Supplier Code of Conduct

Effective Date: August 27, 2025
Last Updated: August 27, 2025
Scope: All Assivo Suppliers, Vendors, and Business Partners

ARTICLE I. INTRODUCTION AND FOUNDATIONAL COMMITMENTS

Section 1.01 Statement of Purpose and Commitment

Assivo, Inc., an Illinois corporation ("Assivo," "we," "us," or "our"), is committed to conducting business with suppliers, vendors, and business partners ("Suppliers," "you," or "your") who demonstrate unwavering dedication to ethical business practices, legal compliance excellence, and sustainable operational methodologies. This Supplier Code of Conduct (this "Code") establishes the comprehensive minimum standards we expect from all Suppliers participating in our global supply chain ecosystem.

Section 1.02 Binding Effect and Compliance Obligations

By engaging in business relationships with Assivo, establishing commercial partnerships, or providing goods or services to our organization, Suppliers acknowledge their understanding of, agreement with, and commitment to comply fully with all provisions of this Code. These standards complement and enhance, but do not replace or supersede, applicable laws, regulations, industry standards, and contractual obligations governing Supplier relationships and business conduct.

Section 1.03 Global Application and Supply Chain Integration

This Code applies universally to all Suppliers regardless of geographic location, business size, relationship duration, or service category, and extends throughout Supplier organizations including subsidiaries, affiliates, subcontractors, and downstream supply chain participants involved in providing goods or services to Assivo.

ARTICLE II. LEGAL AND REGULATORY COMPLIANCE FRAMEWORK

Section 2.01 Fundamental Legal Compliance Obligations

Suppliers must maintain exemplary compliance with all applicable laws, regulations, industry standards, and regulatory guidance in every jurisdiction where they operate, provide services, or conduct business activities. Where this Code establishes standards that exceed local legal requirements, Suppliers must satisfy the enhanced Code standards to maintain qualification for Assivo business relationships.

Section 2.02 Comprehensive Compliance Focus Areas

Suppliers must demonstrate particular expertise and maintain rigorous compliance programs in the following critical areas:

(a) Business Licensing and Registration Requirements: Maintenance of all required business licenses, professional certifications, regulatory registrations, and authorization permits necessary for lawful operation and service provision in relevant jurisdictions.

(b) Tax Obligations and Financial Reporting Standards: Full compliance with tax obligations, financial reporting requirements, and accounting standards applicable to business operations with maintenance of accurate records and timely filing obligations.

(c) Employment and Labor Law Compliance: Comprehensive adherence to employment regulations, labor standards, workplace safety requirements, anti-discrimination laws, and worker protection statutes across all operational locations and employment relationships.

(d) Environmental Protection and Sustainability Requirements: Implementation of environmental management systems, compliance with pollution prevention regulations, resource conservation initiatives, and sustainable business practice standards.

(e) Health and Safety Standards and Occupational Requirements: Maintenance of workplace health and safety programs meeting or exceeding regulatory standards with appropriate employee training, hazard mitigation, and incident prevention procedures.

(f) Data Protection and Privacy Law Adherence: Compliance with applicable data protection regulations including GDPR, CCPA, HIPAA, and sector-specific privacy requirements governing collection, processing, storage, and transmission of personal information.

(g) Export Control and International Trade Regulations: Adherence to export control laws, trade sanctions, customs regulations, and international trade compliance requirements for cross-border transactions and technology transfers.

(h) Anti-Corruption and Anti-Bribery Statutory Requirements: Implementation of comprehensive anti-corruption programs complying with applicable anti-bribery statutes including the U.S. Foreign Corrupt Practices Act, UK Bribery Act, and equivalent international anti-corruption legal frameworks.

Section 2.03 Compliance Monitoring and Verification Procedures

Suppliers must implement and maintain:

(a) Current Regulatory Knowledge Management: Systematic monitoring of applicable legal and regulatory requirements with regular updates to compliance programs reflecting changing regulatory landscapes and emerging legal obligations.

(b) Internal Compliance Systems and Controls: Comprehensive internal control systems, compliance monitoring procedures, and risk management frameworks ensuring consistent adherence to applicable legal requirements and contractual obligations.

(c) Documentation and Certification Capabilities: Maintenance of appropriate documentation supporting compliance status with ability to provide certifications, audit evidence, and compliance verification upon Assivo request or regulatory inquiry.

(d) Audit Cooperation and Assessment Participation: Commitment to cooperate fully with Assivo compliance audits, regulatory assessments, and verification procedures with provision of access to facilities, personnel, and documentation as reasonably required.

ARTICLE III. BUSINESS ETHICS AND INTEGRITY STANDARDS

Section 3.01 Ethical Business Conduct Framework

Suppliers must conduct all business activities with unwavering honesty, transparency, and integrity, maintaining the highest ethical standards in all stakeholder relationships including client interactions, employee management, supplier relationships, community engagement, and regulatory cooperation.

Section 3.02 Anti-Corruption and Anti-Bribery Requirements

Suppliers must implement and maintain zero tolerance policies regarding corruption and bribery encompassing:

(a) Prohibition of Improper Payments: Absolute prohibition of direct or indirect improper payments to government officials, political parties, commercial counterparties, or any other parties for the purpose of influencing business decisions, securing contracts, or gaining competitive advantages.

(b) Gift and Entertainment Restrictions: Implementation of reasonable restrictions on gifts, entertainment, and business courtesies ensuring all such activities remain within appropriate limits, serve legitimate business purposes, and comply with applicable laws and recipient organization policies.

(c) Transparent Financial Reporting and Record-Keeping: Maintenance of accurate, complete, and transparent financial records with appropriate internal controls preventing concealment of improper payments or unethical business activities.

(d) Third-Party Due Diligence and Management: Implementation of appropriate due diligence procedures for agents, consultants, subcontractors, and other third parties with ongoing monitoring and management of third-party relationships to prevent corruption and unethical conduct.

Section 3.03 Fair Competition and Market Conduct

Suppliers must:

(a) Compete Fairly and Ethically: Engage in fair competition based on service quality, innovation, and value creation rather than anti-competitive practices, market manipulation, or unethical business conduct.

(b) Respect Intellectual Property Rights: Maintain comprehensive respect for intellectual property rights of Assivo and third parties with appropriate licensing, usage permissions, and protection of confidential and proprietary information.

(c) Avoid Anti-Competitive Practices: Refrain from price-fixing, market allocation agreements, bid-rigging, and other anti-competitive activities that could harm market competition or violate antitrust laws and competition regulations.

(d) Maintain Truthful Marketing and Advertising: Ensure all marketing materials, advertising content, and business representations are accurate, truthful, and not misleading to clients, competitors, or other market participants.

Section 3.04 Conflicts of Interest Management

Suppliers must identify, disclose, and appropriately manage conflicts of interest that could compromise professional judgment, create competing loyalties, or undermine the integrity of business relationships with Assivo and other stakeholders.

ARTICLE IV. LABOR PRACTICES AND HUMAN RIGHTS PROTECTION

Section 4.01 Fundamental Labor Rights and Human Rights Commitment

Suppliers must respect, protect, and promote fundamental labor rights and human rights throughout their operations and supply chains in accordance with international standards including the Universal Declaration of Human Rights and International Labour Organization core conventions.

Section 4.02 Core Labor Standards and Worker Protection

(a) Freedom of Association and Collective Bargaining Rights: Respect for worker rights to freedom of association, collective bargaining, and representation through worker organizations in accordance with applicable laws and international labor standards.

(b) Prohibition of Forced Labor and Human Trafficking: Absolute prohibition of forced labor, slavery, human trafficking, debt bondage, and other forms of involuntary servitude with implementation of appropriate prevention, detection, and remediation procedures.

(c) Elimination of Child Labor and Protection of Young Workers: Strict prohibition of child labor with implementation of age verification procedures and appropriate protections for young workers including education, training, and development opportunities.

(d) Non-Discrimination and Equal Opportunity Employment: Commitment to equal employment opportunities and non-discrimination based on race, color, religion, gender, sexual orientation, gender identity, national origin, age, disability, or other protected characteristics.

(e) Safe and Healthy Working Conditions: Maintenance of workplace environments that are safe, healthy, and free from recognized hazards with appropriate safety training, protective equipment, and incident prevention procedures.

Section 4.03 Employment Standards and Worker Welfare

Suppliers must provide:

(a) Fair Wages and Compensation: Payment of wages that meet or exceed applicable minimum wage requirements and living wage standards with transparent compensation structures and timely payment procedures.

(b) Reasonable Working Hours and Schedule Management: Implementation of working hour policies complying with applicable labor laws with appropriate rest periods, overtime limitations, and work-life balance considerations.

(c) Overtime Compensation and Premium Pay: Provision of appropriate overtime compensation at legally required premium rates with voluntary overtime policies and protection against excessive mandatory overtime requirements.

(d) Professional Development and Skills Training: Investment in employee professional development, skills training, and career advancement opportunities contributing to individual growth and organizational capability enhancement.

Section 4.04 Workplace Safety and Health Management

Suppliers must implement comprehensive workplace safety and health programs including:

(a) Safe Working Environment Maintenance: Creation and maintenance of working environments that are safe, healthy, and free from recognized hazards with appropriate hazard identification, risk assessment, and mitigation procedures.

(b) Safety Equipment and Training Provision: Provision of appropriate safety equipment, protective devices, and comprehensive safety training for all workers with regular safety awareness and competency development programs.

(c) Emergency Response and Incident Management: Development and implementation of emergency response procedures, incident reporting systems, and investigation protocols with continuous improvement based on lessons learned and best practices.

(d) Worker Participation and Safety Culture: Promotion of active worker participation in safety programs, safety committees, and continuous improvement initiatives with development of positive safety culture and shared responsibility for workplace safety.

ARTICLE V. ENVIRONMENTAL RESPONSIBILITY AND SUSTAINABILITY

Section 5.01 Environmental Stewardship and Management Commitment

Suppliers must demonstrate environmental stewardship through implementation of comprehensive environmental management systems addressing resource conservation, pollution prevention, waste reduction, and sustainable business practices aligned with international environmental standards and best practices.

Section 5.02 Environmental Management Systems and Practices

Suppliers must implement environmental management practices addressing:

(a) Resource Conservation and Efficiency: Implementation of resource conservation programs including energy efficiency initiatives, water conservation measures, and sustainable material usage practices designed to minimize environmental footprint and optimize resource utilization.

(b) Waste Reduction and Recycling Programs: Development and implementation of comprehensive waste reduction strategies, recycling programs, and circular economy principles designed to minimize waste generation and promote sustainable material flows.

(c) Pollution Prevention and Emission Reduction: Implementation of pollution prevention measures, emission reduction initiatives, and environmental impact mitigation strategies throughout operations and service delivery activities.

(d) Sustainable Sourcing and Supply Chain Practices: Integration of environmental considerations into sourcing decisions, supplier selection criteria, and supply chain management practices promoting environmental sustainability throughout the value chain.

(e) Environmental Regulatory Compliance: Full compliance with applicable environmental regulations, permitting requirements, and reporting obligations with proactive environmental management exceeding minimum regulatory requirements where feasible.

Section 5.03 Climate Action and Sustainability Initiatives

Suppliers should implement sustainability initiatives including:

(a) Energy Efficiency and Renewable Energy Adoption: Investment in energy-efficient technologies and renewable energy sources where technically and economically feasible with measurement and reporting of energy consumption and greenhouse gas emissions.

(b) Climate Action and Emission Reduction: Implementation of climate action plans, greenhouse gas emission reduction targets, and carbon footprint minimization strategies aligned with scientific climate targets and industry best practices.

(c) Sustainable Transportation and Logistics: Promotion of sustainable transportation options, logistics optimization, and supply chain efficiency improvements to reduce environmental impact of business operations and service delivery activities.

ARTICLE VI. INFORMATION SECURITY AND DATA PROTECTION

Section 6.01 Information Security Framework and Data Protection

Suppliers handling Assivo information, client data, or other sensitive information must implement comprehensive information security programs designed to meet or exceed industry standards and incorporate security frameworks aligned with ISO/IEC 27001 principles and SOC 2 security control objectives.

Section 6.02 Technical Security Requirements and Controls

(a) Information Security Policies and Governance: Development and implementation of comprehensive information security policies, governance frameworks, and management systems with appropriate oversight, accountability, and continuous improvement procedures.

(b) Access Control Systems and Authentication: Implementation of robust access control systems including multi-factor authentication, role-based access controls, privileged access management, and regular access review and certification procedures.

(c) Encryption and Data Protection Technologies: Utilization of industry-standard encryption technologies (AES-256 or equivalent) for protection of sensitive data at rest and in transit with appropriate key management and cryptographic protection procedures.

(d) Security Assessment and Vulnerability Management: Conduct of regular security assessments, vulnerability scanning, penetration testing, and security control validation with prompt remediation of identified vulnerabilities and security gaps.

(e) Incident Response and Security Monitoring: Implementation of security incident response procedures, continuous security monitoring, threat detection capabilities, and breach notification protocols meeting applicable regulatory requirements and industry standards.

Section 6.03 Privacy Protection and Regulatory Compliance

(a) Data Protection Law Compliance: Full compliance with applicable data protection and privacy laws including GDPR, CCPA, HIPAA, and other relevant privacy regulations governing collection, processing, storage, and transmission of personal information.

(b) Privacy-by-Design Implementation: Integration of privacy considerations throughout system design, data processing procedures, and business operations with appropriate data minimization, purpose limitation, and consent management mechanisms.

(c) Data Retention and Deletion Procedures: Implementation of appropriate data retention schedules and secure deletion procedures ensuring personal information is retained only as necessary for legitimate purposes and securely destroyed when no longer required.

(d) Individual Privacy Rights Protection: Recognition and implementation of individual privacy rights including access, correction, deletion, portability, and objection rights as required by applicable privacy laws and regulations.

Section 6.04 Confidentiality and Information Protection

(a) Confidential Information Protection: Implementation of comprehensive measures to protect Assivo confidential and proprietary information including trade secrets, business plans, client information, and other sensitive data from unauthorized access, use, or disclosure.

(b) Non-Disclosure and Confidentiality Controls: Execution of appropriate non-disclosure agreements and implementation of confidentiality controls ensuring proper handling of confidential information throughout business relationships and beyond termination.

(c) Need-to-Know Access Restrictions: Limitation of access to confidential information on a strict need-to-know basis with appropriate access controls, monitoring procedures, and regular review of access permissions and usage patterns.

ARTICLE VII. SUPPLY CHAIN MANAGEMENT AND RESPONSIBLE SOURCING

Section 7.01 Sub-Supplier Management and Oversight Requirements

Suppliers must implement comprehensive sub-supplier management programs ensuring ethical standards and compliance requirements are maintained throughout their supply chains:

(a) Sub-Supplier Due Diligence and Assessment: Conduct systematic due diligence on all sub-suppliers and subcontractors including evaluation of ethical business practices, compliance capabilities, financial stability, and alignment with Code requirements.

(b) Contractual Compliance Requirements: Implementation of contractual requirements ensuring sub-suppliers adhere to equivalent ethical standards, compliance obligations, and operational requirements through appropriate contract terms and ongoing relationship management.

(c) Supply Chain Monitoring and Compliance Oversight: Regular monitoring of sub-supplier compliance through audits, assessments, performance reviews, and other oversight mechanisms with prompt corrective action for identified deficiencies or non-compliance issues.

(d) Corrective Action and Relationship Management: Implementation of appropriate corrective action procedures for sub-supplier non-compliance with escalation procedures up to and including relationship termination for serious or repeated violations.

Section 7.02 Supply Chain Transparency and Visibility

Suppliers should provide:

(a) Supply Chain Structure Visibility: Appropriate visibility into supply chain structure including identification of key suppliers, critical dependencies, and supply chain relationships affecting service delivery to Assivo.

(b) Compliance Documentation and Reporting: Documentation of compliance and ethical practices throughout the supply chain with regular reporting on supply chain risk management, compliance status, and improvement initiatives.

(c) Assivo Assessment Cooperation: Cooperation with Assivo supply chain mapping efforts, risk assessments, and due diligence activities with provision of necessary information and access for supply chain evaluation purposes.

(d) Change Notification and Risk Communication: Prompt notification of significant supply chain changes, risk developments, or other factors that could affect service delivery, compliance status, or business relationships with Assivo.

Section 7.03 Conflict Minerals and Responsible Sourcing Standards

(a) Conflict-Free Sourcing Commitment: Implementation of policies and procedures to avoid sourcing from conflict-affected and high-risk areas with particular attention to conflict minerals and other materials associated with human rights violations or environmental degradation.

(b) Responsible Mineral and Material Sourcing: Development and implementation of responsible sourcing policies for minerals, raw materials, and other inputs with supply chain due diligence and risk assessment procedures aligned with international standards and best practices.

(c) Supply Chain Due Diligence and Risk Assessment: Conduct of appropriate supply chain due diligence and risk assessment procedures to identify and mitigate risks associated with conflict minerals, human rights violations, and environmental harm in upstream supply chains.

(d) Reporting and Transparency Obligations: Provision of appropriate reporting on conflict minerals usage, responsible sourcing practices, and supply chain risk management activities as requested by Assivo or required by applicable regulations.

ARTICLE VIII. QUALITY MANAGEMENT AND OPERATIONAL EXCELLENCE

Section 8.01 Quality Management Systems and Standards

Suppliers must maintain quality management systems appropriate to their industry sector and service offerings:

(a) Quality Management System Implementation: Development and maintenance of systematic quality management approaches incorporating quality planning, control procedures, assurance activities, and continuous improvement methodologies aligned with recognized quality standards and best practices.

(b) Continuous Improvement and Performance Enhancement: Implementation of continuous improvement processes including performance monitoring, root cause analysis, corrective and preventive action procedures, and systematic enhancement of service delivery capabilities and customer satisfaction.

(c) Customer Satisfaction and Feedback Management: Establishment of customer satisfaction measurement systems, feedback collection mechanisms, and systematic response procedures ensuring client needs are understood, met, and exceeded through service delivery excellence.

(d) Process Control and Documentation: Implementation of appropriate process controls, documentation standards, and quality assurance procedures ensuring consistent service delivery, traceability, and accountability for quality outcomes and performance results.

Section 8.02 Service Delivery Standards and Performance Management

(a) Service Level Agreement Compliance: Full compliance with agreed-upon service level agreements, performance metrics, and quality standards with systematic monitoring, measurement, and reporting of performance against contractual requirements and client expectations.

(b) Performance Monitoring and Reporting: Implementation of comprehensive performance monitoring systems providing regular, accurate, and timely reporting on service delivery performance, quality metrics, and improvement initiatives to support transparency and accountability.

(c) Issue Resolution and Customer Support: Establishment of effective issue resolution procedures, customer support capabilities, and escalation mechanisms ensuring prompt and satisfactory resolution of service delivery problems and client concerns.

Section 8.03 Innovation and Technology Excellence

Suppliers should demonstrate commitment to innovation and technology advancement:

(a) Technology Investment and Innovation: Investment in technology improvements, innovation initiatives, and capability development activities that enhance service delivery effectiveness, operational efficiency, and competitive advantage for mutual benefit.

(b) Collaborative Improvement and Partnership: Active collaboration with Assivo on process improvements, efficiency enhancements, innovation projects, and strategic initiatives that create shared value and competitive advantage through partnership excellence.

(c) Knowledge Sharing and Best Practice Development: Sharing of relevant technological advances, industry best practices, and improvement methodologies that can benefit mutual business objectives while respecting intellectual property rights and competitive considerations.

ARTICLE IX. FINANCIAL INTEGRITY AND BUSINESS CONTINUITY

Section 9.01 Financial Standards and Business Stability

(a) Financial Record Accuracy and Transparency: Maintenance of accurate, complete, and transparent financial records in accordance with applicable accounting standards and regulatory requirements with appropriate internal controls preventing fraud and ensuring financial integrity.

(b) Financial Information Disclosure: Provision of financial statements, credit information, and other financial data upon reasonable request to support assessment of financial stability, capability, and business continuity for ongoing relationship management.

(c) Internal Controls and Fraud Prevention: Implementation of appropriate internal controls, fraud prevention measures, and financial management procedures ensuring accurate reporting, preventing unauthorized transactions, and protecting against financial misconduct.

(d) Financial Stability and Capitalization: Demonstration of appropriate financial stability, adequate capitalization, and business sustainability to support long-term business relationships and service delivery commitments to Assivo and other stakeholders.

Section 9.02 Business Continuity and Risk Management

(a) Business Continuity Planning: Development and maintenance of comprehensive business continuity plans including disaster recovery procedures, emergency response protocols, and alternative service delivery capabilities ensuring continuity of critical services during disruptions.

(b) Risk Management Framework: Implementation of systematic risk management frameworks including risk identification, assessment, mitigation, and monitoring procedures addressing operational, financial, technological, and other business risks affecting service delivery capabilities.

(c) Insurance Coverage and Risk Transfer: Maintenance of appropriate insurance coverage for business operations, professional liability, cyber security, and other relevant risks with coverage levels appropriate to business size, service offerings, and potential liability exposure.

(d) Disruption Notification and Communication: Establishment of procedures for timely notification of Assivo regarding significant business disruptions, risk developments, or other factors that could affect service delivery capabilities or business relationship continuity.

ARTICLE X. MONITORING, COMPLIANCE, AND PERFORMANCE MANAGEMENT

Section 10.01 Supplier Assessment and Evaluation

Assivo reserves the right to conduct comprehensive supplier assessments including:

(a) Periodic Compliance Assessments: Systematic evaluation of Supplier compliance with Code requirements, contractual obligations, and applicable legal standards through regular assessment procedures, questionnaires, and verification activities.

(b) On-Site Evaluations and Facility Inspections: Conduct of on-site evaluations and facility inspections where appropriate and necessary to verify compliance with Code requirements, assess operational capabilities, and validate reported information and practices.

(c) Third-Party Audit Engagement: Engagement of qualified third-party auditors and assessment professionals for independent verification of Supplier compliance, practices, and capabilities when deemed necessary or appropriate by Assivo.

(d) Documentation Review and Verification: Review of Supplier documentation, policies, procedures, and records to verify compliance with Code requirements and validate reported information regarding operations, practices, and performance.

Section 10.02 Compliance Verification and Certification

Suppliers must participate in compliance verification activities including:

(a) Annual Compliance Certification: Provision of annual written certifications confirming compliance with Code requirements, applicable laws, and contractual obligations with appropriate attestation by authorized Supplier representatives.

(b) Assessment Participation and Cooperation: Full participation and cooperation in compliance assessments, audits, and verification activities requested by Assivo including provision of access to facilities, personnel, and documentation as reasonably necessary.

(c) Compliance Record Maintenance: Maintenance of appropriate records documenting compliance with Code requirements, applicable laws, and contractual obligations with ability to provide evidence of compliance upon request or during assessment activities.

(d) Continuous Monitoring and Reporting: Participation in continuous monitoring activities including regular reporting on compliance status, performance metrics, and improvement initiatives as requested by Assivo for relationship management purposes.

Section 10.03 Non-Compliance Consequences and Corrective Action

Failure to comply with Code requirements may result in:

(a) Corrective Action Requirements and Improvement Plans: Implementation of required corrective actions and improvement plans with specific timelines, milestones, and performance targets for addressing identified deficiencies and achieving compliance with Code requirements.

(b) Enhanced Monitoring and Oversight Obligations: Imposition of enhanced monitoring requirements, increased oversight activities, and more frequent assessment and reporting obligations during corrective action periods and relationship probation.

(c) Business Activity Limitation or Suspension: Limitation or suspension of business activities, service assignments, and commercial transactions pending successful completion of corrective actions and demonstration of sustained compliance with Code requirements.

(d) Relationship Termination and Contract Cancellation: Termination of business relationships, cancellation of contracts, and cessation of commercial activities for serious violations, repeated non-compliance, or failure to implement required corrective actions effectively.

ARTICLE XI. IMPLEMENTATION, TRAINING, AND ORGANIZATIONAL DEVELOPMENT

Section 11.01 Code Implementation and Organizational Integration

Suppliers must ensure comprehensive Code implementation including:

(a) Internal Communication and Training: Communication of Code requirements to all relevant personnel including employees, contractors, and subcontractors with appropriate training programs ensuring understanding of obligations and compliance requirements.

(b) Policy and Procedure Integration: Integration of Code requirements into internal business policies, operational procedures, and management systems ensuring systematic compliance and consistent application across all business activities and relationships.

(c) Responsibility Assignment and Accountability: Assignment of specific responsibility for Code compliance to appropriate personnel with clear accountability structures, performance expectations, and consequences for compliance failures or violations.

(d) Governance Structure Development: Establishment of appropriate governance structures for Code compliance including oversight mechanisms, monitoring procedures, and management reporting systems supporting effective compliance management and continuous improvement.

Section 11.02 Training and Awareness Programs

Suppliers should implement comprehensive training and awareness programs including:

(a) Code Training and Education: Regular training programs covering Code requirements, ethical business practices, and compliance obligations with appropriate curriculum, delivery methods, and effectiveness measurement for all relevant personnel.

(b) Professional Development Integration: Integration of Code compliance training into employee onboarding programs, professional development activities, and career advancement processes ensuring sustained awareness and competency development.

(c) Training Documentation and Record-Keeping: Documentation of training activities, participation records, and competency assessments with appropriate record retention supporting verification of training completion and effectiveness measurement.

(d) Continuous Learning and Improvement: Support for continuous learning, skills development, and awareness enhancement through regular training updates, industry best practice sharing, and professional development opportunities.

Section 11.03 Performance Excellence and Continuous Improvement

Suppliers are encouraged to exceed minimum Code requirements through:

(a) Excellence and Innovation: Pursuit of excellence in all areas covered by the Code with innovation in sustainable practices, ethical business methods, and stakeholder value creation beyond minimum compliance requirements.

(b) Best Practice Sharing and Collaboration: Sharing of best practices, innovative approaches, and successful improvement initiatives with Assivo and appropriate industry forums while respecting competitive considerations and intellectual property rights.

(c) Industry Leadership and Standard Setting: Participation in industry initiatives, standard-setting activities, and professional organizations contributing to advancement of ethical business practices and sustainable development within relevant industries and sectors.

(d) Stakeholder Value Creation: Focus on creating value for all stakeholders including clients, employees, communities, and environmental stewardship through responsible business practices that exceed compliance requirements and contribute to sustainable development.

ARTICLE XII. CODE GOVERNANCE AND CONTINUOUS IMPROVEMENT

Section 12.01 Code Administration and Oversight

This Code is administered through comprehensive governance structures:

(a) Operations Officer Oversight: Overall policy ownership and strategic direction by the Operations Officer with responsibility for supplier relationship management, Code implementation, and performance monitoring.

(b) Operations Team Implementation: Day-to-day Code administration and supplier relationship management by operations teams with responsibility for assessment activities, compliance monitoring, and relationship development.

(c) Legal and Compliance Support: Monitoring, assessment, and enforcement activities by legal and compliance personnel with responsibility for Code interpretation, compliance validation, and corrective action oversight.

(d) Regional Implementation Teams: Local implementation and cultural adaptation by regional teams with responsibility for supplier engagement, training support, and local compliance management in different operational jurisdictions.

Section 12.02 Code Review and Enhancement Procedures

This Code undergoes systematic review and improvement including:

(a) Annual Code Review and Update: Comprehensive annual review and updating of Code provisions to reflect regulatory changes, industry developments, best practice evolution, and organizational learning from implementation experience.

(b) Stakeholder Feedback Integration: Regular collection and integration of feedback from suppliers, employees, clients, and other stakeholders to improve Code effectiveness, clarity, and practical implementation across diverse business environments.

(c) Industry Development Integration: Integration of emerging industry standards, regulatory requirements, and best practices into Code provisions ensuring continued relevance and alignment with evolving expectations and requirements.

(d) Communication and Change Management: Comprehensive communication of Code changes to all affected suppliers with appropriate transition support, training updates, and implementation assistance ensuring effective adoption of enhanced requirements.

ARTICLE XIII. CONTACT INFORMATION AND SUPPLIER SUPPORT

Section 13.01 General Inquiries and Relationship Management

Operations Office
Assivo, Inc.
444 West Lake Street, Suite 1700
Chicago, Illinois 60606
Telephone: (312) 416-8649
Email: info@assivo.com

Section 13.02 Compliance and Ethics Support

Ethics and Compliance Reporting:
Telephone: (312) 416-8649
Email: ethics@assivo.com

Section 13.03 Regional Supplier Support and Coordination

Regional Supplier Coordination:

• Americas: americas@assivo.com
• Mexico: mexico@assivo.com
• India: india@assivo.com

Section 13.04 Additional Resources and Support Services

For additional supplier resources, training materials, best practice guidance, and consultation on Code requirements, Suppliers may access available resources, participate in supplier development programs, and request consultation through established communication channels and relationship management procedures.

ARTICLE XIV. ACKNOWLEDGMENT AND CERTIFICATION

Section 14.01 Supplier Acknowledgment Requirements

Suppliers must provide comprehensive annual written acknowledgment certifying that they:

(a) Code Receipt and Understanding: Have received, thoroughly reviewed, and fully understood this Supplier Code of Conduct and commit to upholding its standards and requirements throughout their organization and supply chain relationships.

(b) Compliance Commitment and Implementation: Commit to full compliance with all Code provisions, applicable laws and regulations, and contractual requirements with implementation of appropriate systems, procedures, and controls ensuring sustained compliance.

(c) Reporting Obligation Acceptance: Accept the obligation to report suspected violations, compliance concerns, and other issues to Assivo while maintaining appropriate internal reporting systems and investigation procedures for Code-related matters.

(d) Cooperation and Assessment Participation: Agree to cooperate fully with Assivo monitoring activities, compliance assessments, and improvement initiatives including participation in training programs, best practice sharing, and relationship development activities.

Section 14.02 Ongoing Certification and Validation

Suppliers participate in ongoing certification processes including annual compliance updates, performance validation, relationship reviews, and continuous improvement activities supporting sustained compliance and partnership excellence.

This Supplier Code of Conduct reflects our commitment to building sustainable, ethical, and mutually beneficial supply chain relationships that create shared value for all stakeholders. It represents the foundation for our supplier partnerships and should be implemented alongside applicable laws, regulations, industry standards, and contractual requirements to ensure comprehensive ethical governance and operational excellence.

© 2025 Assivo, Inc. All rights reserved.