This policy outlines the fundamental principles that Init Group follows to ensure responsible and ethical handling of data. Our approach is based on transparency, accountability, and respect for individual rights, and we are committed to maintaining a high standard of data ethics across all our business areas.

Scope

The policy applies to:

• All parts of Init Group’s organisation.
• All employees, partners, and external suppliers who process data on behalf of Init Group.
• All types of data, including but not limited to personal data, customer data, and other business-related data.

Responsibility

All data processing must have a clear purpose and be carried out in compliance with applicable legislation and internal guidelines. We strive to regularly assess risks associated with our data processing activities to ensure that we are compliant with this policy.

Transparency

We strive to ensure that stakeholders clearly understand how we collect, use, and protect their data. Our data processes are presented in a straightforward and accessible way, so stakeholders can feel confident in how we handle their information.

Privacy & confidentiality

We protect individuals’ privacy by only processing data necessary to fulfill the purposes for which it was collected. Data is handled confidentially, and we ensure that no data is used for purposes incompatible with its original intent.

Equality & non-discrimination

We process data in a way that guarantees equal treatment of all individuals. Data must never be used to create discrimination based on gender, race, religion, or other unlawful criteria. We actively work to prevent our data processes from leading to stigmatisation or bias.

Human dignity

We safeguard individual dignity by avoiding the use of data that could compromise personal rights. We do not sell personal data to third parties and do not use data brokers. Sensitive data such as race, ethnic origin, religious beliefs, and sexual orientation is processed only in compliance with legislation and only when necessary and ethically defensible.

Third parties & suppliers

As a general rule, the data we collect is processed only by our own partners and employees. However, situations may arise where it is necessary or appropriate to involve a third party in data processing. In such cases, we will ensure that a confidentiality agreement is signed with the third party, and where required, a data processing agreement will be established.

No sale of data

We do not sell data to third parties and only share data when necessary to deliver our services or when required by law.

Continual evaluation

Data processing practices will be continually evaluated to ensure they uphold our high ethical standards and are adapted to new challenges and risks.

Review & update

The policy is reviewed by Init Group’s CIO at least once a year to ensure compliance with applicable legislation and developments in technology and society.

Communication & implementation

Group CIO is responsible for communicating and implementing this policy across all parts of the organisation.

Enforcement

Non-compliance with this policy may result in disciplinary action, contract termination, and/or legal action in accordance with applicable laws.