United Nations Global Compact Principles and Directives

Hereby, the company, aligned with the ten principles of the UN Global Compact, guarantees:

• The well-being of employees and the balance of power equation via the use of organograms, while firmly condemns any sort of human rights infringement.
• A safe working environment for all employees, in respect of the legal age of employment and gender equality. Therefore, Swiss Approval effectively contributes to the abolition of child labour, the elimination of force labour and gender discrimination.
• An environmentally-friendly operation policy. In association with its clients, the company is orientated towards eco-friendly methods and guidelines, empowering sustainability. As a notified organisation, Swiss Approval seeks to ensure that certain environmental standards are met.
• Transparency in business practice. The company’s profile and its long-term history are clear indicators of long-lasting trust. Swiss Approval’s strategy on decision-making, involving pluralism and fruitful criticism in projects’ progress and execution, constitutes an efficacious way of fighting against corruption and extortion.

SWISS APPROVAL Anti-Bribery Policy

Whoever we may deal with, and wherever we may operate, we are committed to doing so lawfully, ethically and with integrity.

As part of this commitment, all forms of bribery and corruption are unacceptable and will not be tolerated. We must not, and we must ensure that any third party acting on our behalf does not, act corruptly in our dealings with any other person.

This anti-bribery and corruption policy sets out SWISS APPROVAL Policies to prevent acts of bribery and corruption. These policies and procedures have been designed to comply with legislation governing bribery and corruption on a global basis.

This policy provides guidance on the standards of behavior to which SWISS APPROVAL PERSONNEL adhere and most of these reflect the common sense and good business practices that we all work to in any event. This policy is designed to help all involved people to identify, when something is prohibited, so that bribery and corruption is avoided, and provide Personnel with help and guidance.

Who this policy applies to

The fundamental standards of integrity under which SWISS APPROVAL operates, do not vary depending on where we work or who we are dealing with.

This policy applies to all officers, employees (full and part time) and temporary workers (such as consultants or contractors) (together referred to as “employees” in this document) across the SWISS APPROVAL Group, no matter where they are located or what they do. It is the responsibility of each of us to ensure that we comply with these standards in our daily working lives. This policy sets out a single standard that all employees must comply with, regardless of whether local law or practices might permit something to the contrary.

Part of commitment to prevent bribery and corruption is to ensure that the people acting on behalf of SWISS APPROVAL, also do so in compliance with effective anti-bribery and corruption policies. Accordingly, where we engage third parties such as agents, distributors or joint venture partners, we have obligations to complete sufficient due diligence when entering into arrangements, to ensure that they are not acting corruptly, and to periodically monitor their performance to ensure ongoing compliance.

Failure to comply with this policy, whether or not this is intentional, may lead to disciplinary action (up to and including dismissal), and criminal liability for the individual involved (up to and including imprisonment). Employees will be required to confirm that they have read and understood the policy and that they comply with its terms as part of their ongoing employment assessment processes. In addition, relevant employees will be required to attend training to support the guidance in this policy.

Getting help

If you are unsure about your obligations under this policy, you should contact one of the following people for help:

• in the first instance, SWISS APPROVAL Ombudsman, acting as anti-bribery and corruption officer: Via G. Corti 5, CH6828, Balerna, Switzerland.

What is Bribery? Bribery involves the following:

• when a financial or other advantage is offered, given or promised to another person with the intention to induce or reward them or another person to perform their responsibilities or duties improperly (it does not   have to be the person to whom the bribe is offered that acts  improperly); or

• when a financial or other advantage is requested, agreed to be received or accepted by another person with the intention of inducing or rewarding  them or another person to perform their responsibilities or   duties inappropriately (it does not have to be the person who receives the bribe that acts improperly).

It does not matter whether the bribe is:

• given or received directly or through a third party (such as someone  acting on SWISS APPROVAL behalf, for example an agent, distributor, supplier, joint venture partner or other intermediary); or

• for the benefit of the recipient or some other person.

Bribes can take many forms, for example:

• money (or cash equivalent such as shares); • unreasonable gifts, entertainment or hospitality; • kickbacks; • unwarranted rebates or excessive commissions (e.g. to sales agents or marketing agents); • unwarranted allowances or expenses; • “facilitation” payments/payments made to perform their normal job more quickly and/or prioritise a particular customer; • political/charitable contributions; • uncompensated use of company services or facilities; or • anything else of value.

This policy applies to both the public and private sectors. Dealing with public officials poses a particular high risk in relation to bribery and corruption and specific guidance when dealing with public officials is set out below.

A breach of bribery laws can result in fines for both the company and the individual involved and in some jurisdictions could also result in imprisonment.

Appropriate due diligence should be undertaken before any third parties are engaged. The appropriate level of due diligence will vary depending on the circumstances and you should use your judgement on a case by case basis.

Dealing with public officials

Although this policy applies to both public and private sectors, dealing with public officials poses a particularly high risk in relation to bribery due to the strict rules and regulations in many countries.

Public officials include those in government departments, but also employees of government owned or controlled commercial enterprises, international organisations, political parties and political candidates.

The provision of money or anything else of value, no matter how small, to any public official for the purpose of influencing them in their official capacity is prohibited.

In accordance with the SWISS APPROVAL Code of Ethics, political donations by or on behalf of SWISS APPROVAL are also prohibited. Compliance with the policy It is the responsibility of your local anti-bribery and corruption officer to ensure compliance with this policy in each business. Ultimate responsibility for compliance with this policy throughout the group is taken by the Group Ombudsman Officer. However, each of Swiss Approval Personnel has an obligation to act with integrity and to ensure that we understand and comply with the policy. Ongoing compliance will be monitored and reported by Internal Audit.

Training will be provided to relevant employees throughout the group to support them in complying with their responsibilities. In addition, all employees will be required to confirm that they have understood and complied with the policy annually. SWISS APPROVAL is committed to ensuring that employees can speak up with confidence if they have any concerns or need to ask for help. If Swiss Approval Personnel suspect or observe anything that they think might be in contravention of this policy, they have an obligation to report it. Everybody should raise his/her concerns with our local anti-bribery and corruption officer in the first instance. Alternatively, everybody can report the concerns to the Corporate Ombudsman.

SWISS APPROVAL will not tolerate retaliation in any form against anyone for raising concerns or reporting what they genuinely believe to be improper, unethical or inappropriate behaviour. All reports will be treated confidentially.

It is illegal to offer, promise, give, request, agree, receive or accept bribes – this anti-bribery policy can help protect SWISS APPROVAL business.

CODE OF ETHICS OF SWISS APPROVAL PERSONNEL INVOLVED IN THE CERTIFICATION PROCESS

1. Commitment: Endeavour to safeguard the welfare, health and safety of the community and its environment and give this priority before sectional or private interest.

2. Integrity: Evaluation and auditing personnel shall

3. Competence: Perform work only within their areas of competence, i.e. within their capability, qualifications, training and experience

4. Performance: Inspection and audit personnel skills and knowledge is guaranteed by the Top Management of Swiss Approval

5. No conflict of interest: To avoid potential conflict between the interests of clients, employers or the public and where this is unavoidable disclose forthwith the circumstances which may cause conflict.

6. Confidentiality: To ensure that confidential or copyright information or material obtained in the course of work, is transferred to other parties only with written authority from a duly authorised person.

7. Reporting: Inspection and audit personnel shall document reports and  objective evidences.

8. Improvement: Inspection and audit personnel shall continue to improve their competence (knowledge and skill) to adequately follow standards updates and best practice in the certification activities.

IMPARTIALITY AND NON DESCRIMINATION DECLARATION

Swiss Approval International, its management, employees and external professionals acting by a contractual agreement as administration staff, auditors, inspectors, evaluators e.tc., have identified the importance and value of certification and related activities of the certification body, declare unequivocally their commitment to objective, reliable, independent and impartial certification services.

Swiss Approval Int is responsible for the impartiality of its certification activities and shall not allow commercial, financial or other pressures to compromise impartiality, safeguarding all conditions deriving from EN ISO17021, 17065 restrictions and related international standards for certification activities independency and impartiality.

All Swiss Approval personnel (either internal or external) or committees who could influence the certification activities, act impartially. Impartiality principles and preconditions are explicitly described in the contractual agreements and appointment documents of the staff/ external professionals being involved to the certification process stages.

All personnel involved in the certification process consists of experienced and adequately trained personnel, the adequacy of which is evaluated at regular intervals to ensure continuously that the requirements for the proper functioning of the certification process, is satisfied.

Swiss Approval International services are ensured to be accessible to all applicants whose activities fall within the scope of its certification operations maintaining non-discrimination conditions.

Swiss Approval Int takes action to respond to any risks to impartiality, arising from the actions of other persons, bodies or organizations, of which it becomes aware. All relevant measures are presented and further explained in the impartiality risks’ analysis study and action plan, which is a part of Swiss Approval Int quality management system.

Swiss Approval Int activities shall not be marketed or offered as linked with the activities of an organization that provides consultancy and prohibits any statement or implication that certification granting would be simpler, easier, faster or less expensive for any reason.

The Company’s management determines and assigns the appropriate persons to the required jurisdiction and freedom of maneuver, so they are at any time able to solve problems related to the impartiality of the procedures regarding the certification activities. Meanwhile, Company’s management proposes preventive and corrective actions, confirms corrective actions and finally evaluates the results thereof.

CONFIDENTIALITY AND DATA SECURITY DECLARATION

Swiss Approval International overbidding the importance of data security and confidentiality safeguard of the information handled, therein, as a result of the procedures and requirements of certification services, has adopted the present policy “Confidentiality and Data Security’.

The company’s management ranks the protection of confidentiality, impartiality, integrity, availability and exchange of information as vital- significant and with financial- impacts, including personal information of clients, reports, audit lists and certification documentation, records of bodies stored in databases as primary goal for the smooth and efficient operations and customers’ satisfaction.

The main objectives of Information and Data Security Policy are:

• the full satisfaction and safeguard of customers’ data confidentiality
• the compliance with legislative and regulatory requirements
• the Information security
• the assurance of security of the evaluation, inspection and certification documentation and related material, taking into account the following:
  • the locations of the materials (e.g. transportation, electronic delivery, disposal, storage,)
  • the nature of the materials (e.g. electronic, paper, testing equipment)
  • the steps in the certification process (e.g. application, review, coordination, results’ and evaluation reporting)
  • the threats arising from the certification process itself.

Concerning special provisions for personal data protection, the following are ensured:

1.       Lawful, fair and transparent processing

1. To ensure its processing of data is lawful, fair and transparent, the CB shall maintain a Register through its CRM functions.
2. Individuals have the right to access their personal data and any such requests made to the CB shall be dealt with in a timely manner.

2.       Lawful purposes

1. All data processed by the CB must be done on one of the following lawful bases: consent, contract, legal obligation, vital interests, public task or legitimate interests.
2. The CB shall note the appropriate lawful basis in the respective agreements / consents with individuals.
3. Where communications are sent to individuals based on their consent, the option for the individual to revoke their consent should be clearly available and systems should be in place to ensure such revocation is reflected accurately in the CB’s systems.

3.       Data minimisation

1. The CB shall ensure that personal data are adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
2. [Add considerations relevant to the CB’s particular systems]

4.       Accuracy

1. The CB shall take reasonable steps to ensure personal data is accurate.
2. Where necessary for the lawful basis on which data is processed, steps shall be put in place to ensure that personal data is kept up to date.
3. [Add considerations relevant to the CB’s particular systems]

5.       Archiving / removal

1. To ensure that personal data is kept for no longer than necessary, the CB shall put in place an archiving policy for each area in which personal data is processed and review this process annually.
2. The archiving policy shall consider what data should/must be retained, for how long, and why.

6.       Security

1. The CB shall ensure that personal data is stored securely using modern software that is kept-up-to-date.
2. Access to personal data shall be limited to personnel who need access and appropriate security should be in place to avoid unauthorised sharing of information.
3. When personal data is deleted this should be done safely such that the data is irrecoverable.
4. Appropriate back-up and disaster recovery solutions shall be in place.

7.       Breach

In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, the CB shall promptly assess the risk to people’s rights and freedoms and if appropriate report this breach the responsible authorities.

This policy applies to all personal data processed by the CB.

The Responsible Person shall take responsibility for the CB’s ongoing compliance with this policy

COMPLAINS / APPEALS FLOW CHART DIAGRAM, RELATED TO CERTIFICATION BODY [CB] AND CERTIFICATION CENTRES [CC]

For the submission of any complains or appeals against Swiss Approval certification process, use the following email address: support@swissapproval.com

CERTIFICATION / INSPECTION / CONFORMITY ASSESSMENT SERVICES TERMS, RELATED TO CERTIFICATION BODY [CB] AND CERTIFICATION CENTERS [CC]

To be informed on Swiss Approval’s Certification / Inspection / Conformity Assessment Services Terms, related to Certification Body [CB] and Certification Centers [CC], please contact info@swissapproval.ch

CERTIFICATION / INSPECTION/ CONFORMITY ASSESSMENT SERVICES TERMS

A. GENERAL TERMS AND CONDITIONS FOR CONFORMITY ASSESSMENT AND CERTIFICATION SERVICES

1.     APPLICATION FIELD.

The following Terms and Conditions:

1.1 Apply to the agreed certification services plus any complementary services provided within the scope of Certification Terms and any other related activity.

1.2 Prevail over any agreements of Business.

2.     SCOPE OF SERVICES – CERTIFICATION BODY OBLIGATIONS

2.1 «Swiss Approval International» (hereinafter referred as ‘’Certification Body’’ or SA) divisions evaluate, assess and certify products, systems and processes of manufacturers and service providers according to Private, National or International Standards for which:

• «Swiss Approval International» holds related accreditations, approvals or recognitions so called «accredited certification», either
• As per Private, National or International standards for which ‘’Certification Body’’ does not hold accreditation, so called «typical certification» and also
• Provides own third-party certification services, so called «in-house standards’ certification».

2.2 The agreed services shall be provided in line with the generally accepted rules of art and science, and in compliance with the Regulations applicable at the time of contract conclusion. Unless otherwise agreed in written or unless a certain approach, compulsory on the basis of mandatory regulations, applies, the ‘’Certification Body’’ shall also be authorized, at its reasonable discretion, to make own decision concerning the method and type of assessment.

2.3 The ‘’Certification Body’’ carries out:

• Accredited certification as per the standard agreed in the contract and/or the rules and regulations referred to therein, including the generally applicable accreditation standards pertaining to the specific certification standard, the certification standards plus all relevant application guidelines and the accreditation requirements defined by the competent Accreditation Body. The client shall bear any additional costs incurred thereby, unless the ‘Certification Body’ is supposed to bear these additional costs.
• «Typical certifications» in line with the respective national or international standards.
• Certification procedures to issue in-house certificates, in line with the rules and regulations established by the ‘’Certification Body’’.

2.4 After the successful completion of the certification process, the appropriate certificate will be issued as set forth in Article 4 of this Certification Terms’ document.

2.5 The ‘‘Certification Body’’ assigns approved Auditors/ Assessors to the certification process, selected from its registrar taking into account the specificities of each enterprise/organization.

2.6 The client shall be free to raise objections against the audit plan and the appointment of certain Auditors or technical experts, by submitting to the Certification Body, objective facts and reasons for such an objection.

2.7 Repeated non-acceptance of the dates/ Auditors or continuous applications for postponements or changes in the dates of the audits or composition of the Audit Teams will be considered by the

‘‘Certification Body’’ and may constitute a reason for revoking the certificate.

2.8 In accredited certifications the ‘‘Certification Body’’ is entitled to permit Assessors of the relevant Accreditation Body to witness the audit; therefore, the client shall accept the presence of representatives of the accreditation body during the on-site audits/ assessments.

2.9 The ‘‘Certification Body’’ is required to register the enterprise/organization in the certified companies registrar and to publish the certificates upon request.

2.10 The ‘‘Certification Body’’ is obliged to inform the enterprise/organization for changes of the existing standards under which the certificate was granted in order to plan the upcoming changes in the management system or disclaims the enterprise/organization certificate.

2.11  The Certification Body is obliged to provide the audit report of an organization, in case of a regulatory/public authority request. The organization will be formally notified regarding the matter from SA.

3.     CLIENT’S OBLIGATION TO PARTICIPATE AND GENERAL RULES FOR THE CERTIFICATION AUDIT.

3.1 The client shall submit all information required for certification as per the relevant standard. This information can be submitted by completing the «Information Questionnaire» and any other form requested according to the certification procedure per case.

3.2 The customer may be requested to forward to the ‘’Certification Body’’ the MANAGEMENT SYSTEM/ CERTIFICATION SCHEME implementation documentation (e.g. operating license, manual and procedures, FSMS: food safety hazards identification and analysis-HACCP study & PRPs-control measures and combinations-legislation-verification and validation-communication, Statement of application–risk assessment, documentation on the design of the ITSMS covering the documentation required in Clause 4.3.1 of ISO/IEC 20000-1 etc.) as requested by each Standard/ Certification Scheme/ Assessment frame for the evaluation of prerequisites and other requirements’ fulfillment.

3.3 Cross-reference matrix (standard elements crossreferenced to the management system documentation of the organization if requested)

3.4 Organizational plan/organizational chart

3.5 Presentation of processes and their interfaces and interactions

3.6 List of controlled management documents

3.7 List of official and legal requirements

3.8 Other documents mentioned in the quotation and the conformity frame criteria.

3.9 The client shall disclose all records/ documents associated with the certification scope of application to the ‘‘Certification Body’’ Audit Team and shall guarantee the access of the Audit Team to the organizational units being involved.

3.10 On request, the client shall be obliged to submit all correspondence and all measures associated with normative documents and the requirements set forth in the applicable certification standard to the Auditor(s) during the audit.

3.11 The client is required to provide accurate and truthful information to Auditors/ Assessors with regards to its management systems and facilitate the audit procedure by taking appropriate organizational measures and taking the obligation to involve representatives and the responsible personnel. The staff will be available throughout the duration of the audit for providing information and explanations to the Audit Team in a common speaking language (at least English in case of foreign Auditors).

3.12 The client shall appoint one or several representatives who shall support the ‘‘Certification Body’’ Auditor(s) in performing the contractually agreed services and act as the client’s contact persons.

3.13 Following to the certificate issuance, the client shall be obliged, throughout the term of the contract, to communicate all changes which significantly affect the management system or the certified service/ product, including in particular:

• Changes in the certified management system.
• Changes associated with the design or specification of the certified service/ product (if applied).
• Changes in the organizational structure and the organization itself.

3.14 The client shall be obliged to record all complaints concerning the compliance of a certified process with the requirements of the certification standard that are addressed to the client, initiate appropriate corrective action, document the implementation of corrective action and, on request, demonstrate them, to the Auditor during the audit.

3.15 The client and the ‘‘Certification Body’’ may agree on the performance of a preliminary audit and jointly define the scope of this audit.

3.16 The effectiveness of the established management system or compliance criteria shall be verified during the audit carried out at the clients’ site(s), during which the client proves that it applies its documented procedures in practice. Standards or standard elements that are not complied with and for which the client must provide corrective action shall be documented in non-conformity reports.

3.17 Following to audit completion, the audit result will be communicated to the client in a meeting or equivalent activity, and subsequently documented in an audit report. Non-conformities will be documented and may lead to a re-audit or submission of revised documentation, if required by the results. The scope of the repeated audit will be determined by the Lead Auditor. The re-audit focuses exclusively on those elements of the standard for which non-conformities were identified.

3.26 The client shall comply with the statutory and regulatory requirements applicable to the safety and performance of the medical devices (where applicable). The maintenance and evaluation of legal compliance is the responsibility of the client organization. Swiss Approval is responsible for verifying that the client organization has evaluated statutory and regulatory compliance and can show that appropriate action has been taken in cases of non-compliance with relevant legislation and regulations, including the notification to the Regulatory Authority of any incidences that require reporting. Swiss Approval may release the audit report to the competent authorities upon request.

3.27 The certified client must inform without delay, the occurrence of a serious incident or breach of regulation necessitating the involvement of the competent regulatory authority. The information provided shall also include the identification of the key hazards and occupational health and safety risks associated with processes and any relevant legal obligations coming from the occupational health and safety legislation. The application shall contain details of personnel working in or/and away from the organizational premises.

3.28 Integrated management systems covering various standards and requirements may be certified by means of a combined certification procedure. Depending on the standards and requirements involved, these combined certifications will be offered individually but under a unified procedure and contract.

3.29 In case of critical subcontracted processes (e.g. part of/ the whole production or services’ provisions is conducted by a sub-contractor or sub-contractors of behalf of the company and this is included at the scope of the certification) the audit shall also include an on-site audit visit at the subcontractors’ facilities. This must be recorded in the audit note, prescheduled at the audit plan and documented to the respective audit report. No additional man-days are needed and, the audited facilities of the subcontractor will be treated as a customer’s department and not as separate client. In such cases, the sub contractor’s effective personnel are added to the total employees of the costumer in order to calculate the audit man-days. Subcontractors are recorded by the customer at the questionnaire for offer preparation and reviewed by the contract reviewer. Contract reviewer in cooperation MS Chief officer defined the effective personnel and the subcontractors needed to be audited according the following criteria:

• Product’s / service’s provided by the subcontractor’s significance
• Non-conformities, findings from previous audits
• Sub-contractor’s existing certification according the same auditing standard
• Sub-contractor’s participation in the whole productivity of the company
• Already audited at previous audits by the CB
• Complexity of the processes
• Not audited at all at previous audits
• Sub-contractors’ reputation in the market

3.30 The costs incurred for additional efforts caused by unscheduled audits, scope modification audits or reaudits and the verification of corrective actions to eliminate non-conformities revealed in previous audits shall be borne by, and invoiced to, the client on a time and cost basis.

4. RIGHT USE OF CERTIFICATES, LOGOS AND CERTIFICATION SEALS – MARKS

4.1 Once the agreed certification procedure is completed successfully, the ‘‘Certification Body’’ issues the corresponding certificate and forwards it to the client.

4.2 The certificate shall be valid for the period of three (3) years, by yearly intermediate assessment, submission of documents and/ or follow up audits, unless the respective certification scheme/ conformity frame indicates otherwise.

4.3 Along with the issued certificate as outlined in the previous paragraph, the client shall be granted the simple, non-transferable and non-exclusive right to use the ‘‘Certification Body’s’’ certification mark, throughout the defined certificate validity as outlined in the following Articles. This also applies to certification references in communication media, such as documents, brochures or advertising materials.

4.4 The permission to use the certificate, logos and certification marks issued by the ‘‘Certification Body’’ shall apply exclusively to the areas of the client’s organization quoted in the certificate’s scope of application. Use of the certificate and/or the certification mark for areas not quoted in the scope of application shall be prohibited.

4.5 Certification marks related to the management system certification or conformity assessment for services and processes may only be used by the client in direct connection with the name or logo of the client’s organization.

4.6 The clients are not permitted to attach or use SA logos and certification marks (or other relative seals) in reference to their products or to product packaging, laboratory test reports, calibration notes or first / second party inspection reports.

4.7 The use of any statement on product packaging or in accompanying information that the certified client has a certified management system is allowed under certain conditions. Product packaging is considered as that which can be removed without the product disintegrating or being damaged. Accompanying information is considered as separately available or easily detachable. Type labels or identification plates are considered as part of the product. The statement shall in no way imply that the product, process or service is certified by this means. The statement shall include reference to:

— identification (e.g. brand or name) of the certified client;

— the type of management system (e.g. quality, environment) and the applicable standard; — the certification body issuing the certificate.

4.8 The client shall further avoid creating the impression that certification is a public authority or official inspection, and/or that system certification is a form of product testing.

4.9  The client is obliged to comply to the following rules

4.9.1   To demonstrate/claim that it is certified only for the activities and scope (s) for which the certification is awarded

4.9.2 Not to use the certification in such a way which might result to a discredited reputation for SA and not to make any statement concerning the certification, which might be perceived as misleading or unauthorized by SA

4.9.3 To use the certification only for indicating that the certified operations/ products are in compliance to the defined standards or to other standard relative documents and not to use the certification as a declaration of conformity for its product/ services and/or services by SA

4.9.4     Not to use the SA/ certification logo (s) in way as to indicate product/ service’s compliance verification

4.9.5     Not to use any document, indication or reference to the certification in a misleading and improper way

4.9.6     Τo comply with the SA requirements when publishing     information        related to            the certification to the media, as various documents, flyers, advertisements

4.9.7     To           bring      into        SA’s        consideration     the documents/forms and the locations where the logo is used, as well as the advertising material that refers to the certification and ask for the SA consensus

4.9.8 To inform SA of the cases where the system cannot comply with the requirements of the standard

4.9.9 To inform SA of the critical changes affecting the certified operations (structural change, expanding activities, replacement of the company’s quality representative e.tc.)

4.9.10 To accept the presence of the Assessors of the audit/ assessment process and of any other representatives of the accreditation bodies supervising and monitoring SA services.

4.10 The client shall not be authorized to change the certificate, logos or the certification mark.

4.11 The client undertakes to demonstrate in its advertising and similar materials that certification is voluntary, and carried out on the basis of a civil law contract.

4.12 The client’s right to use the certificate, logos and/or the certification mark shall expire if the client no longer holds a valid certificate, in particular if the certificate’s period of validity has expired or the required follow-up audits have not been carried out. 4.13 The client’s right to use the certificate, logos and/or the certification mark shall expire with immediate effect, without requiring termination, if the client uses the certificate and/or the certification mark in violation of the provisions set forth in Articles above or contrary to other terms of this contract.

4.14  The client’s right to use the certificate, logos and/or the certification mark shall expire with immediate effect upon termination as described in Article «termination of agreement» in the frame of the «Certification Contractual Agreement».

4.15  The right of use shall also expire automatically if maintenance of the certificate is prohibited by administrative regulations or court.

4.16 In cases involving expiry of the «right for use», the client shall be obligated to return the certificate to «Swiss Approval International» without delay.

4.17  In cases involving violation of contractual terms and conditions «Swiss Approval International» reserves the right to claim damages.

4.18  Certification may not be used in a manner which may harm «Swiss Approval International» reputation or the reputation of any other subsidiary of «Swiss Approval International» Group.

4.19  The client shall not be entitled to make statements about certification, which SA may consider unauthorized and misleading.

4.20  If it is foreseeable that the client is temporarily unable to fulfil the certification requirements, the certification can be suspended. During certificate

suspension, the client may not use the certification in its advertising.  In the «list of certified organizations» as outlined in the related Article, the status will be updated to «suspended».

4.21 If the reason underlying suspension is not remedied within the agreed timeframe, the certification will be withdrawn.

5.     Appeals – Complains

5.1 In case of complaints and appeals against a certification decision, the authorised Boards / Managers of the ‘‘Certification Body’’, are asked to resolve the complaint or appeal and respond to the complainant/ appellant.

5.2 The ‘’Certification Body’’ applies a documented process to receive, evaluate and make decisions on appeals.

5.3 The ‘’Certification Body’’ ensures that the persons engaged in the appeals-handling process are different from those who carried out the audits and made the certification decisions.  Submission, investigation and decision on appeals shall not result in any discriminatory actions against the appellant.

5.4 The ‘’Certification Body’’ shall give formal notice to the appellant of the end of the appeals handling process.

5.5 The ‘’Certification Body’’ is responsible for all decisions at all levels of the complaints handling process. Submission, investigation and decision on complaints shall not result in any discriminatory actions against the complainant.

5.6 In case of submitted complaints by the customers of a certified client, the Certification Body shall announce valid complaints to the certified client at an appropriate time.

Without prejudice to specific statutory or regulatory requirements, the ‘’Certification Body’’ shall determine, along with the certified client and the complainant, whether and, if so to what extent, the subject of the complaint and its resolution shall be made public.

6.     CONFIDENTIALITY

6.1 «Confidential information» is hereby defined to include all information, documents, images, drawings, know-how, data, samples and project documentation which one party (disclosing party) hands over, transfers or otherwise discloses to the other party (receiving party). Confidential information also includes hardcopies or electronic files of such information.

6.2 The disclosing party shall mark all confidential information disclosed in written form as confidential before passing it on to the receiving party. The same applies to confidential information transmitted by email. If confidential information is disclosed orally, the receiving party shall be appropriately informed in advance.

6.3 All confidential information which the disclosing party transmits or otherwise discloses to the receiving party:

• May only be used by the receiving party for the purposes defined above, unless expressly otherwise agreed in written with the disclosing party;
• May not be copied, distributed, published or otherwise disclosed by the receiving party. An exemption from the above rule applies to confidential information, which must be passed on to supervisory and/or accreditation bodies within the scope of an accreditation procedure;
• Must be treated by the receiving party with the same level of confidentiality as the receiving party uses to protect its own confidential information, but never with less than the objectively required due diligence.

6.4 The receiving party shall disclose any confidential information received from the disclosing party only to those of its employees who need this information to perform services required for the subject matter of the certification and conformity assessment services. The receiving party undertakes to place these employees under the obligation to observe the same level of confidentiality as that set forth in this non-disclosure clause.

6.5 Information for which the receiving party can furnish proof that:

• it was generally known at the time of disclosure or has become general knowledge without violation of this agreement, or
• it was disclosed to the receiving party by a third party entitled to disclose this information, or
• the receiving party already possessed this information prior to disclosure by the disclosing party, or
• the receiving party developed it itself, irrespective of disclosure by the disclosing party; is exempted from the above confidentiality rules.

6.6 All confidential information shall remain the property of the disclosing party. The receiving party hereby agrees to immediately:

• Return all confidential information, including all copies, to the disclosing party, and/or, on request by the disclosing party,
• Destroy all confidential information including all copies, and confirm the destruction of this confidential information to the disclosing party in written, at any time if so requested by the disclosing party but at the latest and without special request after termination or expiry of this contract. Excluded from the above shall be all reports and certificates, which the ‘Certification Body’, in performance of its contractual obligations hereunder, prepared exclusively for, and which remain with, the client. The ‘Certification Body’ is entitled, however, to retain copies of these reports and certificates and of any underlying confidential information to furnish proof that our results are correct and to fulfil general documentation purposes.

6.7 From the start of the initial certification of the client and for a period of five years after termination or expiry of the certification, the receiving party shall maintain as strictly undisclosed, all confidential information and shall not disclose this information to any third parties.

7.     TERMINATION OF CERTIFICATION TERMS

7.1 Both parties shall be entitled to terminate the certification contract observing a period of 6 months to the end of the contract.

7.2 The ‘Certification Body’ is also entitled to terminate the certification contract without notice for important reason as described in the current contract and its related regulatory documents.

7.3 For the purpose of this contract «important reason» for the Certification Body shall be defined as follows:

• The client fails to notify the ‘Certification Body’ without delay of any changes or indications of changes in the organization which are relevant for certification,
• The client misuses a certificate and/or certification mark or uses them contrary to the present Terms,
• Insolvency proceedings are opened in respect of the client’s assets or an application for such insolvency proceedings is rejected due to lack of assets.

7.4 In addition to the above,  the ‘Certification Body’ shall be entitled to terminate the contract without notice, should the client be unable to comply with the time periods the ‘Certification Body’ scheduled for auditing/service provision as applicable to a certification procedure and should withdrawal of the certificate consequently be necessary (e.g. conducting of follow-up audits).

8.     LIST OF CERTIFIED ENTERPRISES AND ORGANIZATIONS

8.1 The ‘Certification Body’ maintains a list of certified organizations and their scopes of application.

8.2 Suspended certifications and withdrawn certificates, as well as withdrawn certificates in the case of failure to comply with the required timeframe for auditing / service provision (e.g. performing of follow-up audits), are also incorporated into this list.

8.3 The ‘Certification Body’ is entitled to communicate upon request such information about the client’s certification, as it is required that the “Certification Body” make publicly accessible information about certifications granted, suspended or withdrawn.

9.     CERTIFICATE REPLACEMENT

9.1 Observing a period of 1 month of notice, the ‘Certification Body’ is entitled to replace issued certificates by new certificates (replacement certificates) at any time in the event of a change in the accredited certification body name/ data on the certificate, provided that the replacement has not caused a change in the certification scope.

9.2 In the event of replacement, the client will be obligated, as stated in the related Article, to return to the Certification Body the certificate to be replaced, without delay.

B. SPECIFIC TERMS AND CONDITIONS FOR ACCREDITED CERTIFICATION

10. CERTIFICATION VALIDITY PERIOD

10.1 The certificate shall be valid for a period of 3 years, upon condition of successful yearly intermediate assessments, submission of documents and/ or follow-up audits.

11. CERTIFICATION AUDIT

11.1 Certification audits consist of obtaining an overview of the management system and its maturity (status of implementation) as well as of the establishment and compliance with the defined management system or conformity criteria (as described in detail in Article 2).

12. FOLLOW UP AUDIT

12.1 To maintain validity of the certificate, on-site follow-up audits and/ or documents’ submission and review shall be carried out at least annually, at 12-month intervals if possible. The due date is calculated from the day of the certification decision. Follow-up audits may be carried out up to 3 months before, but at the latest exactly on, the due date.  It might be necessary to adjust the frequency of surveillance audits to accommodate factors such as seasons or management systems certification of a limited duration (e.g. temporary construction site).

12.1 Surveillance audits shall be conducted at least once a calendar year. The date of the first surveillance audit following initial certification shall not be more than 12 months from the certification decision date.

12.2 To ensure these deadlines are observed even if dates have to be postponed at short notice, follow-up audits should be scheduled at the beginning of the above 3-months tolerance period if possible.

13. AUDIT FINDINGS AND MANAGEMENT OF NON-CONFORMITIES

During an audit the various findings are classified into the following categories:

13.1 Proposals for Improvement:  Proposals for Improvement:

• Those define the fields/sectors where the auditors/ assessors identify weak points or potentials for improvement and which if are not corrected may cause a future failure or inefficiency of the system or refer to systemic goals that can help the continued improvement of the management system.

13.2 Non-Conformities: The findings that are notified as “Non- Conformity” -“NC” indicate the points where the requests of the standard are not satisfied.

13.3 Depending on the severity and the certification scheme, non-conformance can be classified as follows:

• Major: Systemic deficiencies such as omission of a quality system element or gross non-conformance with elements – A significant number of minor deficiencies occurring in an element. Note: If the deficiency can lead to a massive product recall, or is safety-related such as food poisoning in a food industry, and in means can affect safety and security issues – In such a case the audit could be terminated.
• Minor: Isolated occurrences – A single deficiency found that does not affect the capability of the management system to achieve the intended results.

13.4 If during the initial audit/ assessment serious issues such as significant number of Major nonconformities are identified, (i.e. the enterprise/organization’s operation does not comply in a great extent with the requirements of the standard), the Auditor shall communicate with the technical reviewer in order to decide if the audt team may continue as a preliminary audit/ assessment or to interrupt the process in order to give to the customer essential time to restore the “NonConformity”.

13.5 If during the surveillance assessment a Major nonconformities are identified, the Lead Auditor shall communicate with the technical reviewer in order to initiate a review and determine whether certification can be maintained (e.g. decide if a reaudit is required). The approval of the non-conformities is done through the company’s information system.

13.60

A. Numerous similar minor deficiencies in any one area or function may become a major deficiency.

B. Especially for <energy management systems> classifying nonconformities as major, in addition to the above cases, could be the existence of the following:

• audit evidence that energy performance improvement was not achieved;
• a significant doubt that effective process control is in place.

13.7 Non-Conformities are consequently documented on the “Non Conformity Form’’. Non-Conformities form is issued and announced (if applicable) in the frame of the Closing Meeting.  In specific, it is compulsory that the non-conformities report is co-signed by the Management representative of the company and the lead auditor/ assessor.

14. SUSPENDING, WITHDRAWING OR REDUCING THE SCOPE OF CERTIFICATION

14.1 The Certification Body shall suspend certification in cases when, for example the enterprise/organization’s certified management system has persistently or seriously failed to meet certification requirements, including requirements for the effectiveness of the management system; the certified enterprise/organization does not allow surveillance or recertification audits to be conducted at the required frequencies; the certified enterprise/organization has voluntarily requested a suspension; the contract’s financial terms are not fulfilled by the enterprise/organization;  the certified enterprise/organization has caused a serious health and safety incident or regulation violation necessitating the involvement of the competent regulatory authority.

14.2 Under suspension, the enterprise/organization’s management system certification is temporarily invalid.

14.3 The Certification Body shall restore the suspended certification if the issue that has resulted in the suspension has been resolved. Failure to resolve the issues that have resulted in the suspension in a time established by the Certification Body shall result in withdrawal or reduction of the scope of certification.

14.4 In most cases, the suspension should not exceed six months.

14.5 The Certification Body shall reduce the scope of certification to exclude the parts not meeting the requirements, when the certified enterprise/organization has persistently or seriously failed to meet the certification requirements for those parts of the scope of certification. Any such reduction shall be in line with the requirements of the standard used for certification.

15. RE-CERTIFICATION

15.1 To renew certification for another three-year period, a Re-Certification audit shall be held at the client’s organization prior to expiration period of certificate validity.

15.2 The procedure is similar to that of a certification audit but information enquiry is essential in order to re-determine the certification project elements. A respective offer and contract is agreed and signed.

15.3 Following expiration of certification, the Certification Body can restore certification within 6 months provided that the outstanding recertification activities are completed, otherwise at least a stage 2 shall be conducted. The effective date on the certificate shall be on or after the recertification decision and the expiry date shall be based on prior certification cycle.

16. MULTI – SITE CERTIFICATIONS

16.1 Multi-site certifications may be applied to organizations maintaining multiple production sites or branches functioning exclusively as field offices.

16.2 Multi-site certification is possible if the following criteria are additionally fulfilled:

• All sites maintain a legal or contractual relationship with the organization’s headquarters.
• Services/processes are basically identical at all sites and are produced using identical methods and procedures.
• Uniform management system/conformity criteria compliance has been defined for, and is established and maintained in, all branches/production facilities.
• The entire management system is monitored centrally under the direction of the Management Representative at the organization’s central office, who is authorized to issue management system related instructions to all branches/offices / production sites.
• Internal audits and management reviews have been carried out at all branch/offices / production sites.
• Certain areas carry out centralized activities on behalf of all branch offices/production sites, e.g. product and process design and development, purchasing, human resources (HR), etc.

16.3 In cases of multi-site certification, the auditing of sites may be spread over certification and follow-up audits period. Headquarters must be audited annually in addition to the sampled sites.

17. CLIENT’S OBLIGATION TO PRELIMINARY AGREE AND GENERAL RULES FOR MYSTERY AUDITS (IF APPLICABLE)

17.1 Mystery Audits are applied in the Service Industry only.

17.2 Mystery Audits can be part of a typical certification process or be a service “stand-alone” for conformity assessment.

17.3 Client agreement on number of audits/year should be obtained.

17.4 Client agreement on checklist applied should be obtained.

17.5 Audit costs, including consummation of services and products, will be totally charged to the Client, after the end of Mystery Audit process.

18. UNANNOUNCED – SPECIAL AUDIT

18. 1 The “Certification Body” maintains the right to execute a special audit whose costs are undertaken by the customer:

• When within the system of a certified enterprise/organization there have been structural changes (change in ownership, changes in personnel or equipment) but without changes to the scope of certification.
• If there is documented evidence or indications that the certified enterprise/organization no longer meets the requirements of the certification standard and legislation (e.g. after complaints or other information brought to the attention of  “Certification Body”). It may be necessary for the Certification Body to conduct audits of certified clients as short notice or unannounced to investigate complaints, or in response to changes, or as follow up on suspended clients.
• To check the compliance of the business to changes of the standard or the relevant legislation after agreed by the customer.
• When corrective actions for closing NCs are required. The possibility of a short notice on site visit also applies.

18.2 Both SA and AB have the right to perform an unannounced audit to the customer in case of:

– complaints and appeals towards either SA or the client
– monitoring SA’s performance

APPENDIX (REGULATION 11-41-001-A002)

CODE OF ETHICS OF SWISS APPROVAL CERTIFIED CLIENTS:

Certified customers are required to:

1. Act in ethical manner and professionally.
2. Comply with the relevant provisions of the certification scheme under which they are assessed and certified for.
3. Comply with the certification requirements and supply any information needed for the assessment.
4. Make claims regarding certification only with respect to the scope for which certification has been granted.
5. Help to increase the prestige of the certificate and not to use it in a misleading manner.
6. In the event of suspension or withdraw of Certification, the below signed Certified Enterprise, shall refrain from: a) the use of all references (stamps, logos, certificates, etc.) to a certified status, b) any further promotion of the certification.
7. In the event of suspension or withdraw of Certification, the Certified Enterprise, agrees to return any certificates issued dy the certification body or stamps or other material, to the          Certification Body, by own expenses.
8. Not to disseminate false or misleading information that may compromise the integrity of the certificate or the certification process.
9. Not to use the certification in such manner as to bring the certification body into disrepute and not to make any statement regarding the certification that SA considers as misleading or unauthorized.
10.  Not to release confidential/business information or materials of “Certification Body” or engage in subterfuge practices.
11. Act in a manner that would not adversely affect the name of the “Certification Body”.
12. Cooperate with the “Certification Body”, fully investigated an accident where a possible violation of this Code is detected.
13. Inform the “Certification Body” about any complaints that are made against relating to the adequacy of the certificate.
14. Inform the “Certification Body” about issues that may affect the ability of the certified enterprise to continue to meet certification requirements.
15. Inform the “Certification Body” about the conflicts that may be exist between its scopes, employees, and the certification process involved personnel.
16. Bond its employees by the current code and its principles.
17. Keep and comply with the present Code of Ethics for SA Certified customers.

SWISS APPROVAL INTERNATIONAL INSPECTION AND CERTIFICATION BODY [SAIICB]

Declaration of Data protection. Data protection provisions

The SWISS APPROVAL Group is pleased by your interest in our services and your visit to our website. Data protection and security for our customers and users have always been of great significance in our Group. Therefore, the protection of your personal data is very important and of special concern to us.

This declaration on data protection explains what information SWISS APPROVALAG collects while you are visiting the website and how this information is used.

If a link redirects you to another website that does not belong to and is not operated by the SWISS APPROVAL Group, you can see the link in the changed address line in your browser. This data protection declaration does not apply to these websites.

Personal data

You can visit our website without having to provide any personal information.

Some websites may require you to register. In the case of our website, you will be asked to send us certain personal information if you would like for us to contact you. Generally, we only collect as required fields the data that we absolutely need to perform the respective task or process the respective inquiry. Additional personal information is voluntary. You certainly have the option not to supply us with the information indicated as required. In this case, we will not be able to make available to you the desired products, services or information.

If you share your personal information with us, your data is handled with the utmost care. The SWISS APPROVAL Group strictly maintains the confidentiality of your personal data in accordance with the provisions of the Swiss Federal Law and other laws on the protection of your privacy and informational self-determination.

In addition, SWISS APPROVAL will not disclose your data to third parties unless it is necessary for a particular business transaction and you have given us your consent. Before entering the data, we will inform you of these specific circumstances.

Newsletter

If you would like to receive our e-mail newsletter, we will need a valid e-mail address from you for this purpose. Additional personal information is voluntary. You can find additional information on this in the data protection notices which will be available to you if you subscribe to the newsletter. You may certainly unsubscribe to the newsletter at any time.

Usage data

If we plan to use usage data from your visit on our website in order to improve an individual service, we will seek your express consent during an Internet dialog regarding this. We will also inform you about the type and scope of the data collected. If you do not want to give your consent, you may continue any dialog without data being collected or stored or cancel or end the dialog.

Website tracking

This website uses specific technology to collect visitor behaviour data. This data are collected anonymously to be used for marketing and optimization purposes. All visitor data is saved using an anonymous user ID and can be aggregated to a usage profile. Cookies may be used for this purpose, but only to collect and save data in anonymous form. The collected data will not be used to identify a visitor personally and is not aggregated with any personal data.

Your rights

In accordance with the regulations of Swiss Federal Laws, you entitled to free information about your personal data stored, its origin, its recipients and the purpose of storage and have the right to correct, block or delete this data.

You may permanently revoke the consent you granted us at any time.

You may notify us informally to exercise your rights:

Cookies Policy – Use of Cookies by SAIICB 

We use cookie information to give you relevant information when you use www.swissapproval.com

Cookies are small text files that are placed on your computer by websites that you visit or certain emails you open. They are widely used in order to make websites work, as well as to provide business and marketing information to the owners of the site.

SAIICB uses Cookies on www.swissapproval.com  for the following purposes: 

Technical

Cookies are used for technical reasons to enable the efficient working of data bases and applications. For example, to: Balance website traffic to ensure our customers receive a consistent and reliable service. Limit traffic to key parts of the website in order to maintain performance levels. Store visitors acceptance of the website terms and conditions, without which access is not granted to www.swissapproval.com .

Tracking

Cookies are used to gather statistics on how visitors use the site. For example, to: Gain insight into how visitors use the website so that we can make improvements to its usability.