Suppliers Code of Conduct

CMPG34

1. Introduction

» Printec & its subsidiaries operate in alignment to the official Printec Code of Business Conduct & Ethics.

» The Code embraces the company’s Core Values, communicates the importance of Ethical Conduct, calls for Social & Environmental Responsibility practices, compliance with Existing Laws and prioritizes Human Rights protection, when conducting everyday business activities along with stakeholders.

» Accordingly, the 'Printec Suppliers Code of Conduct' is purposed to highlight the standards that are expected to be met by all potential Suppliers, which may establish operations with Printec, at all times. The Code shall apply to any contract entered between Printec and its “suppliers”. We expect our Suppliers to aspire to these same standards in their business operations and to have their own policies and processes in place, addressing the matters detailed herein.

» The Code does not replace the local laws and regulations in force in any country where Printec operates.

- Supplier(s) / Vendor(s): As such, is defined any legal entity or physical person / individual that delivers a product or service, outsources or undertakes any type of activities on behalf of Printec, directly or indirectly.

- Contractor(s): As such, is defined any physical or legal entity that provides services for a Supplier, whether under a contract of employment or any other partnership status, where part of the Supplier’s tasks, procedures or activities, is outsourced - transferred to them. This includes Co-sourcers, Outsourced Software Developers and everyone that undertakes any Printec work or services on behalf of the Supplier, irrelevant of that partnership’s level & status.

- 3rd Party: As such, is defined any intermediary entity that conducts business on behalf of the main business entities (i.e. between Printec and a Vendor).

2. Compliance with labor laws

All Suppliers and Contractors shall comply with national laws applicable to their businesses & activities. Suppliers should support the principles of the United Nations Global Compact, the United Nations Human Rights Declaration the International Labour Organization (ILO) standards, as well as related best practices.

CHILD LABOR: Suppliers are strictly prohibited from using workers under the legal employment age in any country where they conduct operations, under any agreement, contract or partnership with Printec. If the minimum age of employment is not defined, the minimum age of employment shall be 18 years of age. On exceptions where minors are authorized to work, we demand our Suppliers to abide by all legal requirements, particularly those related to hours of work, wages, education and working conditions.

FORCED LABOR: Suppliers shall not enable any form of forced, bonded or compulsory labor, or other forms of slavery or human trafficking and shall commit to take all measures to ensure that no such forms of labor are allowed, especially against slavery or human trafficking across its business or its supply chains.

COMPENSATION AND WORKING HOURS: Suppliers shall comply with the respective national laws and regulations regarding working hours, wages and benefits, ensuring that work weeks do not exceed the legal overtime thresholds.

PROHIBITION AGAINST DISCRIMINATION & HARASSMENT: Suppliers must not engage in, be involved or support any form of unlawful discrimination or harassment act over hiring processes, employment terms, remuneration, access to training, promotion, termination, retirement procedures or decisions that are based on: Race, color, age, veteranstatus, gender identification, sexual orientation,pregnancy, ethnicity, disability, religion, political affiliation, trade union membership, nationality, indigenous status, medical condition, social origin, social or marital status. Printec does not tolerate unlawful discrimination or harassment in the workplace.

In addition, Suppliers must promptly report any offending behavior, whether such behavior is directed to their employees or to employees of Printec. Such behaviors include unwelcome sexual advances, requests or acts of sexual intention, visual, verbal or physical abuse, intimidating, hostile, or offensive actions, manipulative behaviors and harsh working conditions. (i) Any type of tolerance for such acts will affect current or future partnerships and (ii) Printec may, in its sole and absolute discretion, remove from the premises any Supplier who engages in offending conduct.

If the Supplier and its employees, encounter or evidence any of the above bribe discrimination & harassment acts during their collaboration with Printec employees (whether on-premise or off-site), it is strongly encouraged to submit an anonymous (or disclosed) report or tip-off via Printec’s available Compliance & Ethics intake channels:

• The Electronic SpeakUpTM Form

• The designated e-mail address: Ethics@printecgroup.com

FREEDOM OF ASSOCIATION: Suppliers & their representatives shall be free to join organizations of their own choice. Suppliers shall respect and recognize the right of employees to join and organize associations of their own choosing and the right to collective bargaining. Employees shall not be subject to intimidation or harassment in the exercise of their right to join or to refrain from joining any organization.

3. Information Security, Data Privacy, Business Continuity & Confidentiality

Printec is committed to protecting all sensitive information (incl. confidential, proprietary and personal information) of its customers, employees and partners. To that extent, it anticipates the same commitment and due diligence by its Suppliers as well. At a minimum, it is required by Suppliers, Vendors, Contractors & Subcontractors, to apply (where applicable), the following:

(i) Be compliant with all active privacy and data protection laws and regulations in the respective countries of operation, as well as securing any Printec confidential data and individual personal data, by prohibiting its unauthorized access or use. Such information should not be used for any purpose beyond the scope of existing business arrangements with Printec, without prior authorization.

(ii) Safeguard our customers’ and suppliers’ data and networks.Adequate Information SecurityManagement Systems must be established, in accordance with the requirements of internationally recognized standards, such as ISO 27001. In addition, it is anticipated that Suppliers shall orderly monitor the effective application of any security controls, aiming at preventing, detecting and timely responding to any type of security incident.

(iii) Implement a process to identify and manage emerging and evolving cyber security risks and to regularly review such risks for developing strategies to detect, prevent and respond to them. Suppliers must focus on minimizing the risks of incidents that affect the products and services provided to Printec.

(iv) Define a consistent incident management framework, focusing on risk mitigation and customer security. Suppliers must immediately notify Printec when incidents that involve our customers’ or employees’ data, occur.

(v) Conduct Information Security related internal awareness & training sessions for staff.

(vi) Ensure there are a proper Business Continuity Plan and Actual Recovery Actions in place, for all provisioned services that are related to Printec & its affiliates’ operations, as per the existing in-between Service Level & Contractual Agreements.

Printec‘s internal and proprietary information such as strategic actions, business activities, financial data, organizational structure, obtained technology, partnerships & customers (including personal & business identifiable data: names, locations, contract services or products, controlled unclassified information) and performance metrics, shall be protected from unauthorized disclosure by applying NonDisclosure-Agreements (NDAs) & Confidentiality Clauses, at any level of potential or existing partnership of Printec to any Supplier / Vendor/ 3rd Party.

4. Health & Safety

Printec anticipates its Suppliers to strive to preserve occupational health and safety standards at the highest level. Suppliers shall comply with applicable occupational health and safety regulations and provide a work environment that is secure and health-promoting for their employees & contractors. This includes safe workplace conditions, prevention of potential accidents, assessment of on-the-job risks such as injuries, facilities’ safety measures and work-related illnesses.

Violent or hostile workplace practices will not be tolerated at & by Printec. Any Supplier or Contractor engaging in such conduct, will be removed from the premises and not allowed to re-enter a Printec facility. Printec maintains the right and obligation to report such related incidents to the Police or any other Authority.

Additionally, Printec maintains a drug and alcohol-free work environment. No Supplier or Contractor is permitted to possess, consume, sell, or be under the influence of alcohol and illegal drugs while physically present in any Printec facility or at Printec customers’ premises.

5. Corporate Network & Systems

Printec’s systems, equipment and data access is restricted to only those authorized by Printec, that are necessary to perform agreedupon services. Any Supplier or Contractor that is authorized to access any of the abovementioned, shall comply with Printec’s Access Control & Third-Party Security Management Policies, which shall be communicated to the involved partners, where applicable. Any unauthorized Supplier or Contractor attempt to access Printec data, consists of a violation of Printec’s Information Security Policy. Upon identification of such attempts, Printec will take immediate action, which may include (a) removing the Supplier / Contractor from Printec premises; (b) immediate termination of involvedindividuals’ access and(c) effective terminationof Supplier’s existing contract /agreement with Printec. Access codes and passwords may not be shared or communicated to anyone other than the individual(s) to whom access is

Suppliers Code of Conduct

assigned. Sharing of credentials can be a cause for termination of access of Supplier / Contractor and any in between contract(s) with Printec. All external parties that are not located physically within a Printec site, must have a Printec-approved security plan in place, prior the remote connection’s establishment.

All Printec-owned hardware and / or Supplier-provided hardware used by Supplier to access Printec systems (including via remote access) shall be subject to systems vulnerability testing measures as conducted by Printec’s information security teams and, if necessary, Printec can request additional measures or configuration changes, to ensure that these devices meet Printec’s security requirements. The foregoing requirements shall not limit in any way, any warranties or additional prerequisites regarding IT, data security and confidentiality that are to be included in any agreement between Supplier and Printec.

6. Ethical Standards

Printec seeks to identify Suppliers that conduct business with the same ethical standards it supports & relies on. Suppliers & Contractors should meet the following ethical standards and guidelines:

• Comply with all relevant laws

• Treat everyone fairly, respectfully and with dignity

• Conduct all financial transactions accurately

• Report / communicate financial conditions and results of operations, honestly

• Deal with clients, customers, suppliers, and financial partners on fair terms

• Tackle and mitigate actual and potential conflicts of interest

• Do not offer or accept partnership related gifts of excessive value, inside or out of the workplace

• Protect & safeguard Printec's assets (under their use) & reputation

• Isolate personal political activities from all Printec's business

• Report evidenced or encountered violations of legal and ethical standards

7. Copyright & Intellectual Property Compliance

Suppliers shall not create unauthorized copies of software, documents, or other copyrighted materials during their contractual agreement duration with Printec. Appropriate licenses shall be acquired in all cases unless Printec is exempt.

When licensed software is acquired, evidence of the purchase must be maintained in the form of invoices, user manuals and / or license copies. Suppliers who intend to use copyrighted work, must obtain appropriate formal permission. Without written permission, Suppliers expose themselves and the Company to legal risks.

Suppliers shall safeguard and make only appropriate & authorized use of confidential corporate information, ensuring that privacy & valid intellectual property rights are protected.

8. Anti-bribery, Conflicts of Interest & Insider Trading

Suppliers shall never proceed with any kind of bribery acts before or during partnership with Printec. Suppliers must demonstrate a solid Anti-bribery policy, via which they must address a clear statement against all financial & non-financial bribes, over which its employees & partners are always aware of.

Printec employees will not accept gifts, gratuities or excessive entertainment (i.e., beyond nominal, conventional business courtesies, such as an occasional partnership meal) from any individual or organization with which Printec has business dealings and Suppliers shall refrain from giving any gifts, payments or projecting gestures that would, or could be perceived as an influential attempt on decision making, that could lead to violation of this Code.

Additionally, neither Printec, nor its Suppliers shall reimburse anyone for personal political contributions. Printec strictly prohibits contributions to political candidates or officeholders and expects the same approach from its Suppliers & Contractors. Suppliers must disclose to Printec all potential conflicts of interest, including those in which the first ones may have been placed inadvertently due to either business or personal relationships with customers, other suppliers, business associates, or competitors of Printec, or with other Printec employees.