Dear Colleagues,
We are a team in which every employee makes a meaningful contribution to
improving the quality of the services we deliver to our clients. In our relations with
them, we apply established rules of positive attitude, fairness, security, and respect
for others’ honour and dignity.
The Company is committed to creating and maintaining trust and to building a stable
reputation with current and future partners and clients through the continual,
consistent improvement of our integrated management system. The internationally
recognised standards ISO 9001:2015, ISO 14001:2015, ISO 45001:2018, ISO
27001:2022, ISO 27701:2019 and ISO 18788:2015 underpin the Company’s
reputation and our ability to satisfy users who seek high-quality security services. We
are proud to be part of this team and understand the role of each employee, whose
individual contribution is essential to our success.
The Company’s image depends on the quality of our work, and it is up to us to
uphold its strong reputation. We strive to live our strategic values in our daily work
and in our relationships with colleagues, customers, suppliers, and other
stakeholders.
Our Code of Ethics represents who we are and what we aim to achieve—ensuring
our success as a business characterised by quality, transparency, and integrity.
I invite you to read it carefully and revisit it whenever you are unsure how to proceed
in your daily activities.
I am confident your work will continue to deliver high results with the utmost
correctness, honesty, and loyalty.
Like all of you, I am committed to achieving this goal and I thank everyone for their
tireless contributions.
Sincerely,
Veselin Nikolov – Manager
Date: 06 January 2025
Contents
1. General Provisions – Persons to Whom the Code Applies
2. Company Regulations
3. Obligation to Comply
4. Reporting Concerns and Misconduct
5. Violations
6. Doing Business with Integrity
7. Corporate Social Responsibility. Respect for Human Rights
8. Working Environment, Diversity and Inclusion
9. Health and Environment
10.Protection of Assets and Company Information
11.Personal Data and Privacy
12.Conflicts of Interest
13.Rules Against Corrupt Practices
14.Client Relations
15.Fair Competition
16.Selection of Suppliers
17.Financial Information
18.Handling of Inside Information
19.Communications with Certain External Parties
20.Measures Against Money Laundering, Terrorist Financing and International
Sanctions
21.Final Provisions – Adoption and Publication of the Code;
22.Training
1. General Provisions – Persons to Whom the Code Applies
This Code of Ethics (the “Code”) defines the fundamental rules for employees,
including members of management bodies (collectively, the “employees”) of Kremak
EOOD.
Third parties (consultants, suppliers, subcontractors, etc.) acting on behalf of the
Company are also expected to adhere to the principles set out in this Code.
2. Company Regulations
This Code is supplemented by the Company’s
Internal Labour Regulations (the
“Regulations”).
Where the Regulations set minimum standards of conduct, the Company may adopt
additional measures.
3. Obligation to Comply
All employees are responsible for knowing and complying with this Code, the
Regulations, and any other internal rules relevant to their specific tasks and activities.
Employees must take part in induction and refresher training programmes.
4. Reporting Concerns and Misconduct
The Company encourages employees to raise concerns about practices or actions
that they believe actually or potentially violate the law, this Code, the Regulations, or
other internal rules.
Reports may be submitted personally or anonymously, orally or in writing, and will be
kept strictly confidential in accordance with applicable laws and Company rules.
ATTENTION: The Rules of Conduct in this Code guide our daily work. For every new
task, we should ask not only whether it is lawful, but also whether it complies with the
Company’s Code and Regulations. Breaches of the Code endanger the Company’s
operations and reputation. Do not hesitate to report any wrongdoing you witness.
5. Violations
Breaches of this Code or the Regulations by employees may lead to disciplinary
measures in accordance with applicable local legislation. Such breaches may also
result in civil liability for damages or criminal prosecution.
6. Doing Business with Integrity
The Company conducts its business in accordance with the laws of the Republic of
Bulgaria, professional ethics, and its internal rules and regulations. Pursuing
Company goals must never conflict with honesty and integrity.
Every employee is responsible for the performance of their duties. If errors,
omissions, or deficiencies are noticed, the employee must correct them if authorised
to do so, or immediately inform their direct manager so that appropriate measures
can be taken.
Compliance with labour legislation, health and safety standards, and the laws
governing the Company’s activities, as well as with internal rules, is mandatory.
All forms of discrimination—based on age, race or ethnicity, nationality, political
beliefs, religion, sex, sexual orientation, or health status—are to be avoided in all
internal and external relations.
Employees must act honestly and with integrity, complying with internal rules, this
Code, and the Company’s commitments to sustainable development. Managers are
expected to lead by example and foster a culture of compliance.
7. Corporate Social Responsibility. Respect for Human Rights
The Company strives to contribute to quality economic and social development
based on respect for fundamental human and labour rights and environmental
protection in a healthy work environment.
Through corporate social responsibility we make a voluntary contribution to Bulgarian
society. This approach is embedded in how we work to deliver long-term, sustainable
solutions. We create, initiate, and support programmes aligned with our business.
Our CSR activities in Bulgaria focus on science, education, innovation, and road
safety. We are committed long-term to activities that benefit the widest possible
range of people.
Employees are socially engaged to:
- bring out the best in colleagues by encouraging personal development and
recognising each person’s contribution to the organisation’s success;
- place the Company’s competencies and resources at the service of the most
vulnerable to promote the social integration of people living in poverty or in
disadvantaged situations;
- contribute to environmental protection by reducing the direct and indirect
environmental impacts of their activities.
Respect for human rights and dignity is mandatory. The following are strictly
prohibited: extortion; conflicts of interest leading to abuse; torture or other cruel,
inhuman or degrading treatment or punishment; sexual exploitation and abuse or
gender-based violence; human trafficking; slavery and forced labour; child labour;
and unlawful discrimination.
8. Working Environment, Diversity and Inclusion
The Company provides a stimulating work environment without discrimination or any
form of harassment. We encourage workforce diversity and inclusion based on the
belief that collaboration among people from different cultures with different skills,
experience, and world views is vital to attracting talent and developing our business.
Employees must treat each other with respect and avoid actions that could
undermine another’s personal dignity.
Management must foster a positive atmosphere and mutual support, with a genuine
commitment to integrity, respect, cooperation, cultural diversity, and belonging.
Decisions affecting employees—including hiring, appointment, training, appraisal,
and development—are based primarily on individual merit and results, and must not
be influenced by race, ethnicity, religion/belief, sexual orientation, marital status, or
political views. Communications with employees must be open and fair. Management
encourages development of employees’ skills and abilities by providing appropriate
professional training as part of a broader people-development framework.
Management recognises employees’ freedom of association and collective
bargaining. It rejects any form of illegal labour and exploitation, including forced
labour and child labour. It stands against all forms of violence, harassment, and
mistreatment at work.
IMPORTANT – Warning signs and advice in case of workplace harassment
We must firmly reject any disrespectful behaviour, bearing in mind that the feeling of
harassment is determined by how others perceive our actions, regardless of our
intentions.
Emails and messages with sexual connotations, indecent gestures and physical
contact, and offensive or demeaning statements about someone’s personal
characteristics are prohibited and will be treated as harassment, even if framed as
teasing or jokes.
If you feel you are a victim of violence, harassment, or mistreatment at work:
a) record in writing what happened (date, time, place, context, witnesses) and keep
evidence (e.g., materials, correspondence);
b) make it clear to the offender that such behaviour is unacceptable and must stop;
c) remember that management is firmly against any form of harassment and such
behaviour is strictly sanctioned;
d) if the behaviour does not stop, report the situation—this is also a violation of this
Code;
e) you can always turn to Management for assistance.
9. Health and Environment
Company management ensures healthy and safe working conditions.
The Company guarantees fair working conditions by providing a healthy and safe
work environment.
Employees must avoid any actions that could endanger the health and safety of
others.
Employees support the Company’s efforts to protect the environment and to reduce
environmental impacts arising from their work.
10. Protection of Assets and Company Information
The Company’s tangible and intangible assets must be protected.
Tangible assets—such as property, equipment, and inventory—must be safeguarded
against damage and misuse and used solely for business purposes unless otherwise
authorised.
All information related to the Company’s activities, including information acquired
while performing tasks on its behalf, is confidential. Employees must treat such
information as strictly confidential and disclose it only on a need-to-know basis or
with specific authorisation. This applies to all documents containing confidential
information.
The Company’s intellectual property (ideas, products, methodologies, strategies, etc.)
must be protected, including through patents, trademarks, and copyrights where
applicable. The obligation to protect the Company’s IP continues after employment
ends.
All business data must be recorded accurately and comprehensively. Documentation
must be available to competent authorities and authorised personnel on request.
All documents and data—including files and electronic communications—must be
retained for the periods required by law and, where litigation is pending or reasonably
foreseeable, for longer if necessary.
Unauthorised alterations and falsification of information and documents are strictly
prohibited.
IMPORTANT: Applying the need-to-know principle means access to confidential
information is granted only for specific and legitimate purposes. Always verify the
purpose of a request for confidential information—even if it comes from another
department.
Information related to the Company’s activities must be protected throughout its life
cycle. Dispose of documents containing confidential information carefully, following
the same rules for proper handling.
11. Personal Data and Privacy
Personal data must be processed in the manner established by law, with respect for
the right to privacy.
Personal data relating to third parties (clients, employees, suppliers, etc.) must be
processed on a need-to-know basis and in accordance with local legislation.
Personal data must be collected, processed, and shared only for specific, legitimate,
and lawful purposes and only to the extent strictly necessary.
The wishes and preferences of the data subject regarding privacy must be respected.
IMPORTANT: “Personal data” means any information relating to an identified or
identifiable person, including health, family details, passport or ID data, banking
information, etc.
12. Conflicts of Interest
Employees must act in the best interests of the Company.
A conflict of interest arises when personal activities or relationships interfere—or
could appear to interfere—with an employee’s ability to act for the Company’s
benefit. Conflicts should be avoided; where unavoidable, they must be resolved in a
way that protects the Company from harm.
IMPORTANT: A conflict of interest may exist where we, members of our family, or
other close relatives could benefit because of our position or access to confidential
information, or where a relative is hired due to our intercession. Conflicts can also
arise from outside activities (e.g., as an employee, director, or consultant of another
company or non-profit) where such activity is paid for by persons seeking to establish
contacts with the Company.
13. Rules Against Corrupt Practices
The Company condemns and opposes all forms of bribery and corruption.
Employees must perform their work honestly and with integrity.
No form of corruption—including bribery or extortion—is tolerated. Employees must
not offer or accept unauthorised payments, gifts, hospitality, or other benefits.
Promises, giving or receiving of gifts in the form of cash or cash equivalents, or any
payment instruments, are prohibited. Gifts, hospitality, and other benefits related to
business activities are generally not allowed.
Given the nature of our business, we interact with public officials, public bodies and
institutions, representatives of political parties, and trade unions. In such
circumstances, employees must refrain from directly or indirectly offering or receiving
anything except what is connected to ordinary official duties, and only in accordance
with the law and generally accepted local customs. Any gifts or invitations for
entertainment addressed to public officials require the Manager’s approval.
IMPORTANT: Giving gifts is unacceptable if it is intended to exert improper or
unauthorised influence over business decisions. The same rule applies to benefits
offered to members of your family.
14. Client Relations
Client satisfaction is a key strategic factor that enables the Company to strengthen
and improve its leadership position.
In dealings with clients, employees must act honestly, sincerely, and professionally,
and refrain from misleading practices.
Employees must consider clients’ interests at all times and offer solutions best suited
to their needs. Conflicts of interest should be avoided, and where this is impossible,
they must be resolved in a way that protects the client’s interests.
When offering products and services, employees must provide truthful, accurate, and
fact-based information.
Clients must receive support even after a contract is signed, and that support must
be easily accessible.
Client satisfaction must be monitored continuously. New products and services must
be developed in line with changing client needs and identified areas for improvement.
The Company periodically adopts a strategic plan for new products and services.
IMPORTANT: When offering products and services, we are expected to safeguard
clients’ interests by informing them of all relevant aspects before purchase, during
use, and afterwards, and by enabling them to submit claims and complaints without
hindrance.
15. Fair Competition
The Company recognises the fundamental role of free competition in expanding
business opportunities and results.
Competition must be based on superior quality products and services and on fair
business practices.
Employees are prohibited from discrediting competitors or their products/services, or
from manipulating, concealing, or misrepresenting facts to gain unlawful advantage.
Practices or actions intended to restrict free and fair competition are prohibited.
When in contact with competitors, employees must observe applicable competition
laws to avoid unlawful conduct.
IMPORTANT: The following practices constitute violations of free-competition rules:
- any agreements with competitors to fix tariffs or premiums, or to limit the types
and number of products/services offered;
- any agreements with suppliers or agents aimed at restricting free competition;
- exchanging information with competitors about future product strategies and
tariffs;
- collusive allocation/selection of suppliers.
16. Selection of Suppliers
The Company ensures honesty, integrity, and transparency in its relationships with
suppliers.
Employees must act fairly and transparently with suppliers, avoiding conflicts of
interest. Supplier selection must be based primarily on fair competition and on the
quality of the products and services offered.
Quality is evaluated against international ethical criteria concerning human rights and
labour rights, and with regard to the environmental impact of the production and
delivery methods used.
17. Financial Information
Complete and accurate financial information is essential for stakeholders to make
informed decisions in their dealings with the Company.
Financial statements must present truthful, accurate, and complete data in strict
accordance with the Company’s accounting policies and applicable local standards.
Employees must handle financial data correctly and precisely, maintaining detailed,
accurate, and retrievable records for the full retention period. Misleading distortions
or falsification of documents or records are prohibited.
Managers are expected to promote a strong culture of internal control over financial
reporting.
IMPORTANT: Corporate objectives must be pursued with integrity and without any
misleading distortion or falsification of information. Report violations of this rule
without hesitation.
18. Handling of Inside Information
Employees with access to inside information must not disclose it to anyone except
colleagues who have a legitimate business need to know. Inside information may be
shared with third parties (lawyers, auditors, consultants, etc.) only where there is a
legitimate reason and appropriate confidentiality agreements are in place.
IMPORTANT: Inside information may concern, for example:
- business results, especially when unexpected;
- an unannounced launch of a new product or service;
- changes in senior management;
- changes in strategic direction;
- changes in capital structure;
- mergers, acquisitions, or sales of material assets or Company entities.
Documents from meetings of supervisory and management bodies, as well as
documents affecting senior-management decisions, often contain inside information.
Such documents must not be kept longer than their specified retention period and
must be stored under strict confidentiality.
19. Communications with Certain External Parties
All communications with the Company’s stakeholders must be accurate, open, and
timely.
Relations with the media, financial analysts, rating agencies, investors, and public
authorities are managed primarily by the specifically designated functions. Unless
authorised, employees must refrain from providing information about the Company—
or documents containing such information—to such parties.
Employees must refrain from public comments related to rumours about the
Company unless confirmed by official sources.
IMPORTANT: Posting information on social networks (LinkedIn®, Facebook®, X®,
Instagram®, TikTok®, YouTube®, etc.) means disseminating it to a wide audience.
Therefore, we must be extremely careful when disclosing Company information on
social media.
20. Measures Against Money Laundering, Terrorist Financing and International
Sanctions
The Company supports the international fight against money laundering and terrorist
financing and opposes any actions that could amount to support for such crimes.
Employees must obtain and retain adequate information about clients and the
sources of funds used in transactions, in accordance with applicable legislation and
Company policy.
Whenever employees suspect that a counterparty is attempting to use the
Company’s products or services for illegal purposes—such as money laundering or
terrorist financing—they must immediately inform the competent manager.
Relevant employees must have complete and up-to-date information on applicable
restrictive measures imposed by local authorities and international organisations
against certain countries, persons, assets, or services.
21. Final Provisions
21.1 Adoption and Publication of the Code
This Code is approved by the Company’s Manager.
To ensure general accessibility, the Code is published on the Company’s internal
network.
21.2 Training
Initial and annual refresher training programmes on regulatory compliance are
organised to ensure the Code is properly understood and effectively implemented.
Management promotes broad awareness of the Code by ensuring that all employees
are included in compliance training programmes.
END OF DOCUMENT
Stara Zagora
06.01.2025