Mend.io Vendors and Business Partners
Code of Conduct and Business Standards

Last update: June 2026

Mend.io (โ€œMendโ€ or โ€œweโ€) is committed to ethical business practices, and we expect our suppliers and business partners (collectively โ€œSuppliersโ€) to comply with the same standards, and apply the same to their supply chain. These standards reflect Mendโ€™s internal values and the expectations from our Suppliers. We find that business relationships are more productive and effective when they are built on trust, mutual respect and common values, and seek relationships with entities who share a common commitment to such values.

Compliance with Law, Rules and Regulations

You must comply with all applicable laws, rules, regulations, and ethical standards of the country in which you operate, as well as these standards. This includes, without limitation, laws and regulations pertaining to labor, environmental protection, data privacy, anti-corruption, trade controls, and artificial intelligence, as applicable.

Anti-Corruption

Offering or receiving anything of value to obtain or retain business, an improper advantage, or favoured treatment from any third party (including Government Officials), or any other person with whom you or Mend is doing business, or is expected to be doing business, is strictly prohibited. You are expected to keep accurate and transparent records that reflect actual transactions and payments and not to participate in any corrupt, unethical or illegal practices. More specifically, you are required to avoid offering, providing or reimbursing any personal gifts, favors, personal travel expenses, lodging or other housing, services of any kind, excessive meals or entertainment, or any other thing of value to Mend employees and personnel that might influence, or appear to influence, a Mend personnelโ€™s decision in relation to Mendโ€™s business with you, and are required to refrain from doing the same with your suppliers and business partners.

Conflict of Interest

You are expected to cause your personnel to refrain from placing themselves in a position that may lead to an actual or perceived conflict of interest with your interests or with Mendโ€™s interests. Personnel in circumstance of conflict of interest must report such conflict and a procedure must be in place to handle such situation.

Confidentiality and Security

All information about Mend and its operations, products and personnel obtained as a consequence of a relationship with Mend which you have reason to believe is not publicly known, or which Mend seeks to protect as confidential or proprietary, or which might be of use to competitors or harmful to Mend or its customers, should be treated confidentially and not be disclosed. You must comply with applicable security and privacy laws, regulations and retention requirements, and to ensure that you have appropriate technical and security controls in place to protect our information. Any non-public information obtained as a consequence of relationship with Mend shall not be used for your benefit, your personnelโ€™s benefit or for the benefit of any other person.

Intellectual Property

You must respect our (and any other personโ€™s) intellectual property rights. Intellectual property rights are to be respected and unauthorized transfer of technology and know-how is strictly prohibited.

Privacy

The privacy of our employees, customers and others whose personal information you have access to, must be adequately protected by complying with local and applicable international laws. When collecting personal information of Mend, its customers or any other person on Mendโ€™s behalf, you must collect such information only following express approval and instructions from Mend, for legitimate business purposes, share only with those who are allowed access, protect in accordance with security policies, retain only for as long as necessary, and contractually obligate third parties with access to personal information to protect it.

Use of AI and Machine Learning

Suppliers are expected to ensure that any use of Artificial Intelligence (AI), including generative AI, is conducted responsibly, ethically, and in full compliance with all applicable laws and regulations. Before deploying AI systems that interact with our data or deliverables, Supplier must disclose this usage and obtain our explicit written consent. The application of AI must never jeopardize data privacy, security, or intellectual property rights. Supplier is strictly prohibited from using our proprietary data, confidential information, or intellectual property to train, fine-tune, or improve any AI models without our prior written authorization. Furthermore, Supplier must adopt effective AI risk management practices that guarantee appropriate human oversight, accuracy, bias mitigation, and transparency in all AI-assisted operations.

Trade Controls

You must comply with all applicable import and export controls, sanctions, and other trade compliance laws of the United States and other laws of applicable country(ies) where the transaction(s) occur(s).

Fair Competition and Fair Play

You are expected to uphold standards for fair business practices including accurate and truthful advertising and fair competition. You must not take advantage of anyone through unfair manipulation, concealment, abuse of privileged information or misrepresentation of material facts.

Environment, Health and Safety

We expect you to provide to your personnel a safe and healthy working environment that complies with local laws and minimizes occupational hazards. We encourage you to operate in full compliance with all applicable environmental laws and work to minimize your use of natural resources and any negative impact your operation may have on the environment.

Human Capital and Workplace Responsibilities

You are expected to: (i) treat all your personnel with dignity and respect; (ii) comply with all applicable employment laws and regulations, including statutes prohibiting discrimination in the workplace; (iii) not engage in any form of human trafficking, procure commercial sex acts or use forced labor; (iv) maintain a workplace free from harassment and discrimination; (v) not treat or threaten to treat an individual harshly or inhumanely; (vi) not employ or use underage labor in the production of your goods or services; and (vii) maintain a code of ethics that your personnel understands and follows.

Equal Opportunity and No Discrimination

We expect you to embrace differences in gender, gender identity, gender expression, ethnicity, religion, race, disability, age and diversity and avoid discrimination in your ongoing business operation.

No Harassment or Abusive Behavior

You are expected to maintain a pleasant and respectful working environment free of harassment and threats. Sexual harassment of any kind shall not be tolerated. We expect you to have in place clear, accessible, and confidential procedures through which personnel may report harassment or abusive behavior without fear of retaliation.

Environmental, Social, and Governance (ESG) Expectations

You are expected to integrate Environmental, Social, and Governance (ESG) principles into your business operations to promote responsible and sustainable practices. Environmentally, suppliers should minimize their ecological footprint by implementing resource conservation, reducing greenhouse gas emissions, and responsibly managing waste and water where applicable to their operations, and are encouraged, where appropriate to the size and nature of their business, to work toward emissions-reduction goals, including science-based or net-zero targets where feasible. Socially, we expect adherence to international human rights and labor standards; this includes maintaining a safe, healthy, and inclusive workplace free from discrimination, harassment, forced labor, and child labor, while respecting workersโ€™ rights to fair wages, safe working conditions, and reasonable working hours. From a governance perspective, suppliers must uphold high standards of business ethics and integrity by prohibiting corruption, bribery, and conflicts of interest, and by ensuring data privacy and maintaining accurate and transparent business records. You are expected to proactively identify and manage ESG risks, maintain a mechanism appropriate to your size and structure for employees to report concerns without retaliation, comply with all applicable laws, and require your subcontractors to adhere to standards substantially consistent with the same.

Monitoring and Compliance

Mend may engage in monitoring activities to confirm your compliance to these standards, including on-site assessments of facilities (upon coordination and up to once per annum), use of questionnaires, review of available information or other measures necessary to review your adherence with these business standards. Mend may further disqualify any potential supplier or business partner or terminate any relationship with such parties in case of material failure to adhere to these standards.