Legal terms

June 6, 2021

Snyk Supplier Code of Conduct

The Intro:

Snyk Limited, including any entity, affiliate or subsidiary owned or controlled by Snyk Limited (“Snyk”) expects suppliers and other business partners (“Suppliers”) with whom we do business to act with the highest ethical standards.  In that regard, Suppliers must fully comply with this Supplier Code of Conduct (“Code”) and educate their employees and subcontractors, and their own suppliers and business partners, so they fully understand and comply with this Code when doing business with or for Snyk.  

Snyk expects our Suppliers to be guided by our core values and while we believe in keeping things simple, it’s impossible to predict and describe every situation, so Suppliers should ensure they adopt both the spirit and the letter of the Code.

The Code should be viewed as the minimum standards that we expect from our supplier community. It is not intended to reduce, replace or limit any other legal or contractual obligations that you have to Snyk.

The Code:

1. Compliance with Laws

At a minimum, Suppliers will comply with all applicable laws and regulations of the jurisdictions in which they operate.

2. Human Rights

Suppliers must share Snyk’s commitment to human rights and equal opportunity in the workplace and must conduct their employment practices in full compliance with all applicable laws and regulations.  All Suppliers must:

  • Conduct their activities in conformance with Snyk’s commitment to a workplace free of harassment and unlawful discrimination.

  • Comply with applicable safety and health laws, regulations and practices.

  • Comply with the The UK Modern Slavery Act 2015 including the prohibition of forced labour including neither using nor contributing to slavery, servitude, forced or compulsory labor and human trafficking.

  • Compensate all workers with minimum wages and benefits as established by applicable law.

3. Environment

Snyk recognizes the importance of working collaboratively with its Suppliers to promote environmental sustainability to help reduce our collective footprint.  Snyk expects that environmental protection is a priority for all Suppliers. Suppliers are encouraged to work towards minimizing their impact on the environment by establishing and adopting policies and procedures to help ensure the sustainability of natural resources and to reduce greenhouse gases generated by operations.  Where possible, Supplier will use fair trade in their production efforts.  Supplier shall operate all facilities in compliance with all applicable environmental laws, including laws related to waste disposal, emissions, discharges, and hazardous and toxic material handling, to the extent applicable. 

4. Ethics

Suppliers should never attempt to improperly influence Snyk’s business decisions. This includes but not limited to offering bribes, kickbacks, change in terms outside of the contractual relationship, or other incentive to a Snyk employee, contractor or representative (“Snyk Worker”) in order to obtain or retain Snyk business or preferential treatment, whether directly or through an intermediary.

In addition, Suppliers must respect Snyk’s gifts and hospitality policy.  Suppliers must not offer, provide or solicit gifts or entertainment that might compromise or appear to compromise a Snyk Worker’s judgment or independence. That includes:

  • Gifts individually or cumulatively valued at more than $250 in any one year;

  • Any gift or charitable contribution solicited by a Snyk Worker;

  • Cash or cash equivalents, such as gifts cards;

  • Entertainment that is lavish or that takes place in a location inconsistent with Snyk’s values; and

  • Entertainment or gifts offered in close proximity to a significant business decision involving the Supplier.

If a Snyk Worker asks for any of the above, you must report it to Snyk.

5. Asset Use

Supplier must use and manage Snyk’s assets responsibly. Supplier must protect and responsibly use both the physical and non-physical assets of Snyk including property, supplies, consumables, equipment, information and other intellectual property when authorized by Snyk to use such assets. This includes:

  • Use Snyk information technology and systems (including e-mail) only for authorized Snyk business purposes.

  • Comply with Snyk’s policies on social media, information security, data protection, anti-harassment, bullying and health and safety. 

  • Respect the intellectual property rights of Snyk and others, including but not limited to patents, copyrights, trademarks, and trade secrets.

  • Respect authorization limits. Suppliers must understand what they are and are not authorized to do on behalf of Snyk.  Suppliers must not speak to the media about Snyk or on Snyk behalf unless expressly authorized in writing to do so by an authorized Snyk employee.

6. Export Controls and Trade Sanctions

Supplier is required to comply with all applicable trade rules, export controls, restrictions, sanctions and import-export embargos including laws, regulations and rules relating to illegal boycotts. Supplier may be subject to US export control laws and regulations, including the Export Administration Regulations and the International Traffic in Arms Regulations. Supplier shall not, and shall not permit any third parties to, directly or indirectly, export, reexport, or release any regulated products or deliverables to any jurisdiction or country to which, or any party to whom, the export, reexport, or release of such products or deliverables is prohibited by applicable federal foreign law, regulation, or rule.  In particular, Supplier is required to declare any significant business interests in Iran, North Korea, Syria, Cuba, Venezuela or any other countries under sanction by the Office of Foreign Assets Control (OFAC); or business with any individuals on the Specially Designated Nationals And Blocked Persons list.   

This Code does not confer any rights to any third-parties. In addition, no employees of any Supplier will have any rights against Snyk by virtue of this Code, nor will such employees have any rights to cause Snyk to enforce any provisions of this Code.  Snyk’s encourages open discussion. If you have questions or concerns about this Code or your business relationship with us, please raise them with your primary Snyk contact. In addition, Suppliers are strongly encouraged to raise any concerns or report suspected misconduct to Snyk through our online feedback tool snyk.allvoices.co. This may be done anonymously. Please only use snyk.allvoices.co to report ethical and compliance violations such as accounting/audit related complaints or concerns, accounting matters or controls, code of ethics violations, or corruption or bribery.  Any issues regarding payment, billing, etc. should be resolved by contacting your Snyk contact directly.  Snyk will not tolerate retaliation taken against any individual who has in good faith raised questions, sought advice or reported misconduct, questionable behavior or a possible violation of law or policy.

Snyk may immediately terminate its business relationship (including any purchase orders and agreements) with Supplier if Supplier or its partners fail to comply with the Code.

Questions

Questions to Procurement can be sent to procurement@snyk.io

Patch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo SegmentPatch Logo Segment

Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer’s toolkit.

Start freeBook a live demo

Product

Developer Security PlatformSnyk Code (SAST)Snyk Open Source (SCA)Snyk ContainerSnyk Infrastructure as CodeApplication securitySoftware supply chain securityASPMDeepCode AIPricingDeployment optionsIntegrationsIDE pluginsGit SecurityWhat is Snyk?Snyk CLISnyk LearnSnyk for JavaScriptSnyk for JavaSnyk for Python

Resources

DocumentationSnyk API DocsAPI statusDisclosed vulnerabilitiesSupport portal & FAQ’sBlogSecurity fundamentalsResources for security leadersResources for ethical hackersDeveloper security educationVulnerability DatabaseSnyk OSS AdvisorSnyk Top 10Code snippetsVideos

Company

AboutCustomersCareersEventsSnyk for governmentPress kitSecurity & trustLegal termsPrivacyFor California residents: Do not sell my personal information

Connect

Book a live demoContact usSupportReport a new vuln

Security

Application SecurityContainer SecuritySupply Chain SecurityJavaScript SecurityOpen Source SecurityAWS SecuritySecure SDLCCloud Native SecuritySecure codingEthical HackingJavaScript Code ExamplesCode CheckerPythonEnterprise CybersecurityJavaScriptWebsite Scanner

© 2023 Snyk Limited
Registered in England and Wales

logo-devseccon