Code of Conduct

saf.ai's Commitment to Our Employees, Consumers & Business Partners

A message from leadership

Hi Friends,

Reflecting on the journey that we are starting, there will be many achievements and milestones along our way. We may be able to recall and recount them in the future, however we won't be able to pin down the date we earn the trust of our consumers and those that we do business with, because it doesn't happen in a day.

It happens over the course of years, and will grow as users derive more and more value from our products.

Being in cybersecurity, trust is our core asset. And it's one of the most fragile. One incident, one news story, one careless comment, and the trust we work so hard to earn can be lost. That's why the way we conduct our business is as important as the products we sell. Our Code of Conduct provides us with the resources and the information we need to operate our business responsibly, to make ethical decisions ... to maintain trust.

I encourage you to read our Code and use it to guide your actions.

Strive to do good in all that you do and remain true to the vision we are building together. Speak up if you have a concern or see something wrong, and seek guidance anytime you are unsure about the right thing to do.

We are proud of all that we have accomplished together and humbled to lead this great company. We know that, together, we'll continue to make a positive difference.

Ahmed Masud

President,

Begin Here

Our Code reflects who we are and what's important to us.

It provides an overview of the laws, regulations and company policies that apply to us and the work we do, but it does more than that. It builds upon our shared values. That's why we count on every employee and Board member to follow our Code and make decisions that will preserve the trust that others have placed in us. We expect nothing less from our business partners, including our consultants, distributors, technology partners and suppliers, as well as our subsidiaries and joint venture partners.

We understand the responsibility we have to communicate with them about our high standards of integrity and cannot ask them to violate any of our values and operating principles. Our Code is a great resource, but it doesn't cover every situation you may face on the job, so it's important to use good judgment in everything you do and to ask for help if you're ever unsure about the right course of action.

KNOW YOUR RESPONSIBILITIES

Our good name is in your hands.

No matter what position you're in, what your job function is, or or where you do it, you are sāf.ai.

Think about that as you watch over every business relationship, every transaction and every product, and make sure your actions always reflect our values.

Follow our Code and policies as well as the laws and regulations of the country (or countries) where you work, and protect what we've built. And, complete your assigned training---it's the best way to stay up-to-date on what's expected of you.

If you see or suspect anything illegal or unethical, it may seem easier to look the other way or let someone else take the lead, but misconduct affects all of us. No concern is too minor to report. Share your concerns promptly and cooperate fully and honestly in any internal investigation. Be aware that anyone who violates our Code may face corrective action, up to and including termination of employment with sāf.ai.

If you manage people, you have an even greater responsibility. Lead by example, making sure your team members know the Code is a resource for them and that there is no difference between what you do and what you expect from others. Create the kind of workplace where employees feel comfortable coming forward with questions and concerns, and support them when they raise issues. Never retaliate against employees for sharing concerns in good faith, and prevent retaliation by others.

SPEAK UP WITHOUT FEAR

What if?

I suspect---but am not certain---that someone is violating our Code, should I keep my concerns to myself?

No. If you suspect a violation, say something. It's better to raise a potential problem than to wait and risk harm to others or to the company. Reporting "in good faith" means you are coming forward honestly with information that you believe to be true, even if, after investigation, it turns out that you were mistaken.

Culturally, it's not common to report a concern about someone that is in a leadership position. What should I do?

It's important to say something about your concerns. saf.ai respects its diverse workforce, considers various cultural norms when looking into concerns and takes all appropriate actions to protect the identity of the person who is sharing the information, as well as the information that's being shared.

We don't tolerate retaliation.

As a company we know it takes courage to come forward and share your concerns. We won't retaliate or permit retaliation against anyone who raises questions or concerns about corporate activities. We won't retaliate or permit retaliation against anyone who makes a good faith report about possible misconduct or legal violations to us or a government authority or assists in an investigation of misconduct or legal violation.

Regardless of who you contact, you can be confident that you're doing the right thing and that your concern will be handled promptly and appropriately. We investigate reports of misconduct thoroughly, disclosing information only to those who need it to resolve the issue.

KNOW WHERE TO GO FOR HELP

There are people ready to support you.

Have a question, problem or a concern? In most cases, your manager should be your first point of contact. They are likely in the best position to understand your concern and take the appropriate action. If you're uncomfortable speaking with your manager, or if you have already shared a concern and feel it's not being addressed appropriately, reach out to HR or another member of management or one of the following:

The CEO of the company.
One of the members of the saf.ai Board of Directors.

Nothing in the Code prohibits you from communicating with government agencies about possible violations of federal, state, or local laws or otherwise providing information to government agencies, filing a complaint with government agencies, or participating in government agency investigations or proceedings, and the Code does not require you to notify the Company of any such communications.

RESPECT OTHERS

We'll only be successful because of our amazing people.

We're one team, but we represent many ideas, experiences and backgrounds. We value each other's contributions and believe that everyone should have an equal chance to succeed---this is essential to advancing our goals and initiatives. Do your part to keep the saf.ai workplace a diverse, inclusive and respectful by driving a positive environment, and recognize the many strengths and talents our diverse colleagues bring to the workplace.

PROMOTE A SAFE SĀF.AI

We value the safety and security of every employee. We look out for each other. We follow our safety procedures and promote a culture of safety, because our people are our greatest asset.

Every employee is empowered to take immediate action for people safety regardless of role, title or responsibility. If you see a situation that could put others at risk, take action, and at all times and in all places, work to keep yourself and your coworkers injury-free.

Observe a zero-tolerance policy when it comes to acts or threats of violence. Be alert to what is going on around you, observe good security practices and speak up about any threats of potential violence.

Having, using or distributing alcohol or illegal drugs is also prohibited by our policies because substance abuse can impair your judgment, your performance and the safety of those who work with you. There may be instances where drinking alcoholic beverages while conducting company business is permitted, but make sure you comply with all laws and company policies and principles, and always exercise both moderation and good judgment.

UPHOLD HUMAN RIGHTS

What can you do?

Follow the employment laws where you work, be alert to abuses and speak up if you see or suspect possible labor law or human rights violations.

We are committed to fair employment practices everywhere we operate.

As a company, we respect the rights of every individual and abide by the employment laws in the markets where we operate. We support the principles established under the United Nations Universal Declaration of Human Rights and do not knowingly conduct business with any individual or company that participates in the exploitation of children (including child labor), physical punishment, forced or prison labor or human trafficking.

We expect our suppliers and partners to share our commitment to the same high standards.

See our statement on sāf.ai Statement Against Modern Slavery and Child Labor

KEEP PRIVATE INFORMATION PRIVATE

Good Practices.

It is important to practice good cyber-hygiene.

Know what kind of information is considered personal.
Follow the privacy laws and regulation of the country or countries where you work.

For details see our Cyber Security Policy

People trust us to protect their personal information.

We respect the privacy of our consumers, our customers, our coworkers and others with whom we conduct business, and we handle their personal information with care. "Personal information" is any information that could be used to identify someone, either directly or indirectly, such as a name, employee ID, email address or phone number. There are data privacy laws that prescribe how to responsibly collect, store, use, share, transfer and dispose of personal information, and we strive to comply with those laws everywhere we operate.

Follow our policies and protect any personal information that is entrusted to you. Use it only in the way it's meant to be used and don't share it with anyone inside or outside of the company in an unauthorized manner.

Practice good cybersecurity, too. Make sure you follow the processes and practices we have in place to protect our networks, computers, programs and data from attack, damage or unauthorized access.

Partners and suppliers may also be required to abide by the terms of Cyber Security Requirements for Partner Program as part of our partner program agreement(s).

NEVER BRIBE

What if?

A government official asked if I can help their daughter get an internship at our company. They say that they can make it worth my while.

Don't do it. "Worth your while" suggests that the government official may be planning to do something improper in exchange for the favor. You can provide the government employee information about an internship and allow his daughter to apply as all other candidates do. Doing anything more than that could be viewed as a bribe.

We compete for business based on the merit of our products.

That was the principle on which our very first sale was made, and it's the way we continue to do business today. Work honestly and with integrity. Don't offer bribes, accept bribes or let others bribe for you. And do everything you can to prevent bribery by others who conduct business on our behalf---as a company, we're not only responsible for your actions, but also the actions of any third-party who represents us.

Remember, a bribe can be something other than cash. A gift, a favor, even an offer of a loan or a job could be considered a bribe if it's offered in exchange for a decision. Before offering anything of value, check our policies and ask questions about what's okay, and what's not. The laws in some countries impose bigger penalties for bribing government officials, but for us, it's simple: bribery---of anyone, at any organization, at any level---is always wrong.

KNOW THE RULES ABOUT GIFTS AND ENTERTAINMENT

We don't give or receive anything that is inappropriate.

An occasional gift or offer of entertainment is often viewed as a normal part of doing business. But sometimes even a well-intentioned gift or offer can cross the line. And any gift that creates a sense of obligation or compromises your professional judgment is always inappropriate. That's why we have guidelines in place---to identify the circumstances under which an offer is okay---and when it's not.

Make sure you follow the rules, and be aware of any special restrictions. For example, giving anything of value to a government official can be problematic. Always ask for help from the Law Department if the right thing to do is unclear.

FOLLOW IMPORT, EXPORT AND TRADE COMPLIANCE RULES

We comply with the laws that govern global trade of our products.

As a United States-based company conducting business around the world, it's critical that we know and follow the international trade laws that regulate the import and export of our products.

If you are involved in the movement of products, services, information or technology across international borders, make sure you know and comply with the requirements associated with the countries in which you do business.

Be aware that the laws of more than one country may apply.

We must carefully evaluate business opportunities within countries that are subject to U.S. trade embargoes or economic sanctions and strive to ensure that the strict regulations governing these markets are evaluated. And we don't participate in or promote boycotts that the United States does not support.

PROTECT OUR ASSETS

We're good stewards of our physical, electronic and information assets.

Our assets include everything that our company owns or uses to conduct business. Each of us is entrusted with the care of these assets, so be proactive in safeguarding them from loss, damage, theft, waste and improper use.

Physical and electronic assets such as equipment, tools, inventory, computer hardware and software are provided in order for you to do your job.

Occasional personal use of assets such as phones, computers, email and the Internet is permitted, but make sure your use doesn't interfere with work (yours or anyone else's) and doesn't violate our policies or the law.

Be aware that anything you write, send, download or store on our systems is company property, and we may monitor your use---you shouldn't have any expectation of personal privacy when using our systems.

Information is also a critical asset. Confidential information and intellectual property represent the outcome of significant company investment and years of hard work. Trade secrets, patents, copyrights, trademarks, business plans, engineering ideas, databases, customer lists---when you help protect these assets, you help protect our competitive advantage.

sāf.ai Future

We are creating our future. As a young company it is up to us to decide what that will mean for us in the next decade and for our successors. At the end of the day it's up to us to hold firm to our principles and to hold each other accountable to the highest standards of integrity.

If you have any questions about this Code, please contact Ahmed Masud (President).

Bibliography and References

[1] Hershey Corporation, "Code of Conduct", 2018. [Online].

[2] Microsoft Corporation GitHub Code of Conduct.

[3] US Department of Defense Code of Conduct

sāf.ai Resiliate 2.0 Administrator's Guide