Whistleblower Policy

May 2022

Introduction

Siteimprove A/S and any entity that is directly or indirectly controlled by Siteimprove A/S (collectively referred to as “Siteimprove”) requires its employees and representatives to observe the highest standard of business and personal ethics in the conduct of their duties and responsibilities.

Scope

This whistleblower policy (the “Policy”) is intended to (i) encourage and enable all our employees, customers, partners, suppliers, and/or any other third parties who have acquired information in a work-related context (an “Associate”) to make good faith reports pertaining to serious violations such as suspected fraud, unethical business practices, bribery, corruption, or other improper or unlawful activity, or serious health and safety concerns within Siteimprove and (ii) to describe the process that will be followed by Siteimprove in evaluating and investigating such reports. This Policy is owned by the General Counsel and the Head of Global HR who will also be the primary recipients of any reports.

Reporting

Any Associate that has concerns or reason to believe that an employee or board member of Siteimprove has been in violation of the above should report the violation through Siteimprove’s online whistleblower portal by filing a report below.

The report should explain and describe the violation in as much detail as possible. The more information provided, the better the efficiency of the investigation.

If you are external to the organization, you may also send an e-mail directly to whistleblower@siteimprove.com. In order to protect your identity, the e-mail address will be automatically anonymized.

Investigation

Every report of a possible violation will be investigated promptly and impartially, with every effort to maintain the confidentiality of the Associate and the reported individual(s). The Associate making the report and individual(s) reported will be informed of the results of the investigation no later than three (3) months after the report has been received.

Individual(s) reported

Siteimprove will ensure that any person reported under this Policy fully enjoys the right to a fair investigation and the presumption of innocence, and the right to be informed about the investigation and access to their file. This means that any person reported will receive:

• A notice that a report about them has been submitted
• Information about who will investigate their file and the purpose
• Information about the treatment of the file and their right to access it
• Information that the file may be submitted to the police or other public authorities

However, if the General Counsel estimates that informing the reported individual(s) at an early stage could put the investigation or the Associate at risk, sharing of the above information might need to be deferred. Deferral of information will be decided on a case-by-case basis and the reasons for any restriction will be documented.

Findings

If Siteimprove finds that a violation has taken place, it will take appropriate corrective and remedial action, up to termination and reporting the violation to a competent legal authority.

Anonymity

Siteimprove will treat your reporting confidentially and protect your identity internally, if it is known to us. Only if a police investigation or other external investigations are needed Siteimprove might be required to reveal an Associates personal information. However, if an Associate wants to ensure their anonymity, they must avoid the following:

• Avoid writing their own personal details in the report
• Avoid reporting from a PC provided by Siteimprove
• Avoid using a PC that is connected to Siteimprove’s network/intranet
• Avoid writing directly to whistleblower@siteimprove.com from an internal Siteimprove e-mail

No retaliation

Siteimprove prohibits retaliation against, harassment of, or other adverse action against an Associate (including colleagues or any other third party who assist the Associate with the reporting) because they reported a suspected violation or assisted in an investigation. Any instances of retaliation should be reported as a violation as defined in this Policy. Examples of prohibited retaliation include:

1. Suspension, lay-off, dismissal, or equivalent measures
2. Coercion, intimidation, or discrimination
3. Negative performance assessment or employment reference
4. Early termination or cancellation of contracts for goods or services

It is important to avoid innocent persons being suspected of a violation, so before initiating a report an Associate should consider very carefully whether the practices they intend to report fall within the scope of this Policy and if they have reasonable grounds to believe so. Associate’s whose report is not based on reasonable grounds will not enjoy the protection as defined in this Policy.

Personal Data Processing

Siteimprove will process Personal Data of the Associate, the reported person(s) and any other third parties involved for the purposes provided in this Policy and in accordance with Siteimprove's Privacy Policy and specifically its section 4.6.