our society by securing the world around us.
We believe that a secure digital environment is fundamental to the well-being and progress of our society, businesses, and the global economy. Our goal is to build a secure future for everyone.
We envision a world where digital interactions are safe, data is protected, and trust is upheld.
European Values and Standards
We champion the foundational European values and adhere to all European regulations for a more ethical and secure digital world. Compliance with these regulations is not just a legal obligation but a reflection of our dedication to ethical practices.
We strive to go beyond mere compliance by fostering a culture of integrity and responsibility. We actively contribute to enhancing cyber security in society by engaging in forums where cyber matters are discussed, and decisions are made.
We believe in the power of education and advocacy to drive positive change.
Transparency, Democracy and Fairness
Through our commitment to transparency, democracy, and fairness, we seek to influence the industry positively.
We operate with openness and honesty, ensuring that our clients, partners, and the public understand our practices and policies.
We respect the democratic principles that underpin our society and strive to ensure that our actions promote fairness and justice in all our dealings.
Privacy and Security
High-Quality Cyber Security
We build and maintain world-class cyber security products and services to protect businesses and organizations from cyber threats. Our solutions are developed with the highest international industry standards, ensuring reliability, effectiveness, and compliance with European cyber security standards and regulations.
We continuously innovate to stay ahead of emerging threats and to provide our clients with cutting-edge protection.
Security, Privacy and Compliance
As a provider of cybersecurity products and services, we know that our reputation is dependent on us walking the talk. It's easy to lose credibility if the house is not in order. We strive to implement what is ideal rather than the bare minimum. Regulatory, contractual and certification requirements are not negotiable. On top of them, we aim to bake security into every process across every function in the organization so that it is not something that is an add-on, but rather just the way we work.
Intellectual Property Rights and Confidentiality
We recognize the value of innovation and actively protect the intellectual property rights of WithSecure. This includes patents, software and other copyrighted materials, knowhow, trade secrets and trademarks.
We respect and protect the intellectual property of others with the same degree of care as our own and always honour the terms of any agreement.
We honour third party rights, including the rights of the open-source community.
We safeguard confidential information of WithSecure, our business partners and customers from unauthorized disclosure and misuse.
Responsible use of A.I.
We recognize the transformative power of artificial intelligence (AI) and its potential to drive innovation and efficiency in our operations.
We are committed to using AI responsibly, ethically and ensuring that it respects privacy, diversity, regulations, and human rights. This includes our work with Large Language Models (LLMs), where we apply the same rigorous standards to ensure responsible and thoughtful deployment.
We pledge to uphold transparency in our AI systems, striving to provide clear explanations of their functioning and impacts.
We embrace continuous learning and improvement in our AI initiatives, fostering a culture of ethical AI governance and accountability.
Wellbeing, Inclusion, Diversity, Equity.
We champion Wellbeing, Inclusion, Diversity, and Equity (WIDE) as fundamental principles guiding our interactions and decisions.
We ensure that employees’ Wellbeing comes first.
We create an Inclusive culture built on trust.
We value Diversity in everything we do.
We commit to advancing Equal opportunities.
We assess individuals based on competence, skills and achievements. Equality, non-discrimination and fairness are key principles in recruitment, compensation and advancement at WithSecure.
We proactively address systemic barriers to equity and advocate for policies and practices that promote diversity and inclusion at every level of our organization.
To support gender equality in our industry, we encourage girls and women to pursue a career in technology and cyber security.
We do not tolerate harassment. We do not allow conduct which can be considered harassing, intimidating or disruptive.
We take personal responsibility for creating and maintaining a positive working atmosphere. We encourage employees to raise questions and suggest improvements.
Protecting Human Rights
We honour internationally recognised human rights standards.
We support the fundamental human rights to good working conditions, and reasonable balance between working hours and leisure time for everyone. Suppliers must ensure good working conditions that comply with all applicable rules and legislations.
We respect the freedom of opinion and expression as well as freedom of conscience and religion.
We fight to protect people’s digital lives and help for example schools, hospitals, and even cities to create safe networks.
We respect the freedom of association and employees’ right to organize.
We actively ensure safe and healthy working conditions.
We do not tolerate any use of child labour, any form of forced labour or any other human rights violations.
We actively foster an inclusive, respectful and safe working environment and we adhere to the United Nations System Code of Conduct.
We conduct business ethically complying with laws, regulations, and the Ten Principles of the UN Global Compact.
Sustainability
We protect the digital society and prevent damages and losses caused by cybercrime. This is our most important contribution to a more sustainable world. With this role, our activities will always generate a significant positive impact on society.
We want to ensure that our activities are carried out in the best possible way regarding planet, people and society around us.
We want to share our knowledge and support to parties who cannot always defend themselves. As a software and services company, our carbon footprint is not high, but we do our part in minimizing the environmental impacts of products as well as our own activities.
We want to make sure that our internal operations always follow highest ethical standards. To guide our operations in reaching this goal, we follow the goals outlined in our W/Sustainability program:
- A safer and greener digital world;
- A truly equitable workplace;
- Businesses run responsibly.
No Bribery or Corruption
We do not make or accept any bribes or other improper payments.
We never engage in fraudulent practices.
We do not give or accept gifts or hospitality over the appropriate limits.
We do not endorse or provide financial support to individual political parties.
When conducting business with any governmental body, we carefully abide by all applicable regulations and ethical standards.
We do not tolerate any form of bribery, corruption or fraudulent practices by our partners or any parties acting on our behalf.
Preventing Conflicts of Interest
We always act in the best interests of WithSecure.
We are aware that conflicts of interest arise in the work environment when making decisions that may benefit oneself, one’s friends or family.
We avoid situations where any personal relationship or financial interest may influence our decisions.
We understand that conflicts of interest can occur even if we are convinced our decision making is not swayed by personal interests or relationships.
If any conflict of interest arises, we will disclose it immediately and take necessary steps to resolve it.
Securities Markets Compliance
We provide reliable, transparent and honest market communication.
We avoid any activities which might reduce trust in the securities market.
We abstain from any trade of financial instruments using undisclosed information that could be considered insider trading.
We are aware of the types of information that could be considered inside information and recognize a need for a constant assessment of such information.
All of our books, records, accounts and financial statements conform to the applicable legal requirements.
Trade Compliance
We comply with trade laws that impact our operations, including export control and international sanctions regulations.
We are careful with the use of cybersecurity tools and methods we use as part of our services make sure that they do not end up in the hands of criminals or other offensive actors.
We are transparent in our operations. In every jurisdiction where we operate, we cooperate with the authorities to ensure compliance of regulations.
Fair Competition
We value and support fair and free competition.
We will not take part in any activities that restrict fair competition.
We take action against unfair practices and violations of competition laws as soon as we become aware of them.
We do not discuss sensitive topics such as pricing, strategy, roadmaps or customers with our competitors.
We do not limit the ability of our business partners to freely set the resale price of our products or services
Working with responsible Suppliers
We recognize the crucial importance of WithSecure within the society, the economy and the supply chain of a large number of entities across the world, and therefore acknowledge the importance of cyber security regulatory and standard compliance.
We prioritize partnerships with suppliers who demonstrate a proactive approach to cybersecurity, fostering a resilient ecosystem.
We continuously evaluate and evolve our supply chain management strategies to uphold the highest standards of security, integrity and responsibility.
We strive to minimize environmental impact and promote responsible sourcing practices across our supply chain.
We recognize the importance of continuous monitoring and incident response capabilities to swiftly mitigate security breaches and maintain the integrity of our supply chain.
Whistleblowing
If you have questions about this Code of Conduct or you have any uncertainty about actions you may take or decisions you may make, please contact WithSecure Legal & Compliance.
You have the right and the obligation to raise a concern of a violation of the Code of Conduct.
WithSecure provides multiple ways to raise a concern. You may talk to your line manager, Legal or HR representatives. Concerns may also be reported via the Whistleblowing Channel.
WithSecure strongly encourages you to speak up if you suspect or witness any such behavior, activities or conduct. WithSecure provides you with an effective, objective, confidential and secure reporting channel, the Whistleblowing Channel, allowing you to openly and safely express your concerns. The Whistleblowing Channel is available to you 24/7 at Whistleblowing Channel.