ExtraHop Networks, Inc.
Supplier Code of Conduct
ExtraHop Networks, Inc. (“ExtraHop,” “we” or “us”) operates according to the highest ethical standards, honestly and in good faith, and in compliance with applicable law. We hold our Suppliers to the same standard.
For purposes of this Code of Conduct (“Code”), “Supplier” (or “you”) means an individual or entity that provides us services and/or goods, that provides services and/or goods to others on our behalf or that has a business partnership with us. “Supplier Personnel” means any director, employee, agent, affiliate, contractor, subcontractor or any other individual or entity engaged by or acting on behalf of Supplier in conducting any and all business activities with us or on our behalf. Any reference to Supplier includes all Supplier Personnel.
Fraud, dishonesty, unethical or criminal conduct on the part of any Supplier or anyone doing business with the Company will not be tolerated. This Code cannot address every potential situation that relates to our standards of conduct. Suppliers encountering situations that are not addressed specifically by this Code should exercise sound judgment, seek advice when appropriate and adhere to the highest ethical standards.
COMPLYING WITH THIS CODE
Supplier Compliance
ExtraHop encourages its Suppliers to implement their own binding guidelines for ethical behavior. Suppliers should also implement and maintain management processes to ensure that the requirements of the Code are enforced in their own businesses and in their own supply chains. ExtraHop also encourages Suppliers to obtain third-party certification for compliance such as from the International Standards Organization. Supplier agrees to reasonably cooperate with ExtraHop in the administration of and adherence to this Code. ExtraHop may audit Suppliers upon provision of reasonable notice to assess compliance with the requirements of this Code.
Supplier should communicate this Code and other related policies to Supplier Personnel and hold them accountable to adhere to the same standards. Ultimately, though, it is Supplier’s responsibility to ensure that Supplier Personnel comply with the required standards. Suppliers are expected to provide any information reasonably requested by ExtraHop that is needed to perform upfront risk assessment and ongoing monitoring and due diligence, including, but not limited to, financial information to assess financial viability, disclosure of legal, regulatory, and financial crimes issues, security audit report(s) where required, and operational risk frameworks for managing Supplier Personnel.
Training
Suppliers must provide appropriate training to Supplier Personnel, and conduct sufficient monitoring of their activities, to secure their compliance with this Code. Suppliers must distribute this Code to all Supplier Personnel who work on ExtraHop matters.
WORKPLACE RESPONSIBILITIES
Human Rights
Suppliers should be committed to supporting the protection and advancement of human rights in its business and throughout its supply chain. Suppliers should strive to conduct their business operations in ways that seek to respect, protect and promote human dignity and the full range of human rights, such as those described in the United Nations Universal Declaration of Human Rights. We expect our Suppliers to have appropriate policies and practices in place that apply to Supplier Personnel and their supply chains. Suppliers must ensure they are not complicit in human rights abuses, including modern slavery and human trafficking.
Freely Chosen Employment and Combatting Modern Slavery
Suppliers will not use or permit any form of forced, bonded or indentured labor. All work must be voluntary, and all workers must be free to terminate their employment at any time. Suppliers will not hold workers’ identity, immigration or work permit documents longer than reasonably necessary for administrative processing. Suppliers are expected not to require workers to pay recruitment fees or other fees for their employment, either directly or through third parties, and are expected to repay any worker that has paid such fees. Suppliers will not unreasonably restrict workers’ freedom to move into, out of or at working facilities. Where the Modern Slavery Act 2015 (United Kingdom) is applicable, Suppliers will comply with the requirements contained therein. Suppliers will be immediately responsive to any requests from ExtraHop to verify their compliance with the obligations of the Act.
Diversity & Inclusion
Supplier acknowledges that ExtraHop values diversity and inclusion as a high priority for its workforce and business operations. ExtraHop recognizes the importance of having a variety of backgrounds, perspectives and experiences represented. This includes people of different ethnicities, races, religions, genders, sexual orientations, physical and psychological abilities, ages, educational backgrounds and social classes. As ExtraHop embraces the value of diversity in all forms, we unlock the vast potential for innovation by nurturing inclusivity. These principles are representative of ExtraHop’s customer base and the many different communities in which it operates.
As such, Supplier is expected to engage a team that reflects these principles in the performance of services through a strategy that is inclusive of diverse groups, including without limitation, minorities, women, veterans, disabled people, and LGBTQ+. If and as requested by ExtraHop, Supplier shall, from time to time, provide ExtraHop with a written summary of its efforts to meet ExtraHop’s diversity and inclusionary goals and Supplier’s success in its diversity and inclusion efforts.
Employment & Non-Discrimination Practices
Suppliers must conduct all their operations in a socially responsible, non-discriminatory manner and in full compliance with applicable laws including, but not limited to, those associated with equal opportunity, child labor, forced or compulsory labor, working hours, compensation, freedom of association, collective bargaining and harassment free work environment.
Suppliers must: (i) ensure equal employment opportunity without discrimination in screening, hiring or employment practices and (ii) prohibit and remediate any harassment, based on race, color, age, sex, gender, gender identity, gender expression, sexual orientation, marital status, ethnicity, national origin, caste, disability, genetic information, medical condition, pregnancy, religion, political affiliation, union membership, covered veteran status or body art. Workers’ religious practices will be reasonably accommodated. Supplier shall ensure that no underage labor has been used in the production or distribution of their goods or services.
Health & Safety
ExtraHop takes health and safety seriously and aims to create an office environment that is both pleasant and safe to work in for its employees and visitors. We expect our Suppliers to prioritize the occupational health and safety of their employees and meet legal, regulatory and contract specific requirements when performing their contractual obligations for ExtraHop.
Suppliers will identify and plan for potential emergencies, and will implement emergency plans and provide guidance to workers on emergency response procedures, including emergency reporting, worker notification and evacuation, drills, pandemic planning, fire detection and suppression equipment, exit facilities and recovery plans.
ENVIRONMENTAL SUSTAINABILITY
ExtraHop recognizes the critical importance of a healthy environment to our global society, our economy, our business and our people. Given our position as a global industry leader and our commitment to good corporate citizenship, we endeavor to manage and leverage our resources in a way that promotes a healthy and sustainable environment. As such, we support the transition to a low-carbon economy through policies, activities, products and services that seek to mitigate climate risks and capitalize on environmental opportunities.
We expect Suppliers to adhere to these goals as well as all applicable environmental laws, regulations and standards. We also encourage Suppliers to implement policies and measures that aim to (i) reduce the environmental impact of their operations and (ii) introduce and maintain sustainable systems. Suppliers should understand, and take account of, the environmental impacts of their own operations and their supply chains.
Suppliers will obtain and keep current all required environmental permits, approvals and registrations, and follow their operational and reporting requirements. ExtraHop Suppliers will:
- minimize their use of natural resources;
- commit to improve resource efficiency, including minimizing use of scarce or non-renewable resources, by using recycled materials where possible and by recycling the materials that they use;
- reduce energy consumption in the creation and use of their products and services;
- sustainably manage their use of water in their own operations, supply chains, and their products and services, including minimizing the use of water in regions where water is scarce and ensuring that water discharges are free from pollution;
- sustainably manage the waste from their own operations, including (i) reducing waste and ensuring waste is properly disposed of and (ii) being aware of waste issues in their supply chains and working with their own suppliers to minimize impacts;
- ensure that their products meet the highest quality standards and do not contain ingredients or components that might pose a threat to human health or the environment. Physical products supplied should be manufactured in a sustainable manner that minimizes environmental impacts.
ETHICAL BUSINESS PRACTICES
Compliance with Applicable Laws, Rules and Regulations
Suppliers are required to comply with both the letter and spirit of all applicable laws, rules, regulations and regulatory guidance, including those laws, rules and regulations addressing corruption, kickbacks, bribery and other prohibited business practices.
Bribery and Anti-Corruption
ExtraHop does not tolerate bribery or corruption in any form. Suppliers must comply with the Company’s Supplier Anti-Bribery and Anti-Corruption Policy found here.
Anti-Competitive Behavior
ExtraHop is committed to complying with all antitrust and competition laws and the conduct of its Suppliers plays a critical role in this compliance. Suppliers must understand and fully comply with antitrust and competition laws. These laws are designed to promote free and fair competition, and they help enable open markets, enhance productivity, and promote innovation and value for customers. Violations of these laws can lead to severe financial and reputational consequences for individuals and companies.
Global Sanctions
To further foreign policy and national security objectives, governments and organizations worldwide have programs that impose restrictions and prohibitions, or “sanctions,” on transactions with certain countries, entities, individuals, and end-uses. All ExtraHop Suppliers have the responsibility of following these programs.
Suppliers must ensure that they know where their product originated and know who provided the product and components to that product. Suppliers are prohibited from engaging in trade, commerce, or any dealings with sanctioned countries or regions subject to applicable local laws. Suppliers are further prohibited from engaging with individuals or companies listed on government watchlists. Some violations have serious consequences for non-compliance, including but not limited to, personal, criminal, and reputational liability, even if the action was inadvertent or uninformed.
Trade
ExtraHop is committed to complying with all applicable customs, trade and import/export laws and regulations that govern the movement of products across international borders. Critical to this is providing accurate information to regulatory agencies about the products we import and export. We rely on our Suppliers to provide us true and accurate information. Conducting our international trade activities is critical to earning and maintaining trust in our business, and allowing us to move these items as necessary to serve our customers around the world. Suppliers must comply with all applicable customs, trade and import/export laws and regulations.
Company Resources
ExtraHop resources include facilities, equipment, materials, systems, money, personnel, intellectual property and confidential information. Suppliers are required to safeguard ExtraHop resources utilized in the course of performing contracted work. Supplier must only use ExtraHop resources for legitimate business purposes and any wasteful or inappropriate use of ExtraHop resources is prohibited.
Data Protection
In the event that Supplier has access to, acquires or otherwise processes Personal Information, Supplier will comply with applicable laws, regulations and guidance concerning Personal Information and the Data Protection Addendum found here.
Monitoring
ExtraHop reserves the right to monitor, record and disclose all data and communications created, sent, received or stored using ExtraHop resources as it deems appropriate, subject to applicable laws and regulations. This includes any and all communications created by, sent to, received or stored by the supplier relating to ExtraHop.
Publicity and Intellectual Property
Suppliers may not use the ExtraHop brand or ExtraHop’s trademarks without express written permission, except as otherwise set forth in the agreement between ExtraHop and Supplier. Suppliers will respect intellectual property rights, and will conduct technology and know-how transfers in a manner protecting intellectual property rights.
Accounting and Business Records
Supplier’s financial books, records and accounts must accurately reflect the underlying activity and conform to Generally Accepted Accounting Principles (GAAP). Operational reports and records must adhere to industry standard requirements, must be accurate and timely, and must be in full accordance with applicable legal and contractual requirements.
Conflicts of Interest
ExtraHop expects its Suppliers to avoid and manage any conflicts of interest or the appearance of such conflicts. Supplier and Supplier Personnel cannot receive improper benefits through their relationship with ExtraHop or allow other activities or interests to conflict with acting in the best interests of ExtraHop.
Gifts and Entertainment
Gifts and entertainment may create an inappropriate obligation or expectation on the part of the recipient or provider. We expect our Suppliers to refrain from providing personal gifts, fees, favors, other compensation or business courtesies, including entertainment activities, that are intended to influence, or might reasonably appear to influence, a business decision. Notwithstanding the above, meals and refreshments offered during a meeting is generally acceptable, provided the purpose is ExtraHop related, the Supplier is in attendance, the cost is reasonable and customary, and it is an infrequent occurrence.
Business Continuity
ExtraHop expects its Suppliers to manage business continuity risk in terms of ensuring availability of critical services to the Company during a disaster event. Therefore, we expect our Suppliers to have plans in place for their business to continue with minimal interruption in the event of an emergency, crisis situation, natural disaster or terrorist/security related event. Suppliers are expected to share these plans as requested by the company.
CODE ADMINISTRATION
Code Violations
Any Supplier who violates this Code in connection with ExtraHop business will be subject to disciplinary measures, up to and including restriction or termination of business relations, suspension of the making or reimbursement of any payments and, where appropriate, referral of the matter to relevant law enforcement authorities. Supplier’s violation of this Code is deemed a material and uncurable breach of its contract with ExtraHop.
Reporting Violations
Any Supplier or Supplier Personnel who has information or belief that this Code or related procedures may have been violated shall immediately report the event directly to ExtraHop Legal using the information below. All reports are treated as confidentially as possible. It helps with follow-up if you identify yourself. If you are not comfortable identifying yourself, you can make anonymous reports to the extent allowed by law.
To report violations, contact ExtraHop Legal at:
legal@extrahop.com
or
ExtraHop Networks, Inc., Attention: Legal Department, 520 Pike Street, Suite 1600, Seattle, WA 98101, United States
ExtraHop undertakes to promptly investigate reports and to pursue reasonable and appropriate action to remediate any violations substantiated by an investigation.
Whistleblowing
ExtraHop does not allow retaliation for reports of misconduct by others made in good faith. Supplier shall have policies and procedures in place to support Supplier Personnel raising genuine concerns about legal or ethical issues. Whistleblowers shall be provided with all requisite support, including anonymity if requested and shall not be subject to harassment or retribution.
Nothing in this Code grants or is intended to grant any additional rights or remedies to any Supplier or in any way limits any of ExtraHop’s contractual or legal rights or remedies. ExtraHop may modify this Code at any time in its sole discretion consistent with applicable law and effective upon posting.
Last updated March, 2023.