The Code of Conduct sets the standards of ethical and professional behaviour expected of everyone at botBrains. We measure what we do against the highest standards of honesty and integrity, because that’s how we build trust with our customers and protect the data they entrust to us.
botBrains is not yet ISO 27001 certified. We are preparing our ISMS and writing these policies as part of pursuing certification, and we fully intend to get our controls attested.
Scope
This Code applies to both botBrains team members and to any contractor, consultant, or supplier working on our behalf. Failure to follow it can lead to disciplinary action up to termination of the relationship, alongside any legal consequences.
Core expectations
Act honestly, ethically, and with integrity in every situation. Comply with all laws that apply to our business. When something is unclear, ask a co-founder before acting. A useful test before any decision: is it legal, is it the right thing to do, and would it stand up if it became public?
Professional behaviour
botBrains commits to a respectful, harassment-free working environment. We don’t tolerate discrimination, harassment, bullying, or violence in any form, whether in person or across any channel we use to work together. Employment and engagement decisions rest on merit and qualifications alone. Social skills and cultural fit are part of merit too.
Conflicts of interest
Avoid situations that create, or appear to create, a conflict between your personal interests and botBrains’ interests. Disclose potential conflicts to a co-founder before acting on them. Common areas include outside employment and advisory roles, investments in competitors, business opportunities found through your work, and dealings involving friends or relatives.
Anti-bribery and anti-corruption
botBrains prohibits bribery and corruption in every form. No one acting for botBrains may offer, promise, give, request, or accept any bribe, kickback, or improper payment, whether directly or through a third party, to win business or influence any decision. This applies to public officials and private parties alike, and to both company and personal funds spent on botBrains’ behalf.
- Gifts and hospitality are only acceptable when modest, infrequent, transparent, and clearly not intended to influence a decision. Anything beyond this needs prior approval from a co-founder, recorded in the Employees Only: Exceptions & Waivers register.
- Facilitation payments aren’t permitted. Report any request for one to a co-founder.
- Records of all business transactions must be accurate and complete. Don’t create false or misleading records or hide funds or transactions.
botBrains complies with applicable anti-corruption law, including the German Criminal Code provisions on bribery and the EU framework. Report suspected violations to a co-founder immediately.
Use botBrains systems and equipment responsibly and only for legitimate business purposes. Protect company and customer information and respect the intellectual property of botBrains and others. Specific obligations live in dedicated policies:
Reporting and non-retaliation
Report any suspected violation of this Code, any other policy, or the law to a co-founder through the Incident Management Policy for any concern that involves a security event. botBrains prohibits retaliation against anyone who reports a concern in good faith or takes part in an investigation.
Acknowledgement and enforcement
Personnel acknowledge this Code when they join and after material changes. Any exception requires written approval from the CISO. Violations may result in disciplinary action up to termination, in addition to civil or criminal liability.
ISO 27001 mapping
This policy supports Annex A 5.4 (Management responsibilities) and Annex A 6.2 (Terms and conditions of employment), and reinforces the disciplinary process in Annex A 6.4.
Review
The CISO owns this policy and reviews it at least annually and on any material change.