Code of Ethics and Conduct

1. Introduction

This Code of Ethics and Conduct ("Code") is a guide that aims to provide guidance on the conduct, actions, and decisions expected from Employees (as defined below) and partners, suppliers, and service providers of CloudWalk in the work environment and in the performance of its activities. Compliance with this Code is essential to maintaining the relationship with CloudWalk, and violations or irregularities with this Code and other company standards and policies are not tolerated.

1.1. Scope

This Code is applicable to all of CloudWalk's employees, as understood as its employees, interns, and administrators ("Employees" or "CloudWalkers"). Employees must act with these values ​​and principles while conducting business. Whenever it is applicable, partners, suppliers, and service providers must also observe the provisions of this Code, as well as in any and all actions or businesses involving CloudWalk's interests.

1.2. Term and Internal Disclosure

This Code will come into effect on the date of its disclosure and will remain valid for an indefinite period. The policies contained in this document will be updated, revised, replaced, and supplemented whenever necessary. Employees, partners, suppliers, and service providers will be notified and informed of any changes made. The guidelines and conduct are expected of all CloudWalkers, which must be experienced in the company's day-to-day activities and everyone is responsible for the dissemination of the culture of integrity.

2. Work Environment

Employees must perform their activities in good faith, prudence, diligence, integrity, responsibility, honesty, loyalty, and transparency, always acting in defense of CloudWalk's interests and its customers and upholding the company's reputation. Everyone must strive to maintain a pleasant working environment, guiding their relations by cooperation, courtesy, mutual respect, and trust.

2.1. Fight Against Discrimination and Assault

CloudWalk does not tolerate nor condone the practice or demonstration of any form of prejudice or discriminatory behavior based on race, color, origin, nationality, social class, gender, sexual orientation, political option, religion, age, physical or mental disabilities, or any other characteristics, nor the practice of assault of any nature, thus understood as any embarrassing conduct, discriminatory or intimidating exposure. For CloudWalk, diversity is one of its most important assets and we are actively working on building a healthy environment, respecting everyone's individuality and identity.

2.2. Drugs and Alcohol

Celebrating small and big achievements is in CloudWalk's DNA. The maintenance of healthy habits and a respectful environment are encouraged, which is why rules related to the consumption of alcoholic beverages and drugs must be followed. The consumption of alcohol, in principle, is not prohibited in dependencies of or in activities related to CloudWalk, as long as it is moderate and in a timely manner (e.g. after business hours). The development of professional activities by Employees after the consumption of alcoholic beverages or substances with similar effects is prohibited, including, but not limited to, the use of drugs and illegal narcotics, in addition to their presence within the CloudWalk facilities under their effects.

3.  Information Security Policy

3.1. Protection and Adequate use of the assets

CloudWalk provides Employees with the work tools necessary for the development of their activities, such as computers, equipment, and access to systems, platforms, and company communication tools, such as online chat and email. Any and all content produced, sent, or received by Employees in the exercise of their activities or through the use of CloudWalk resources, such as correspondence, messages, files, and browsing history, is subject to inspection by CloudWalk at any time, without this being considered a violation of correspondence or privacy. CloudWalk may, at any time, change, include, or exclude any work tool or access to information by Employees, by its sole discretion, without any prior notice. Employees must take care of the materials and equipment provided by CloudWalk, immediately notifying their direct manager in case of damage, misuse, or loss. Once the relationship with the company is terminated, the Employees must immediately return the equipment provided, in perfect condition.

3.2 Information Security

Employees are prohibited from using, on CloudWalk installations or equipment, any computer programs that have not been made available or previously approved by CloudWalk, as well as accessing external links whose origin is unknown. Employees should avoid accessing websites or using applications that are not strictly related to their activities at CloudWalk. Each CloudWalker must use the company provided asset to perform professional activities. All information and documents must be stored in cloud-based storage previously approved by the Information Security team.

3.3. Privileged Information

Employees, partners, suppliers, and service providers are prohibited from using any information obtained as a result of providing services to CloudWalk for their own benefit or that of third parties, in conducting the business of any nature.

3.4. Confidentiality

Employees, partners, suppliers, and service providers may, in the course of their relationship with CloudWalk, have access to sensitive and confidential data and information related to CloudWalk, its employees, customers, and any third parties. Such information is considered restricted and must be kept confidential. Any confidential information that the Employee, partner, supplier, and service provider has access to must be used only and exclusively for the development of their activities, and disclosed only to those who need to know it. It is strictly forbidden for Employees, partners, suppliers, and service providers to use the data and information obtained for their own benefit, to disclose it, or reveal it to third parties, including family members, even after the end of their relationship with CloudWalk. Special attention must be given to any mention of confidential data and information outside the work environment.

3.5. Document Management

The documents written in the course of the Employees' activities must be filed physically or digitally, as the case may be, in order to protect the company in case of legal, administrative, or regulatory proceedings. Employees who perform activities related to accounting records must comply with the applicable rules, are prohibited from the use of any expedient with the purpose of disguising or changing such records.

3.6. Intellectual Property Rights

Any and all rights arising from intellectual creations, works, and materials developed or produced by Employees due to the exercise of their activities are the exclusive property of CloudWalk. Whenever necessary, Employees must carry out the necessary procedures to transfer the services, products, creations, inventions, discoveries, documents, manuals, illustrations, projects, or methods developed in the course of providing the services to CloudWalk.

3.7. Protection and proper use of the brand

Employees, partners, suppliers, and service providers who are invited or want to take part in an event, interview, podcast, panel etc. representing CloudWalk and its interests must talk to his/her direct leader, when applicable, and to the Brand Comm team before accepting it. Use of the brand, key visuals and other brand features are prohibited unless CloudWalk has given prior written consent and as long as it follows established standards for use of the brand. Any expression or manifestation on social networks or similar on behalf of CloudWalk or related to its interests, even if implicitly, must be aligned with the Brand Comm team.

4. Protection of Personal Data and Privacy

CloudWalk processes and protects personal data in compliance with data privacy laws. Personal data is processed in a safe, transparent way and in compliance with the legislation. Access to personal data is granted only when necessary. When personal data is provided, customers are informed on how the data is processed, alongside to its intended purpose, including the rights of access and correction. CloudWalk does not process personal data for purposes other than the intended. Whenever possible, anonymity and minimized data are guaranteed. CloudWalk maintains organizational security plans to protect data, assuring encryption while in transit and at rest. Employees must take care of all personal data processed by CloudWalk, immediately notifying their line manager in case of damage, misuse or loss of personal data. Employees are prohibited from using personal data processed by CloudWalk for any purposes unrelated to our business. CloudWalk recognizes the importance of security when engaging service providers who will process personal data on its behalf ("data operators"). It is guaranteed by contract that the operators of personal data will treat the data only as indicated and will maintain data protection security plans.

5. Conflict of Interests

All Employees, partners, suppliers, and service providers must conduct their activities with impartiality, always seeking to avoid or minimize the existence of conflicts of interest or potential conflict of interests, thus understanding those situations in which the personal interest has the potential to override the interests of CloudWalk or its customers. Any operation that represents a real or potential conflict of interest must, prior to its execution, be communicated to the Compliance area or to the direct manager, in the case of an Employee, being prohibited the relationship, directly or indirectly, in businesses that may enter into direct or indirect competition with CloudWalk business.

5.1. Non-Competition

Employees also undertake to not interfere in a negative way, by any means, directly or indirectly, in the CloudWalk business, influencing or inducing, for example, customers, partners, suppliers, and service providers to terminate, reduce, modify or divert business with CloudWalk. Employees must, at all times, work to serve the interests of CloudWalk and to reinforce the company's image.

5.2. Gift and Favors

In certain circumstances, the exchange or receiving of gifts may characterize bribery, corruption, or an attempt to obtain an undue advantage, especially in situations involving public officials. As a result, CloudWalkers can only and exclusively receive from third parties, including suppliers, partners, and customers, gifts or amenities that have no commercial value such as office supplies, pens, diaries, institutional items on the occasion of special events. In cases where the items offered by third parties do not fit the definition above, when it is not possible to refuse, CloudWalkers must inform their direct manager or the People team, which will raffle the item among all CloudWalkers.

6. Social and Environmental Responsibility

CloudWalk encourages conduct and actions in order to positively impact the community and the adoption of sustainable practices by its employees, partners, suppliers, and service providers aiming at the preservation of natural resources. The rational and responsible use of resources is everyone's responsibility. Wasting natural resources, such as water should be avoided, the printing of papers only as necessary, and equipment that is not in use should be turned off. It is recommended to give the correct treatment to the waste generated and guarantee recycling when possible.  For any items produced by CloudWalk the preference should be given to the use of recycled and reusable materials, when possible.

7. Combating Corruption, Money Laundering, and Financing to Terrorism

CloudWalk has internal controls and strict guidelines to be observed in combating and preventing illegal acts. Employees must maintain, in the performance of their duties, a special focus on situations involving signs of Money Laundering and Terrorism Financing in any area of ​​the company, and, at any time, report any suspicious situations to the Risk and Compliance areas, so that the situation is investigated and appropriate measures are taken. Employees must also participate in training promoted by CloudWalk and also assist in the dissemination of the culture of combating the practice of illegal acts and good practices. CloudWalk does not tolerate the involvement, even if involuntary, in criminal activities, including the inadvertent use of the company as an intermediary in any type of process that aims to hide the true source of funds from criminal activities of money laundering and financing of terrorism. Employees, partners, suppliers, and service providers must not offer or receive a promise or delivery of undue advantage, directly or indirectly, to individuals or companies of public or private initiative. These practices are treated as corruption and any illicit activity must be reported.

8. Reporting any Violations of the Code of Conduct

Upon being aware of any violation of this Code of Ethics and Conduct, the Employee, partner, supplier, or service provider must report the fact to the Compliance Team by email [email protected], or to the immediate manager. Any report will be confidential, ensuring anonymity in order to guarantee independence and security in the investigation. In case of violation of the rules contained in this Code, CloudWalk will adopt the measures it deems necessary, such as the application of the appropriate disciplinary measures, among other legal measures of administrative, civil, or criminal nature it deems applicable.