Why is this material?
We have the policy to be at all times compliant with all applicable laws, including anti-corruption and privacy legislation to meet DNV GL’s long-term objectives, to mitigate identified business risks, to improve business performance and to build trust amongst our employees, customers and other key stakeholders.
We have defined compliance as legally and ethically impeccable conduct by all employees in their daily work because the way they carry out their duties affects the company’s reputation. We do not tolerate any violation of applicable laws, our Code of Conduct or internal regulations.
A clear tone from the top coupled with tangible ownership of compliance at all management levels is essential. To help our managers meet this responsibility, a compliance programme has been set up, focusing on integrity in business dealings, anti-corruption, commitment to fair competition, upholding of foreign trade laws and privacy law. The effectiveness of compliance is based on the global governance of our compliance organization and clear-cut reporting lines, and close cooperation between the Group Compliance Officer and our business areas.
We have submitted our application for Binding Corporate Rules (BCR) to the Norwegian authorities. Reviews from authorities in the Netherlands and UK are expected in 2015. Binding Corporate Rules (BCR) is a set of internal regulations that define how DNV GL handles the global transfer of personal data related to employees and customers between its group companies. These rules need to be approved by the European data protection authorities. Simultaneous with the application procedure, the implementation of our BCR was initialized in 2014.
Customer data are handled in accordance with the confidentiality obligations that follow from the terms and conditions of our contracts with our customers as well as from the instructions and the employment contracts. No infringements have been notified to Group Compliance.
In the course of 2014 our company has not identified or received any substantiated complaints concerning breaches of customer privacy.