Supplier Code of Conduct
1. CONDUCT BUSINESS LAWFULLY
We require our suppliers to act honestly and with integrity, and to comply with applicable laws, rules and regulations.
You must check that your personnel have the legal right to work in the country in which their services are performed.
You must not make or receive bribes or unlawfully facilitate payments or inducements. Any business entertainment must be appropriate and solely for the purpose of maintaining good business relations and not with an intention to influence procurement decisions. If it is appropriate to offer a gift, it should be reasonable and legitimate and in keeping with the nature of your relationship with the individual concerned. You must notify us if any of your personnel (or family members of personnel) work for Mayer Brown or have a business relationship with Mayer Brown.
You must not participate in, or facilitate, tax evasion, money laundering, breaches of national and international sanctions, fraud or other corrupt practices.
You must compete fairly and honestly and abide by all applicable competition laws, including in relation to price discrimination and price fixing. You must not mislead others, or compromise your integrity, to obtain a business advantage.
You may not use Mayer Brown’s logos or the names of Mayer Brown entities to represent to others that you have been engaged by Mayer Brown unless you have our written consent.
2. TREAT PEOPLE WITH DIGNITY AND RESPECT
We expect you to support internationally recognized human rights and to treat your personnel with respect and dignity. This includes respecting the human rights of those in the jurisdictions in which you operate, paying fair wages, requiring only reasonable work hours and providing a healthy and safe workplace. We oppose all forms of slavery, including forced, bonded and compulsory labor and human trafficking. You must prohibit these and have active procedures in place to ensure such practices are not part of your supply chain. Your personnel must be no younger than the applicable legal minimum age.
You must not permit discrimination and harassment within your organization on the grounds of any category or characteristic protected by applicable law, including race, racial group, sex, sexual orientation, gender identity, religion or belief, age, disability or trade union membership.
You must be courteous and professional in all of your business dealings. You must not tolerate bullying in any form in your workplace.
3. PROTECT MAYER BROWN’S INFORMATION
All information provided by Mayer Brown or which is produced by you in the provision of your services that is not in the public domain is deemed confidential and may include information about Mayer Brown’s clients and/or personal data (“Confidential Information”).
Confidential Information must only be used for its intended and designated purpose and may not be transferred or disclosed to any other person outside your organization without our written consent.
Inside your organization, Confidential Information may only be transferred or disclosed in order to allow the performance of services or for the delivery of products. It may not be sold to any other person in any circumstances.
You must implement appropriate technical and organizational measures to ensure an appropriate level of security for Confidential Information. This includes ensuring that any of your personnel who have access to the Confidential Information are subject to a duty of confidentiality.
You must promptly inform us if you become aware of an information security breach which impacts our Confidential Information.
At our option, you will delete or return our Confidential Information once our business with you has been concluded unless we expressly agree otherwise. You may retain Confidential Information stored on your automatic back-up systems or to comply with applicable legal or regulatory requirements or your internal record retention policies, provided that all such Confidential Information continues to be retained at an appropriate level of security and is then securely destroyed within ten years from the termination of your engagement.
3.2 Personal data
You must comply with all relevant privacy laws and regulations. If our contract with you requires you to process personal data, you must also comply with the following, unless under applicable law you are legally the entity that decides how the relevant data is to be processed and handled (the “Controller”):
(a) Only act on our documented instructions with respect to the data (save as required by law).
(b) Only engage a sub-processor with our prior authorization and under a written contract.
(c) Take appropriate measures to assist us to respond to individuals who exercise their data privacy rights with respect to the data.
(d) Taking into account the nature of the processing and the associated data, assist us in meeting our data privacy obligations in relation to the security of processing, the notification of personal data breaches and data protection impact assessments.
(e) Submit to audits and inspections regarding your compliance with privacy laws and provide information to allow us to review our own data privacy compliance with respect to your engagement and the services you provide.
Your processing of our personal data is for the purposes of providing the services or goods as agreed between us. The subject matter shall be that as agreed and separately documented between us.
The duration of the processing is for the duration of the contract unless otherwise agreed. The types of personal data and categories of data subject involved shall be all relevant forms of personal data or special category data, as specified by applicable law, and the data subjects shall be all individuals whose personal data is connected with the provision of the services or goods.
To the extent that there are any transfers of personal data between you and us which require appropriate data protection safeguards under applicable data protection law, you agree to the Supplier Data Transfer Agreement.
4. PROTECT THE ENVIRONMENT
You must comply with all applicable environmental laws, regulations and standards. We expect you to continuously strive to protect and preserve the environment, and to have sustainability practices in place across your operations which aim to avoid polluting the environment, reduce the generation of waste and the consumption of energy, water and plastics, recycle waste where possible, reduce greenhouse gas emissions and work towards carbon neutral and net zero emissions solutions in line with international agreements.
5. COMPLIANCE WITH THIS CODE
We expect you to comply with the conditions in this Code of Conduct and to maintain a system within your organization to monitor such compliance. In particular, you must:
- Have formal policies in place to address anti-corruption, tax evasion, money laundering, compliance with sanctions, information security, data privacy, diversity and inclusion, behavior in the workplace and environmental protection and sustainability; and regularly review your procedures to implement them.
- Provide clear and effective training to your personnel on a regular basis to ensure compliance with your policies and with applicable law, and have procedures in place to monitor compliance.
- Maintain robust security measures and procedures to protect our Confidential Information and personal data.
You must take necessary steps to ensure that your personnel understand and comply with this Code of Conduct. You must also ensure that any of your suppliers and any approved subcontractors who work directly on Mayer Brown engagements, are aware of and comply with this Code of Conduct.
Mayer Brown reserves the right to terminate agreements with suppliers for non-compliance with this Code of Conduct or for violations of law. We may from time to time ask you to evidence your compliance with this Code of Conduct.
The act of submitting your invoice for payment constitutes your agreement to comply with this Code.