This Code of Conduct was last updated on November 22, 2022.
I. INTRODUCTION
Purpose and Scope
The Board of Directors of Dremio Corporation (the “Company” or “Dremio”) adopted this Code of Business Conduct and Ethics (this “Code”) to aid the Company’s directors, officers, employees and consultants (“Service Providers”) in making ethical and legal decisions when conducting the Company’s business and performing their day-to-day duties. This Code applies to all Service Providers of the Company and its subsidiaries, and for purposes of this Code, the term “Company” refers collectively to the Company and its subsidiaries.
The Company’s Board of Directors (the “Board”) is responsible for administering this Code. The Board has delegated day-to-day responsibility for administering and interpreting this Code to a Compliance Officer. Our Chief Human Resource Officer has been appointed the Company’s Compliance Officer (the “Compliance Officer”) under this Code, deputized by our CFO in the event of their unavailability.
The Company expects its Service Providers, which includes employees and consultants, to exercise reasonable judgment when conducting the Company’s business. The Company encourages its Service Providers to refer to this Code frequently to ensure that they are acting within both the letter and the spirit of this Code. If you have questions or concerns about this Code, the Company encourages you to speak with your supervisor (if applicable) or with the Compliance Officer under this Code.
Contents of this Code
This Code has two sections that follow this Introduction. The first section, “Standards of Conduct,” contains the actual guidelines that our Service Providers are expected to adhere to in the conduct of the Company’s business. The second section, “Compliance Procedures,” contains specific information about how this Code functions, including who administers this Code, who can provide guidance under this Code and how violations may be reported, investigated and disciplined. This second section also contains a discussion about waivers of and amendments to this Code.
A Note Regarding Other Obligations
The Company’s Service Providers generally have other legal and contractual obligations to the Company. This Code is not intended to reduce or limit the other obligations that you may have to the Company. Instead, the standards in this Code should be viewed as the minimum standards that the Company expects from its Service Providers in the conduct of its business.
II. STANDARDS OF CONDUCT
Company understands that this Code will not contain the answer to every situation you may encounter or every concern you may have about conducting the Company’s business ethically and legally; however, a good rule to follow is to consider whether you would feel comfortable if your potential actions or dealings were made public – if the answer is no, you should reconsider following through on them and consult with your supervisor or the Compliance Officer if you have any questions.
Conflicts of Interest
The Company recognizes and respects the right of its Service Providers to engage in outside activities that they may deem proper and desirable, provided that these activities do not impair or interfere with the performance of their duties to the Company or their ability to act in the Company’s best interests. In most, if not all, cases this will mean that our Service Providers must avoid situations that present a potential or actual conflict between their personal interests and the Company’s interests.
A “conflict of interest” occurs when a Service Provider’s personal interest interferes with the Company’s interests. Conflicts of interest may arise in many situations. For example, conflicts of interest can arise when a Service Provider takes an action or has an outside interest, responsibility or obligation that may make it difficult for him or her to perform the responsibilities of his or her position objectively and/or effectively in the Company’s best interests. Conflicts of interest may also occur when a Service Provider or his or her immediate family member receives some personal benefit (whether improper or not) as a result of the director’s, officer’s or employee’s position with the Company. Each individual’s situation is different and in evaluating his or her own situation, a Service Provider will have to consider many factors.
Any material transaction or relationship that reasonably could be expected to give rise to a conflict of interest should be reported promptly to the Compliance Officer. The Compliance Officer may notify the Board as he or she deems appropriate. Actual or potential conflicts of interest involving a director or executive officer other than the Compliance Officer should be disclosed directly to the Compliance Officer. Actual or potential conflicts of interest involving the Compliance Officer should be disclosed directly to the Chief Financial Officer or Chief Executive Officer.
Compliance with Laws, Rules and Regulations
The Company seeks to conduct its business in compliance with applicable laws, rules and regulations. No Service Provider shall engage in any unlawful activity in conducting the Company’s business or in performing his or her day-to-day Company duties, nor should he or she instruct others to do so.
Protection and Proper Use of the Company’s Assets
The Company’s assets include its intellectual property rights, information systems, computers, servers, other equipment, and communication facilities. Loss, theft and misuse of the Company’s assets have a direct impact on the Company’s business and its profitability. Service Providers are expected to protect the Company’s assets that are entrusted to them and to protect the Company’s assets in general. Service Providers are also expected to take steps to ensure that the Company’s assets are used only for legitimate business purposes.
Corporate Opportunities
Service Providers owe a duty to the Company to advance its legitimate business interests when the opportunity to do so arises. Each director, officer and employee is prohibited from:
- diverting to himself or herself or to others any opportunities that are discovered through the use of the Company’s property or information, or as a result of his or her position with the Company, unless such opportunity has first been presented to, and rejected in writing by, the Compliance Officer of the Company;
- using the Company’s property or information or his or her position for improper personal gain; or
- competing with the Company.
Confidentiality
Confidential Information generated and gathered in the Company’s business plays a vital role in its business, prospects and ability to compete. “Confidential Information” includes all non-public information that might be of use to competitors or harmful to the Company or its customers if disclosed. Service Providers may not disclose or distribute the Company’s Confidential Information, except when disclosure is authorized by the Company or required by applicable law, rule or regulation or pursuant to an applicable legal proceeding. Service Providers shall use Confidential Information solely within the course of their duties to the Company. Each Service Provider must return all of the Company’s Confidential Information in their respective possession to the Company when they cease to be employed or engaged by the Company.
Third parties may ask you for information concerning the Company. Except when disclosure is authorized by a supervisor or legally mandated, Service Providers (other than the Company’s authorized spokespersons) must not discuss internal Company matters with, or disseminate internal Company information to, anyone outside the Company, except as required in the performance of their Company duties and, if appropriate, after a confidentiality agreement is in place. This prohibition applies to inquiries concerning the Company from the media, research institutions and related outside parties, for example. All responses to inquiries on behalf of the Company must be made only by the Company’s authorized spokespersons. If you receive any inquiries of this nature, you must decline to comment and refer the inquirer to your supervisor or one of the Company’s authorized spokespersons.
Data Security and Privacy
Dremio Service Providers, which includes employees and consultants, are required to respect the privacy of employees, suppliers, customers and other stakeholders, and comply with privacy laws and regulations, contractual obligations regarding privacy and data security, and all of the Company’s published policies which relate to data security and the processing of personal data or other sensitive data.
Environmental, Social and Governance (ESG)
The Company is committed to reducing its environmental impact and that of its supply chain. The Company supports efforts to limit greenhouse gas emissions as agreed by the Intergovernmental Panel on Climate Change. In particular, the Company expects employees to take steps to reduce use of energy, water and other resources emissions, and waste, and make choices, including of suppliers, that minimize environmental impact.
The Company is committed to a work environment that promotes diversity, equity and inclusion (“DEI”) and expects all employees to promote DEI in hiring, evaluation, job allocation, promotion and supply chain decisions.
Promoting a Positive Work Environment
The Company is committed to creating a supportive work environment and each employee is expected to create a respectful workplace culture that is free of harassment, intimidation, bias and unlawful discrimination. The Company is an equal opportunity employer and employment is based solely on individual merit and qualifications directly related to professional competence. The Company strictly prohibits discrimination or harassment of any kind on the basis of race, color, religion, veteran status, national origin, ancestry, pregnancy status, sex, gender identity or expression, age, marital status, mental or physical disability, neurodiversity, physical appearance, body size, medical condition, sexual orientation or any other characteristics protected by law.
Code of Conduct at Events
This Code applies at all events related to the Company, including conferences and social events at off-site locations, and in related online communities and social media.
Employees are reminded of the compliance requirements to report violations of this Code or the law.
Customers' Code of Conduct
Customer facing employees are required to review, understand and follow the supplier code of conduct of the customers with whom they interact. This Code is maintained to be consistent with supplier codes, though they may occasionally have stricter security or other requirements owing to the customer's business.
Fair Dealing
Competing vigorously, yet lawfully, with competitors and establishing advantageous, but fair, business relationships with customers and suppliers is a part of the foundation for long-term success. However, unlawful and unethical conduct, which may lead to short-term gains, may damage a company’s reputation and long-term business prospects. Accordingly, it is the Company’s policy that Service Providers must deal ethically and lawfully with the Company’s customers, suppliers, competitors and employees in all business dealings on the Company’s behalf. No Service Provider should take unfair advantage of another person in business dealings on the Company’s behalf through the abuse of privileged or confidential information or through improper manipulation, concealment or misrepresentation of material facts.
Accuracy of Records
The integrity, reliability and accuracy in all material respects of the Company’s books, records and financial statements are fundamental to the Company’s continued and future business success. No Service Provider may cause the Company to enter into a transaction with the intent to document or record it in a deceptive or unlawful manner. In addition, no Service Provider may create any false or artificial documentation or book entry for any transaction entered into by the Company. Similarly, officers and employees who have responsibility for accounting and financial reporting matters have a responsibility to accurately record all funds, assets and transactions on the Company’s books and records.
Trading in the Securities of Other Companies
No Service Provider of the Company who, in the course of working for the Company, learns of any material, nonpublic information about a company with which the Company does business (e.g., a customer, supplier or other party with which the Company is negotiating a major transaction, such as an acquisition, investment or sale), may trade in that company’s securities until the information becomes public or is no longer material.
Political Contributions
Business contributions to political campaigns are strictly regulated by federal, state, provincial and local law in the U.S. and other jurisdictions. Accordingly, all political contributions proposed to be made with the Company’s funds must be coordinated through and approved by the Compliance Officer. Service Providers may not, without the approval of the Compliance Officer, use any of the Company’s funds for political contributions of any kind to any political candidate or holder of any national, state, provincial or local government office. Service Providers may make personal contributions, but should not represent that he or she is making any such contribution on the Company’s behalf. Similar restrictions on political contributions may apply in other countries. Specific questions should be directed to the Compliance Officer.
Gifts and Entertainment
The giving and receiving of gifts can be a common and valid business practice. Appropriate business gifts and entertainment are welcome courtesies designed to build relationships and understanding among business partners. Gifts and entertainment, however, should never compromise, or appear to compromise, any person’s ability to make objective and fair business decisions, or the ability of others to make their own objective and fair business decisions. In addition, it is important to note that the giving and receiving of gifts are subject to a variety of laws, rules and regulations applicable to the Company’s operations. These include, without limitation, laws covering the marketing of products, bribery, and kickbacks. Each individual covered by this Code is expected to understand and to comply with all laws, rules and regulations that apply to his or her job position.
International Trade Controls
Many countries regulate international trade transactions, such as imports, exports and international financial transactions. In addition, the United States prohibits any cooperation with boycotts against countries friendly to the United States or against firms that may be “blacklisted” by certain groups or countries. It is the Company’s policy to comply with these laws and regulations even if it may result in the loss of some business opportunities. Employees should learn and understand the extent to which U.S. and international trade controls apply to transactions conducted by the Company.
Compliance with Anti-Corruption Laws
The U.S. Foreign Corrupt Practices Act (the “FCPA”) prohibits giving anything of value, directly or indirectly, to officials of a foreign government or to foreign political candidates in order to obtain or to retain business, induce the foreign official to perform or omit any act in violation of his public duty, influence the foreign official to affect or influence any government action, or obtain any other business advantage. The Company is also subject to the UK Bribery Act (collectively with the FCPA and the anti-corruption laws of other jurisdictions, the “Anti- Corruption Laws”), which prohibits bribes to any individuals, not just government officials.
Service Providers, which includes employees and consultants, are strictly prohibited from offering, promising, paying or authorizing the payment, directly or indirectly, to a government official to influence or reward any act of such official, or otherwise making any payments or providing anything of value in violation of the Anti-Corruption Laws. State and local governments, as well as foreign governments, may have additional rules regarding such payments. Service Providers shall comply with the FCPA and all other applicable anti-bribery, anti-kickback, and anti-corruption laws, rules, and regulations.
Service Providers have a continuing and independent obligation to ensure compliance with Anti-Corruption Laws.
III. COMPLIANCE PROCEDURES
Communication of Code
All Service Providers will be supplied with a copy of this Code upon the later of the adoption of this Code and beginning service at the Company. Updates of this Code will be provided from time to time. A copy of this Code is also available at https://www.dremio.com/legal/code-of-conduct/ or by requesting one from the human resources department.
Monitoring Compliance and Disciplinary Action
The Company’s management, under the supervision of its Board, shall take reasonable steps from time to time to (i) monitor compliance with this Code, and (ii) when appropriate, impose and enforce appropriate disciplinary measures for violations of this Code.
Disciplinary measures for violations of this Code may include, but are not limited to, counseling, oral or written reprimands, warnings, probation or suspension with or without pay, demotions, reductions in salary, re-assignment, termination of employment or service and restitution.
The Company’s management shall periodically report to the Board on these compliance efforts including, without limitation, periodic reporting of alleged violations of this Code and the actions taken with respect to any such violation.
Reporting Concerns/Receiving Advice
Communication Channels
Be Proactive. Every employee is encouraged to act proactively by asking questions, seeking guidance and reporting suspected violations of this Code and other policies and procedures of the Company, as well as any violation or suspected violation of applicable law, rule or regulation arising in the conduct of the Company’s business or occurring on the Company’s property. If any employee believes that actions have taken place, may be taking place, or may be about to take place that violate or would violate this Code or any law, rule or regulation applicable to the Company, he or she is obligated to bring the matter to the attention of the Company.
Seeking Guidance. The best starting point for an officer or employee seeking advice on ethics-related issues or reporting potential violations of this Code will usually be his or her supervisor. However, if the conduct in question involves his or her supervisor, if the employee has reported the conduct in question to his or her supervisor and does not believe that he or she has dealt with it properly, or if the officer or employee does not feel that he or she can discuss the matter with his or her supervisor, the employee may raise the matter with the Compliance Officer.
Communication Alternatives. Any Service Provider may communicate with the Compliance Officer, or report potential violations of this Code, by any of the following methods:
- In writing (which may be done anonymously as set forth below under “Anonymity”), addressed to the Compliance Officer of the Company, by U.S. mail to c/o Dremio Corporation, 3970 Freedom Circle, #110, Santa Clara, CA 95054, USA; or
- By email to Compliance at [email protected], Human Resources at [email protected], or Legal at [email protected] (anonymity cannot be maintained).
Reporting Accounting and Similar Concerns. Any concerns or questions regarding any potential violations of this Code, any company policy or procedure or applicable law, rules or regulations that involves accounting, internal accounting controls, auditing or securities law matters will be directed to the Board or Audit Committee in accordance with procedures for the receipt, retention and treatment of complaints regarding accounting, internal accounting controls or auditing matters. Officers, employees and consultants may also communicate directly with the Board regarding such matters by the following methods (which may be done anonymously as set forth below under “Anonymity”):
- Communication Alternatives outlined above
- Writing the Company’s outside counsel Goodwin Procter LLP, Attn: Dremio Corporation Partner, Goodwin Procter LLP, 601 Marshall St, Redwood City, CA 98029
Cooperation. Employees are expected to cooperate with the Company in any investigation of a potential violation of this Code, any other company policy or procedure, or any applicable law, rule or regulation.
Misuse of Reporting Channels. Employees must not use these reporting channels in bad faith or in a false or frivolous manner or to report grievances that do not involve this Code or other ethics-related issues.
Director Communications. In addition to the foregoing methods, a director may also communicate concerns or seek advice with respect to this Code by contacting the Board.
Anonymity
When reporting suspected violations of this Code, the Company prefers that officers and employees identify themselves to facilitate the Company’s ability to take appropriate steps to address the report, including conducting any appropriate investigation. However, the Company also recognizes that some people may feel more comfortable reporting a suspected violation anonymously.
If an officer or employee wishes to remain anonymous, he or she may do so, and the Company will use reasonable efforts to protect the confidentiality of the reporting person subject to applicable law, rule or regulation or to any applicable legal proceedings. In the event the report is made anonymously, however, the Company may not have sufficient information to look into or otherwise investigate or evaluate the allegations. Accordingly, persons who make reports anonymously should provide as much detail as possible to permit the Company to evaluate the matter(s) set forth in the anonymous report and, if appropriate, commence and conduct an appropriate investigation.
No Retaliation
The Company expressly forbids any retaliation against any officer or employee who, acting in good faith on the basis of a reasonable belief, reports suspected misconduct. Specifically, the Company will not discharge, demote, suspend, threaten, harass or in any other manner discriminate against, such an officer or employee in the terms and conditions of his or her employment. Any person who participates in any such retaliation is subject to disciplinary action, including termination.
Waivers and Amendments
No waiver of any provisions of this Code for the benefit of a director or an executive officer shall be effective unless approved by the Board.
Any waivers of this Code for other employees and consultants may be made by the Compliance Officer or the Board.
All amendments to this Code must be approved by the Board.
ADOPTED: June 13, 2017
Last Updated: 2022/11/22