3.1 Business integrity

Nedap is committed to upholding a culture of ethical behavior and integrity, where we respect laws and regulations. We are committed to honesty and respect for each other, our customers, partners, suppliers and all other stakeholders. This requires all our employees to take ownership, act transparently and professionally and speak up in a joint effort to safeguard the integrity of Nedap.

The Board of Directors emphasizes the importance of a culture and business conduct that is aligned with the standards and values of Nedap as described in the code of conduct and related policies. The Supervisory Board ensures that the organization upholds these standards and values.

Code of conduct

Our code of conduct sets out the standards, values and behaviors that Nedap expects its employees and everyone working with Nedap to live by. These include avoiding conflicts of interest, not accepting practices such as bribery, corruption and fraud, respecting human rights, complying with laws, not engaging in insider trading and treating confidential and price-sensitive information with due care. Furthermore, Nedap's code of conduct emphasizes respect, treating people equally, working responsibly and committing to the health and well-being of people, the environment and society. Please refer to our website for the full code of conduct.

To strengthen and embed governance throughout the Nedap organization worldwide, employees complete an e-learning course. Additionally, we conduct periodic governance visits to Nedap's subsidiaries. The purpose is to align Nedap's global governance topics with the local situation, as well as to share experiences, learn from each other and ensure that available knowledge is utilized to its full potential. 

Anti-bribery and anti-corruption

Doing business all over the world exposes Nedap to potential bribery and corruption risks, which can lead to reputational damage and substantial penalties. 

The Nedap anti-bribery and corruption policy sets out the guiding principles and rules of behavior in this field. Additional actions and mitigation measures are as follows:

• We routinely provide anti-bribery and anti-corruption training for relevant groups of employees. 

• We have implemented a Speak up! policy and procedure to report suspected irregularities.  

• We maintain a strong, informal system of checks and balances, which helps mitigate fraud and corruption risks.  

• We have due diligence and supplier screening procedures in place.  

• We address and discuss anti-bribery and anti-corruption during periodic compliance meetings, as these are themes within the Nedap Compliance Framework. 

Furthermore, we regularly assess risks in the markets and countries where we do business. We are cautious with respect to high-risk countries, providing additional guidance for conducting business in these countries, including on sanctions and export controls. We are committed to improving awareness measures against corruption, bribery and fraud.

Nedap compliance training

To ensure that all our employees understand what the code of conduct means for their daily work and know how to apply it, they are required to undergo training. We have an e-learning portal that facilitates employee training. The code of conduct e-learning course is mandatory for all Nedap employees. In 2024, to reinforce the embedding of our code of conduct in our organization, we further emphasized the importance of our code of conduct. Also, the e-learning was updated and offered again to all employees worldwide at the end of 2024. Over 96% completed the e-learning.

In addition to the virtual training, new employees are expected to participate in in-person courses on personal data protection and information security. Extra training sessions on business integrity subjects are provided and adapted to the needs of the business and the applicable circumstances.

Speak up!

The principles contained in our code of conduct and our business integrity standards must be applied correctly. Employees, suppliers, customers and other stakeholders must understand our values and the expectations regarding behavior and business integrity. We therefore strive to create a safe working environment that encourages an open dialogue within the entire organization and with third parties. All stakeholders contribute to upholding our business integrity standards by monitoring compliance with the code of conduct and discussing and reporting any inappropriate behavior or undesirable situation.

Nedap's culture is based on transparency and personal responsibility. We encourage our employees to speak up whenever they observe or suspect a violation, and we have incident reporting procedures in place to help them do so. In our culture, we encourage addressing each other directly to prevent or swiftly address potential challenges. This approach has been instrumental in effectively mitigating and resolving issues.

If confrontation is awkward or not possible for any reason, the employee can turn to a trusted colleague, their captain, a member of the Board of Directors, one of the three confidential counsellors for undesirable behavior (CCUs) or one of the two confidential counsellors for integrity (CCIs) appointed by Nedap. This may occur in situations where, for example, employees are confronted with undesirable behavior such as discrimination, sexual harassment, bullying, aggression or violence. Confidential counselors provide employees with advice and may refer them to external professionals. The counselors also meet on a regular basis to evaluate, reflect and share knowledge. All five confidential counsellors have undergone appropriate training to fulfill their role.

Additionally, Nedap has a whistleblower policy that facilitates the reporting of suspicions of wrongdoing or irregularities. When a situation cannot be resolved through the informal procedure, employees and external parties can report suspected wrongdoings or irregularities through two formal channels: the compliance officer or the IntegrityLog reporting system. If desired, reports can also be made anonymously using the system. The IntegrityLog reporting system can be used to report wrongdoings or irregularities as set out in the Whistleblowers' Protection Act, but also for any misconduct and suspicions of bribery, corruption or fraud. 

Relevant Speak up! notifications will be investigated and promptly followed up on. Where appropriate, necessary action will be taken. Relevant cases will be reported to the Board of Directors, and any material violations will be immediately reported to the chair of the Supervisory Board. 

To further encourage our employees to express any concerns they may have regarding possible violations of our code of conduct or the law, we discuss Speak up! in our governance visits and training.  

In the year under review, no material violations of the code of conduct were reported through the formal channels. The informal procedure was utilized to address individual concerns, leading to appropriate solutions.

Health & safety

In creating Technology for life, we put people first. Nedap aims to provide an optimal working environment that enables all employees to find enjoyment in their work, pursue opportunities for growth and work safely and comfortably. Our human resources policy and health and safety policy provide guidance in this matter. 

We take into account physical well-being, mental well-being and positive psychosocial conditions. We aim to ensure that people are treated equally and feel included and empowered to speak to each other instead of about each other. We work responsibly with a focus on preventing incidents that could cause harm to our employees, contractors and the environment.  

Our health and safety policy emphasizes that Nedap and its employees are collectively responsible for well-being, safety and welfare. The policy aligns with and complements all obligations arising from relevant laws and regulations.

The Board of Directors is responsible for the health and safety of employees. It is supported by internal health and safety officers, a company emergency response team, confidential counselors, the Human Resources department and other competent employees where needed. For subsidiary companies, local laws and regulations apply.

Specific safety policies are in place at our Smart production facilities, which comply with ISO 9001 and ISO 14001 standards. Additionally, emergency response courses are held several times a year and are attended by employees across all company units. 

Supply chain management

In our efforts to continuously improve or maintain integrity and sustainability throughout the entire value chain, we seek to collaborate with suppliers whose values align with the fundamental principles outlined in our code of conduct.

When selecting our suppliers, we place a strong emphasis on sustainability criteria, including criteria in relation to product quality, adherence to health and safety standards and environmental performance. We also conduct audits of our key suppliers to ensure their continued compliance with these standards and information security demands. The electronic manufacturing services parties are all at least ISO 9001 and ISO 14001 certified and audited accordingly.

Product safety and quality

Nedap is committed to delivering high-quality products and services, with a strong focus on continuous improvement. We prioritize safety and quality throughout our product design, development and manufacturing processes.

Our production facilities adhere to robust quality management systems in compliance with ISO 9001 and ISO 14001 standards. We also proactively manage risks associated with chemicals and hazardous substances, ensuring compliance with the Registration, Evaluation, Authorization and Restriction of Chemicals (REACH) regulation, Restriction of Hazardous Substances (RoHS) standards and their international equivalents. 

Nedap is dedicated to responsible material sourcing, aiming to ensure products are free from conflict minerals (3TG materials) such as tin, tantalum, tungsten and gold from conflict-prone or high-risk areas. We identify products and services that may contain these minerals. We expect our suppliers working with 3TG materials to comply with the relevant regulations for responsible mineral sourcing.

We support our clients by equipping our products with the appropriate certifications with respect to electromagnetic compatibility (EMC) and radio and electrical safety as required for unrestricted sales. We are also attentive to substances of concern and future requirements related to packaging, cyber resilience and batteries.

Human rights and other fundamental rights

We are committed to preventing human rights violations and conduct our business operations with a strong emphasis on fairness, honesty and integrity, as outlined in our code of conduct. We expect the same from everyone we work with. 

Nedap's dedication to upholding human rights, as defined by the United Nations in its Universal Declaration of Human Rights, is formalized through our human rights policy. We support the principles outlined in the Organization for Economic Cooperation and Development (OECD) Guidelines for Multinational Enterprises, as well as those in the International Labor Organization (ILO) Declaration on Fundamental Principles and Rights at Work. 

In our pursuit of building enduring, sustainable relationships with our employees, we aim to provide fair wages and benefits. The right to freedom of association and collective bargaining is a fundamental and non-negotiable principle that we fully respect. The principle of free choice of employment is upheld for every employee across all the countries in which we operate. 

In 2024, we received no reports or evidence of human rights violations or abuses. Human rights also form part of the supplier assessments and audit procedures.

Taxation

Nedap considers a responsible and conservative tax policy an integral part of its sustainability and business strategy. We regard paying taxes as making an important contribution to society and part of the process of creating sustainable long-term value for all stakeholders. Our tax policy is founded on the principle of paying taxes locally in accordance with the economic value generated by our activities. 

Our policy is captured in the following specific principles:

• Nedap's primary financial target is to create sustainable long-term value for all stakeholders.

• The design of the Nedap organization is based on operational considerations, not on taxation. 

• Nedap pays taxes in line with the economic value created by its activities. 

• Nedap complies with relevant tax legislation and regulations and respects the spirit of the law. 

• Nedap maintains timely and comprehensive communications with tax authorities. 

Tax compliance is integrated into both the Nedap Risk Management Framework and the sustainable value creation model. 

The tax policy and ensuing principles have been approved by both the Board of Directors and the Supervisory Board. The Board of Directors ensures that Nedap's tax policy is aligned with and integrated into Nedap's strategy. Potential material tax risks are discussed with the Supervisory Board at least once a year. The tax policy is also a recurring topic during discussions with both internal and external stakeholders. We raise awareness about tax topics internally by organizing training sessions, workshops and regular meetings for all controllers, where the focus is specifically on tax, finance and legal risks. 

Information security and personal data protection

We have implemented robust technical and organizational safeguards to mitigate the risk of accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to data. This includes both personal and other information related to Nedap, its customers and their end-users. In recent years, we have further strengthened our policies, procedures and contractual agreements to enhance the protection of (personal) data. Our onboarding program for new employees gives due attention to the importance of privacy and information security.

Our commitment to strengthening internal control measures for our IT infrastructure and systems remains unwavering, with a primary objective of safeguarding personal data, intellectual property and other sensitive information.

We maintain control measures to safeguard Nedap's security baseline, along with additional measures tailored to certain specific domains, supply chains or jurisdictions. These controls focus on critical areas such as security and privacy awareness, secure software development practices, user access management, email and endpoint protection, as well as incident prevention and management. Recently, we further strengthened these controls by implementing advanced endpoint protection, enhanced threat detection, automated investigation and remediation, and vulnerability management to enable faster and more effective responses.

Within the Healthcare and Security business units, we hold ISO 27001 certification. Additionally, Healthcare holds certifications such as ISAE 3402 Type II, NEN 7510, ISO 27701 and ISO 27018. Healthcare also obtained the ISO 9001 certification in 2024. The business unit Livestock obtained the ISO 27001 certification in the first half of 2024. The business unit Retail holds ISAE 3402/SOC 1 Type I and SOC 2 Type I assurance reports and is actively pursuing type II reports for both. This process is expected to be completed in the first half of 2025.