GDPR and good conduct

Good governance to us is more than compliance with local laws. We hold ourselves to high standards and we want those high standards to apply in all our communities.

gdpr blue We take the protection of personal data extremely seriously, going above and beyond local regulations. In 2022, we were awarded Binding Corporate Rules (BCR) approval, which means we commit to adhering to GDPR in all countries. GDPR sets one of the highest standards for protecting personal data – both for employees and business contacts.  
 gdpr blue As a business, we have a strong moral compass and we demonstrate our ethics through clear action. When Russia invaded Ukraine in February 2022, we had stopped all commercial activity with Russia within a week. In addition to leading by example, we ensure our employees understand the ethics underpinning our values and receive training on what’s right and wrong.
 gdpr blue We ensure the utmost security of our, our customers’ and suppliers’ data and systems. We have now implemented a cloud-first approach across our systems, allowing us to have an overarching governance and compliance regime across all of them.
 gdpr blue Our health & safety management system has been updated with a new reporting system for accidents and near misses and clear targets for recordable incidents and lost time. This is audited regularly, by internal and external auditors. Maintaining a healthy and safe work environment will remain a focus for all employees throughout 2023. The global health & safety team conducts monthly calls to plan training and awareness activity against reported risks and incidents to continuously make progress towards our goal ZERO incidents.



Company policies regarding environment and climate have been implemented at a site-specific level and include ISO 14001:2015 certification, which specifies the requirements for an environmental management system that can be used to enhance environmental performance based on mapping the environmental impact from the site-specific activities.

We also have:

• ISO9001:2015 Quality Management System at 14 sites;
• ISO14001:2015 Environmental Management System at 7 sites.
• ISO45001:2018 Health and Safety Management System at 2 sites.

We have had our sustainability management system independently assessed by EcoVadis who reviewed our performance in 4 key areas: Environment; Ethics; Labor and Human Rights; and Sustainable Procurement.

EcoVadis evaluated business conduct, implemented activities and current key performance indicators (KPIs) within the sustainability management system, this resulted in Norican awarded a bronze rating in recognition of our sustainability achievement globally.

Code of Conduct

The Norican Code of Conduct is guided by our values. It has group level policies related to ethics and with respect to compliance with applicable laws in each jurisdiction. These policies apply to each subsidiary in Norican Group.

We have procedures in place for reporting and have a multilingual whistleblowing hotline ‘Speak Up’, which is provided by a third party, WhistleB, and is available 24 hours a day, 7 days a week, 365 days a year. It allows anyone to anonymously report any behavior which contravenes our Code of Conduct.

Modern Slavery / Human Rights

Our zero-tolerance approach to modern slavery, including forced labor, human trafficking, and child labor, is described in our Code of Conduct. We have identified potential risks within the business and have effective systems in place to ensure modern slavery or child labor is not taking place in our business or our supply chain. We do supplier risk assessments based on 3 criteria; geography, business type and spend.


Anti-Bribery and Anti-Corruption

We want to compete fairly wherever we operate and do not tolerate bribery, kickbacks, fraud, money-laundering, or any other improper payment. We have a clear Anti-Bribery Policy and will comply with all applicable local anti-bribery and anti-corruption laws.