Stray Partners AS Code of Conduct

1. Purpose and Scope

This Code of Conduct defines the ethical standards and behavioral expectations for everyone representing Stray Partners AS, including employees, management, board members, subcontractors, and business partners. It is intended to promote a culture of integrity, trust, and responsibility in all our professional activities.

Our Code applies globally and supports compliance with relevant legal, regulatory, and contractual obligations, including but not limited to ISO 27001, NIS2, GDPR, HIPAA, and any applicable global data protection or privacy laws.

2. Our Core Values

  • Integrity: We do what is right, even when no one is watching.

  • Respect: We treat everyone with dignity and professionalism.

  • Excellence: We deliver high-quality services and continually strive to improve.

  • Accountability: We take responsibility for our actions and decisions.

  • Confidentiality: We protect data and respect privacy at all times.

  • Well-being: We promote health, safety, and inclusion across our work environments.

  • Objectivity: We assess situations based on evidence, facts, and fair judgement.

  • Neutrality: We remain impartial and do not allow outside influence to affect our actions.

  • Independence: We act freely from external pressures or conflicts of interest.

  • By upholding these values, we serve our clients, partners, and society with clarity and conscience—doing what is correct and right, without secondary interests.

3. Legal and Regulatory Compliance

All personnel must comply with applicable laws and regulations in every country where Stray Partners operates. We uphold:

  • ISO 27001 standards for information security

  • NIS2 Directive and GDPR for privacy and data protection

  • HIPAA for applicable health data contexts

  • National and regional data protection regulations

We maintain robust internal policies and controls to ensure compliance, and we expect our subcontractors and partners to do the same.

4. Data Protection and Information Security

We handle all data, whether personal, organizational, or operational, with the highest standard of care. This includes:

  • Complying with all global privacy regulations

  • Enforcing access controls and secure data storage

  • Ensuring only authorized personnel access sensitive information

  • Prohibiting any unauthorized disclosure, use, or transfer of data

Any data breaches or suspected incidents must be reported immediately.

5. Ethical Business Conduct

Stray Partners conducts all business fairly, transparently, and responsibly. We strictly prohibit:

  • Bribery, corruption, or facilitation payments

  • Insider trading or misuse of confidential information

  • Unfair competition or conflicts of interest

Gifts and entertainment must be modest, occasional, and never intended to influence a business decision.

6. Respectful Workplace

We foster a professional environment free from harassment, discrimination, and intimidation. Everyone has the right to work in a safe, respectful, and inclusive environment. Bullying, offensive language, or any form of discrimination based on gender, race, religion, disability, age, or background will not be tolerated.

7. Responsible Use of Company Resources

Employees and contractors must use company resources, systems, and time responsibly and for business purposes only. Unauthorized use, tampering, or misuse of company tools, data, or property is strictly prohibited.

8. Conflicts of Interest

All personnel are required to avoid conflicts between personal interests and professional duties. Any potential or actual conflict must be disclosed to management without delay. Outside employment, relationships, or financial interests that could impair objectivity must be reported and reviewed.

9. Communication and Representation

Only designated individuals are authorized to speak or post publicly on behalf of Stray Partners. All public communications, including social media, must reflect professionalism and uphold the reputation of the organization.

10. Reporting Misconduct

We encourage the reporting of any suspected violations of this Code, policies, or laws. Reports can be made confidentially and without fear of retaliation. All reports will be investigated promptly and fairly.

11. Disciplinary Actions

Violations of this Code may lead to disciplinary action, including warning, suspension, contract termination, or legal consequences, depending on the severity of the breach.

12. Acknowledgement and Responsibility

All employees, subcontractors, and relevant third parties must read, understand, and commit to this Code. Upon onboarding or renewal of engagement, confirmation of adherence will be formally required.

Approved by: Adrian Stray, Effective from: 01.01.2025