Go to Top

Corporate management system policy

At Arxis, we believe in expertise, personal and corporate credibility, quality, teamwork and enthusiasm for our work. The ultimate goal is greater customer satisfaction.
The quality management system (qms), introduced in 2005 in accordance with UNI EN ISO 9001:2000, subsequently amended to UNI EN ISO 9001:2008 and 2015 version re-certification in July 2017.
The ICT service management system, i.e. the service management system (SMS) based on the ISO/IEC 20000-1 standard, with certification obtained in 2014 and re-certification in July 2017.
The information security management system (isms) based on the ISO/IEC 27001 standard, with certification obtained on 3 December 2015.
In particular, the ISO/IEC 27001:2013 Standard states that data security is based on three aspects:
CONFIDENTIALITY
This expresses the guarantee that any given piece of information is only accessible to the processes that have to process it and the user who objectively needs it and is therefore authorized to use it.
INTEGRITY
This expresses the guarantee that any information is the one originally entered into the information system or legally modified.
AVAILABILITY
This expresses the guarantee of the availability of information based on the need for business process continuity and for the purpose of complying with regulations (both legal and non-statutory) that require the data to be retained.
The security of data and information is based on the observance of organizational, procedural and technical measures that guarantee advance protection from unauthorized access, destruction, loss, alteration or disclosure of data, unauthorized or non-compliant processing.
An effective SGSI must:
Safeguard the interests of Solve.It and its customers
Guarantee the integrity and confidentiality of corporate information, as well as the continuity (availability) of business activities, ensuring that the expected level of protection is implemented according to the importance of the information requiring protection
Guarantee a virtuous and uniform behavioral model
Ensure tracking of the authorization processes and the activities carried out for legal, fiscal and operational purposes

Law 231 (Legislative Decree 231/2001)

Corporate Responsibility, Code of Ethics and Responsibility of Legal Persons pursuant to Italian Legislative Decree 231/01. – Corporate responsibility of companies and organizational, management and control models.
The activity of most companies and, consequently, their organization must take into account legislation and, in particular, the regulations provided for by the law in question. Legislative Decree 231/2001 extends the responsibility for offences committed in Italy and abroad by natural persons working for the company to legal persons.
In addition to the responsibility of the natural person who performs an unlawful deed, the law has introduced the penal liability of companies for certain offences committed in their interest or to their benefit by persons acting as representatives or working in the administration or management of the company or one of its organizations with financial or functional autonomy or by persons managed or supervised by one of the above mentioned subjects.

ADDENDUM TO THE POLICY ON PERSONAL DATA PROCESSING
REGARDING GREEN PASS CHECKS

Arxis Srl, St.  Torri Bianche n.9 20871 Vimercate (MB), in its capacity as Data Controller, hereby informs you that your personal data, acquired to allow compliance with the anti-contagion measures relating to SARS Covid-2 will be managed using electronic and hardcopy means.

All Data Subjects who access Arxis’s headquarters (workers, maintenance technicians, visitors, etc.) will be subject to the checks.

The check is restricted to verifying the authenticity, validity and integrity of the certification and does not involve the collection of data in accordance with the provisions of Prime Ministerial Decree dated June 17, 2021, Legislative Decree 127 dated September 21, 2021 or the provisions of the Personal Data Protection Authority. Since collection does not take place, data retention is not necessary.

The check is necessary in order to access Arxis’s offices in full compliance with current legislation. This check does not give rise to any automated decision, nor to profiling.

Arxis will ensure that this processing is carried out in full compliance with the aforementioned regulations and confidentiality obligations, providing precise instructions regarding any persons in charge of the checks.

In case of need, a Data Subject party may exercise the rights provided for in Articles 15-22 of GDPR 679/2016, which are detailed in the information available on the website www.Arxis and displayed at the reception desk at the entrance to the offices.

To exercise their rights, or any need, a Data Subject may contact the Data Controller directly at the operational headquarters or by using a dedicated e-mail address: privacy@arxis.

Should the Data Subject not be satisfied with the behavior of Arxis s.r.l., they may contact the Supervisory Authority in accordance with the instructions listed on the page https://www.garanteprivacy.it/home/footer/contatti.

October 14, 2021

PERSONAL DATA PROCESSING POLICY

Arxis Srl, St. Torri Bianche n.9 20871 Vimercate (MB), in its capacity as Data Controller, hereby informs you that your personal data shall be processed both manually and with the aid of electronic tools, according to the regulations in force regarding the protection of personal data.
PURPOSES OF DATA PROCESSING
Arxis s.r.l. collects and processes the personal data of the Data Subjects for: the performance of obligations arising out of contractual relationships, the performance of pre-contractual activities or by virtue of laws/regulations with which it must comply and/or decides to adhere to, more specifically:
  • information on their products and services;
  • relationship management with existing and potential customers;
  • contractual obligations;
  • fulfilment of accounting, tax and legal obligations;
  • after-sales management.
The provision of personal data for said purposes is strictly necessary and refusal to provide it means that Arxis shall be unable to establish relations and/or perform said activities. Arxis s.r.l. shall provide detailed information, if necessary. Processing is related to obligations of a contractual nature or to specific requests by the Data Subject, therefore consent is not required.
SENSITIVE DATA
Arxis does not collect sensitive data for its business purposes. Should an unforeseeable event result in Arxis acquiring said data without consent, the Data Subject shall be contacted urgently in order to resolve the issue immediately.
PROCESSING PROCEDURE
Processing is performed using manual, computer and electronic instruments, with logic strictly related to the purposes stated. Arxis possesses ISO 27001 standard certification and has established technological, organizational and procedural support to ensure that data is processed legally and securely. Personal data is stored for the period strictly necessary to carry out the contractual activity, unless the data is required for business needs (e.g.: data sheets) or legal requirements.
THIRD-PARTY COMMUNICATION
The pursuit of the aforementioned purposes may lead to the transmission and communication of data to third parties that have been appointed to carry or provide specific services strictly functional to the execution of obligations, such as:
  • banks and credit institutions;
  • consultants, professionals, external suppliers of business services;
  • suppliers of technological services;
  • carriers.
Data may be transferred to recipients headquartered in a third country or to international organizations with offices abroad. Arxis will carry out said transfers after verifying compliance with the articles of the domestic and European legislation in force.
DATA CONTROLLER
The Data Controller is Arxis S.r.l., whose operational headquarters at  St. Torri Bianche n.9 20871 Vimercate (MB), in the person of its legal representatives.
RIGHTS OF THE DATA SUBJECT
The Data Subject may exercise the rights provided for, more specifically:
  1. obtain access to their personal data;
  2. obtain:
    1. updating, rectification or addition of further data;
    2. deletion or limitation of processing;
  3. oppose for legitimate reasons:
    1. processing of personal data that concerns them;
    2. processing of personal data for the purpose of sending advertising or direct sales material or for conducting market research or commercial communications.
  4. Request that their data be transferred to another Data Controller, providing the necessary information and reasons.
If the actions resulting from the exercise of the rights referred to in points 2.b. and 3. are incompatible with the management of the business, Arxis will highlight the fact in order to reach an agreement on the matter. If the exercise of the rights referred to in points 2.b and 4 proves impossible or too burdensome, Arxis shall inform you without undue delay in order to agree upon a solution. Your right to submit a complaint to the Supervisory Authority remains unaffected if you are not satisfied with the behavior of Arxis s.r.l. in your regard. Arxis does not carry out automated decision-making processes and shall not disclose your personal data. To exercise your rights, or for any need you may have, please contact the Data Controller directly (info@arxis.it), or through the dedicated e-mail address: privacy@arxis.it

WEBSITE POLICY

PRIVACY POLICY OF THE ARXIS.IT S.r.l. WEBSITE

This policy describes how the Arxis site is managed in terms of the processing of personal data belonging to the users visiting it. This informational notice is provided under art. 13 of the Genral Regulations (EU) 2016/679 regarding Personal Data Protection Code (GDPR) and Italian Legislative Decree 196/2003, to those interacting with Arxis S.r.l. webservices, which are accessible electronically at the address: www.arxis.it. The informational notice only refers to the Arxis site and does not cover other sites accessible via links from Arxis’s pages.

The informational notice is also based on Recommendation no. 2/2001 issued by the European Data Protection Authorities, which identifies certain minimum requirements for online personal data collection and, in particular, the methods, times and nature of the information that data controllers are required to provide to users when the latter connect to web pages, regardless of the purpose of the visit.

This Policy provides guidance on the processing of data acquired through consultation of the website; for a complete overview of the data processing by the company, you are invited to consult Arxis informational notice on data processing.

WEBSITE POLICY

DATA CONTROLLER

Data relating to identified or identifiable individuals can be processed following a visit to the site. The “Data Controller” responsible for processing the data is Arxis S.r.l., whose headquarters are in Vimercate, at St. Torri Bianche, 9 in the person of its legal representatives pro tempore.

The processing of data related to the web services on the site is performed exclusively by Arxis staff that have been assigned the task of processing. No personal data deriving from the web service shall be disseminated. Personal data provided by users is used solely for the purpose of performing the service requested and is only communicated to third parties in case in which doing so is necessary to achieve said purpose.

WEBSITE POLICY

TYPES OF DATA PROCESSED
3.1 BROWSING DATA

During the course of normal operation, the computer systems and software procedures used for the operation of the website acquire certain personal data, the transmission of which is implicit in the use of the Internet network, which is based on the TCP/IP protocol.

The information is not collected so that it may be associated with identified individuals, but which by their very nature could, through processing and associations with data stored by third parties, allow the identification of the users browsing.

This category of data includes “IP addresses” or the domain names of the computers used by the users who browse the website, the URI (Uniform Resource Identifier) notation addresses of the required resources, the time of the request, the method used to submit the request to the web server, the size of the file obtained in response, the numeric code indicating the response status provided by the web server (successful, error, etc.) and other parameters related to the operating system and the user’s computing environment. The data is only used for the purpose of obtaining anonymous statistical information on the use of the site and to check its proper functioning.

Please note that the aforementioned data may be used to establish liability in the event of cybercrimes perpetrated on the Arxis website or other related or linked sites: this exception aside, web contact data is retained for the time required to complete the activity requested and no longer than 90 days from the date of acquisition.

3.2 MINORS

The Arxis website can also be visited by minors under eighteen years of age, since it only collects technical and commercial information data for the provision of IT services.

3.3 DATA PROVIDED VOLUNTARILY BY THE USER

The request for information on the Arxis website Contacts page involves the acquisition of certain personal data, including the applicant’s e-mail address.

3.3.1 COOKIES

No user personal data is acquired by the site.

No cookies are used for the transmission of personal data, nor are there any so-called persistent cookies of any kind, i.e. user tracking systems.

The use of so-called session cookies (which are not persistently stored on the user’s computer and vanish when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) needed to allow the site to be browsed safely and efficiently.

The so-called session cookies used on the site avoid the use of other potentially damaging computer techniques for the confidentiality of user browsing and do not allow the acquisition of the user’s personal identification data.

3.3.2 OPTIONAL NATURE OF PERSONAL DATA TRANSFER

Aside from that specified for browsing data, users are free to provide the personal data shown in the specific electronic application form. However, their non-provision means it shall not be possible to satisfy the contact request.

3.4 PROCESSING PROCEDURES AND SECURITY MEASURES

Arxis has implemented the necessary measures to ensure that processing is carried out in full compliance with the rights of the Data Subjects and the legislation in force. As regards information security, the Arxis management system is certified according to the ISO 27001 standard.

3.5 STORAGE

Personal data is stored solely for the purposes of the activity for which it was recorded and, of course, in compliance with any relevant legal provisions. This means that, when such data is no longer functional to those principles, it is permanently deleted. The Data Controller will make every effort, within the limits established by legislation, to ensure that any recipients of said data shall also delete it.

3.6 DATA SUBJECT RIGHTS

The Data Subjects to whom the personal data collected in the specific section refers shall be able to exercise the rights provided for by CHAPTER III of the GDPR, more specifically:

  1. obtain access to their personal data;
  2. obtain: a. updating, rectification or integration; b. cancellation or limitation of processing;
  3. oppose processing of their personal data for legitimate reasons;

Given the method of processing, it is very unlikely that there will be requests regarding data portability. In any specific cases, Arxis shall assess the reasons for the request to comply with the provisions of the GDPR.

Should the actions resulting from the exercise of the rights referred to in points 2.2 and 3 be deemed incompatible with the management of the contractual relationship, Arxis shall highlight the fact in order to reach an agreement on the matter.

The right of the Data Subject to submit a complaint to the Supervisory Authority remains unaffected if they are not satisfied with the behavior of Arxis s.r.l. in their regard.

Arxis does not carry out automated decision-making processes and shall not disclose the personal data collected.

To exercise your rights, or for any need you may have, please contact the Data Controller directly (Arxis S.r.l. – St. Torri Bianche, 9 –20871 Vimercate,), or through the dedicated e-mail address: info@arxis.

1. INTRODUCTION
The Code also has the purpose of introducing the principles and rules of behavior related to the reasonable prevention of the crimes specified in Italian Legislative Decree 231/2001 at Arxis and making them compulsory. The Code, seen as a whole and together with all the specific implementation procedures approved by the Company, must be considered an integral part of the employment contracts, both in place and yet to be stipulated, pursuant to art. 2104 of the Italian Civil Code. A breach of its provisions will, therefore, constitute an offense of a disciplinary nature and, as such, will be prosecuted and sanctioned by the Company pursuant to and for the purposes of art. 7 of Italian Law no. 300 dated 20 May 1970 (so-called Workers’ Statute) (“Italian Law 300/1970”) and may require compensation for damages caused to the Company. Regarding the collaborators, consultants and self-employed workers who perform activities for the Company and other third parties, signing this Code or an extract of it or, in any event, adhering to the provisions and principles contained within represents conditio sine qua non of the stipulation of contracts of any nature between the Company and said individuals; the provisions thereby signed or, in any event, approved, even by conclusive facts, are an integral part of the contracts themselves. The intention of Arxis is to maintain relations with all parties based on compliance with the principles expressed in this Code and expects that the latter will, in turn, cooperate in complying with these values. Based on the foregoing, any breaches by third parties of specific provisions of the Code may, based on how serious they are, legitimize the Company’s withdrawal from existing contractual relationships with said parties and may also be regarded ex ante as causes for the automatic termination of the contract pursuant to art. 1456 of the Italian Civil Code. The rules of the Code apply, without exception, to the members of the Board of Directors, executives, supervisors and employees of Arxis, as well as to all those who, directly or indirectly, permanently or temporarily, establish, for any reason, relationships and collaborations or operate in the interests of Arxis. Said individuals will be referred to hereafter as “Recipients”. The Recipients of the provisions of this Code, in compliance with the laws and regulations in force, will adjust their actions and behavior to the principles, objectives and commitments that are provided for by the Code, as well as observe and make others observe, within the sphere of their responsibilities, the principles contained in the Code. In particular, when setting the corporate objectives, the Board of Directors shall base its decisions on the principles contained in the Code. The management of the Company is responsible for the actual implementation of the Code and its dissemination inside and outside the Company. In addition to compliance per se due to the regulations in force and the provisions of collective bargaining, the employees of the Company undertake to adapt the methods of carrying out their work to the purposes and provisions of this Code; this shall be the case both for intra-company relations and relations with individuals who are external to the Company and, in particular, with Public Administrations and other authorities. An essential requirement of any fruitful collaborative relationship with the Company is represented by the observance, on the part of collaborators and other third parties, of the principles and provisions contained in this Code. In this sense, at the time of signing contracts or agreements with collaborators or other third parties, the Company provides its interlocutors with this Code or with a meaningful extract from it. Each Recipient is required to comply with the rules of the Code. A breach of the provisions of this Code harms the relationship of trust established with Arxis and may, depending on the individual situation and the type of noncomplying party, lead to disciplinary or legal courses of action or the application of the penalties provided for in the contract. In the most serious cases, a breach may, depending on the case, involve the termination of the employment relationship or the termination of the contract and/or termination of the assignment. In particular, in the event of breaches of the Code carried out by employees of Arxis, the Company shall take steps to apply the appropriate disciplinary measures against the perpetrators of the censured behavior, in compliance with the provisions of the collective bargaining agreement involved and current legislation, without prejudice to the right to compensation for any damage suffered. This regardless of any criminal relevance concerning the behavior and/or the commencement of criminal proceedings in the event of a crime. It is understood that all the procedures, provisions and guarantees provided for by the Workers’ Statute and the National Collective Labor Agreement will be observed in the matter of disciplinary measures. If the breach of the rules of the Code is carried out by a Recipient who is not an employee of Arxis (for example, self-employed workers, suppliers or other persons linked to the Company by contractual relationships), a sanction that may be applied is the right to terminate the related contract or withdrawal from it for just cause, without prejudice to the right to compensation for any damage suffered. All of the above irrespective of any criminal relevance regarding the behaviors and/or the commencement of criminal proceedings in the event of a crime. Arxis undertakes to envisage and apply, coherently, impartially and uniformly, sanctions that are proportionate to the respective breaches of the Code and in compliance with the current provisions on the regulation of employment relationships. We also hereby specify that the disciplinary principles and rules established by Arxis apply to the sanctions deriving from breaching the provisions in this Code.

After having analyzed the breaches of the Code, emerging as a result of its own checks or reports from stakeholders, Arxis shall decide on the existence or otherwise of such breaches, on the adoption of the appropriate measures and the imposition of the relative sanctions in agreement with the manager of the perpetrator of the censured behavior.

1.2 RECIPIENT OBLIGATIONS
As part of their activities, all Arxis stakeholders (employees, shareholders, customers, suppliers, communities, commercial and financial partners, institutions, trade associations, trade union representatives, etc.) shall act in compliance with this Code, as well as in observance of the laws and regulations in force. All Recipients are required to know the rules contained in the Code and the reference rules that regulate the activity carried out in the context of their function. Recipients are obliged to: – refrain from behavior that is contrary to the rules of the Code and to demand compliance with it; – contact their superiors or the functions appointed to perform this role, in the event of a need for clarification regarding the methods for applying the rules themselves; – promptly report to superiors or to the functions appointed to perform this role:
  • any information, detected directly or reported by others, regarding possible breaches of the rules of the Code;
  • any request to breach the rules that is made to them;
– collaborate with the entities responsible for checking possible breaches. The Recipient will not be able to conduct personal inquiries or report the information to anyone other than their superiors or any functions appointed to perform this role. Anonymous reporting is prohibited. All corporate department managers are obliged to:
  • behave as a model for their collaborators;
  • promote the observance of the Code by the Recipients;
  • work to ensure that the Recipients understand that compliance with the rules of the Code is an integral part of professionalism in their role and is an essential element in the management of work relationships and in the performance of activities;
  • take immediate corrective measures when required to do so by the circumstances;
  • make every effort to prevent possible retaliation, within the limits of their responsibilities and assignments.
1.3 ARXIS’S COMMITMENTS
Arxis will ensure, including by identifying specific internal functions:
  • the broadest dissemination of the Code among the Recipients and those who enter into relationships with Arxis itself;
  • the in-depth analysis and updating of the Code;
  • the carrying out of checks on information regarding breaches of the rules of the Code;
  • the assessment of the facts and the consequent implementation, in the event of an ascertained breach, of the sanctions envisaged;
  • the fact that no one can suffer consequences of any kind for having provided information regarding possible breaches of the Code or of the rules referred to therein.
The Company undertakes to ensure timely internal and external dissemination of the Code by: ♣ posting it in a place accessible to all employees; ♣ making it available to third-party Recipients and any other interlocutor on the Company’s website and on the company intranet.
2a. REFERENCE ETHICAL PRINCIPLES
1 RESPONSIBILITY AND COMPLIANCE WITH LAWS
Observance of the law, rules and, in general, current regulations, statutory provisions, ethical integrity and fairness are a continuous commitment and duty of all those who operate in the Arxis organization and characterize the behavior of the entire organization. In this context, compliance with legislation and ethical and deontological principles dictated by trade associations is also important, with particular regard to the Assintel Code of Conduct. In no way can the belief of acting for the benefit or in the interest of the Company justify, even in part, the adoption of behavior not compliant with the principles and contents of the Code. Arxis endeavors to appropriately inform third parties of the commitments and obligations imposed by the Code, requires them to comply with the principles that directly concern their business and adopts the appropriate internal and, if within the scope of its responsibilities, external initiatives in the event of non-fulfillment by third parties.
2 FAIRNESS AND HONESTY
Arxis maintains a relationship of mutual trust and loyalty with all Recipients. All the activities carried out by the Company are carried out in the awareness of the moral and social responsibility that the Company has towards its stakeholders in the belief that the achievement of the Company’s objectives (the first of which is to give added value to shareholders, customers and to the community in which Arxis operates) must be accompanied not only by compliance with specific company values, but also by the general obligations of honesty, fairness and good faith. Recipients must be aware of the ethical significance of their actions and must not pursue personal or corporate profit in breach of applicable laws and the rules of this Code. Therefore, all actions, operations, negotiations and, in general, the behavior on the part of the Recipients of this Code when carrying out their work must be based on the principles of honesty, fairness, integrity, transparency, legitimacy, clarity and mutual respect, as well as the fundamental values that have been defined for the entire organization, such as respect for rules, professional ethics, company identity, service to the community and awareness of one’s role; they must also be available for verifications, in accordance with current regulations and internal procedures. All activities must be carried out with commitment and professional rigor. All Recipients must provide professional contributions that are appropriate for the responsibilities they have been assigned and must act in such a way as to protect the reputation of Arxis. In addition to fulfilling the general duties of loyalty, fairness and the execution of the employment contract in good faith, the Arxis employee Recipients must refrain from carrying out activities in competition with those of Arxis, observe company rules and abide by the precepts of the Code.

Recipients must avoid situations and/or activities that could lead to conflicts of interest with those of Arxis or that could interfere with the Recipient’s ability to make impartial decisions, thereby safeguarding the best interests of Arxis.

3 IMPARTIALITY AND INTEGRITY
In all its relations with counterparties, Arxis avoids all discrimination based on age, racial and ethnic origin, nationality, political opinions, religious beliefs, gender, sexuality or state of health. Positive results depend on the ability to take personal responsibility. Arxis will demonstrate that it is honest, will endeavor to set an example and, in this regard, will be measured. Practices of corruption, illegitimate favors, collusive behavior, solicitations, direct and/or through third parties, for personal and career advantages for oneself or for others, are prohibited without exception.
4 ENHANCEMENT OF PEOPLE AND PROTECTION OF INDIVIDUAL PERSONALITIES
Arxis recognizes the need to protect individual freedom in all its forms and rejects any manifestation of violence, especially if aimed at limiting personal freedom. Arxis attaches great importance to the enhancement, development, personal dignity, tolerance, transparency and safety of people in general and of its collaborators, in particular. Any kind of discrimination, corruption, forced or child labor is rejected. Particular attention is paid to the recognition and protection of the dignity, freedom and equality of human beings, the protection of labor and trade union freedoms, health, safety, the environment and biodiversity, as well as the system of values and principles on transparency, energy efficiency and sustainable development, as affirmed by International Conventions and Institutions. In this regard, Arxis operates within the reference framework of the Universal Declaration of Human Rights of the United Nations, of the fundamental Conventions of the ILO – International Labor Organization. Each organizational unit manager exercises the powers inherent in their corporate position with objectivity and balance, nurturing the professional growth of their collaborators and the improvement of working conditions. Each employee behaves collaboratively, performing their duties with responsibility, efficiency and diligence. Relations between employees of the Company are based on values of civil coexistence and are carried out in compliance with the rights and freedoms of individuals, as well as the fundamental principles that affirm equal social dignity without discrimination for reasons of nationality, language, gender, race, religious belief, political and trade union membership, physical or mental condition.
2b. REFERENCE ETHICAL PRINCIPLES
1 TRANSPARENCY
Arxis ensures the transparency, truthfulness, accuracy and completeness of the information provided within the Company, as well as that addressed to third parties, in order to allow recipients to make informed decisions about the relationships to be maintained with the Company itself. In compliance with the principle of transparency, every operation and transaction must be correctly recorded, authorized, verifiable, legitimate, consistent and congruous. All actions and operations must be appropriately recorded and it must be possible to verify the decision, authorization and execution process. For each operation, there must be appropriate documentary support in order to, at any time, be able to carry out checks that certify the characteristics and reasons for the operation and identify who authorized, carried out, recorded and verified the operation itself. The Company uses objective and transparent criteria in the selection of suppliers. This choice, in compliance with current regulations and internal procedures, must take place on the basis of objective assessments relating to competitiveness, quality and the economic terms and conditions. The supplier will also be selected based on their ability to guarantee:
  • compliance with the Code of Ethics;
  • the implementation of appropriate corporate quality systems, where required;
  • the availability of appropriate means and organizational structures;
  • compliance with labor legislation, including the health and safety of workers, trade union rights or, in any event, rights of association and representation.
There are specific procedures to document the overall selection and purchase process, in order to ensure maximum transparency of the evaluation and selection of suppliers.
2 CONFIDENTIALITY
Arxis’s activities continuously require the acquisition, storage, processing, communication and dissemination of information, documents and other data relating to negotiations, administrative procedures, financial transactions, know-how (contracts, deeds, reports, notes, studies, drawings, photographs, software) etc. Company information is handled internally by Arxis in an appropriate manner, ensuring compliance with the privacy legislation in force, with a view to avoiding the communication or dissemination of personal data in the absence of the consent of the Data Subject.

The acquisition and processing, as well as the storage of information and personal data of staff and other subjects whose data the Company possesses, takes place in compliance with specific procedures aimed at preventing unauthorized persons and/or entities from gaining their knowledge, as well as any misuse of this information. These procedures comply with current regulations.

3 EFFICIENCY AND PLANNING OF COMPANY OBJECTIVES
Arxis identifies general and individual company objectives, in relation to possible, specific, concrete, measurable results related to the time required for their achievement, consistently with the values expressed in this Code. Economy in the management and use of company resources must be pursued in every work activity, in compliance with the most advanced quality standards.

Arxis also undertakes to safeguard and protect company resources and assets, as well as to manage its assets and capital by adopting all the necessary precautions to ensure full compliance with the laws and regulations in force.

4 FAIR COMPETITION

Arxis recognizes the value of competition when inspired by the principles of fairness, fair competition and transparency towards the operators present on the market.

5 SOCIAL RESPONSIBILITY AND ENVIRONMENTAL PROTECTION
Arxis operates while taking into account the needs of the community by contributing to the economic, social and civil development of the communities in which it operates. Arxis is committed to safeguarding the environment as a primary asset, ensuring compatibility between economic initiatives and environmental needs.
2c. REFERENCE ETHICAL PRINCIPLES
1 SPIRIT OF SERVICE
The Recipients must aim their behavior, within the limits of their respective competences and responsibilities, to the pursuit of the corporate mission aimed at providing a service of high social value and use for the community, which must benefit from the best quality standards.
2 RELATIONS WITH LOCAL BODIES AND PUBLIC INSTITUTIONS
Arxis pursues the objective of maximum integrity and fairness in relations, including contractual ones, with public institutions and, in general, with the Public Administration, including the request and/or management of public funds, in order to ensure maximum clarity in institutional relations, in harmony with the need for organizational and managerial autonomy of any economic operator.

Relations with institutional interlocutors are maintained exclusively through the persons appointed to do so.

3 RELATIONS WITH ASSOCIATIONS, TRADE UNION ORGANIZATIONS AND POLITICAL PARTIES
Arxis does not make contributions, either directly or indirectly, for the financing of political parties, movements, committees and political and trade union organizations, nor of their representatives or candidates. Furthermore, the Company does not finance associations or sponsor events or congresses that have political propaganda as their purpose. Arxis can make contributions and donations in favor of subjects with social, moral, scientific and cultural purposes.
4 REJECTION OF EVERY FORM OF TERRORISM
Arxis rejects all forms of terrorism and its intention is to adopt, in the context of its activities, appropriate measures to prevent the danger of involvement in terrorist events, so as to contribute to the affirmation of peace among peoples and of democracy. To this end, the Company undertakes not to establish any relationship of a working or commercial nature with subjects, be they natural or legal persons, involved in acts of terrorism, as well as not to finance or otherwise facilitate any of their activities.
5 PROTECTION OF HEALTH AND SAFETY AT WORK
Arxis pursues the objective of guaranteeing health and safety in the workplace with the utmost commitment, continuously working to identify and adopt the necessary measures to protect the safety and health of workers, including activities for the prevention of occupational risks, information and training.

In this regard, the Company adopts the most appropriate measures to avoid the risks associated with carrying out its business activities and, where this is not possible, for an adequate assessment of the existing risks, with the aim of addressing them directly at source and guaranteeing their elimination or, where this is not possible, their management.

6 PROTECTION OF TRANSPARENCY IN COMMERCIAL TRANSACTIONS (ANTI-MONEY LAUNDERING)
Arxis works according to the principle of maximum transparency in commercial transactions and employs the most appropriate tools in order to combat the phenomena of money laundering and receiving stolen goods.

Compliance with the principles of correctness, transparency and good faith in relations with all contractual counterparties must be guaranteed.

7 REJECTION OF CRIMINAL ORGANIZATIONS

Arxis rejects any form of criminal organization (in particular mafia-type associations), of a national and transnational nature. The Company adopts suitable measures to prevent the danger of its own or its employees’ involvement in relationships and activities for any reason and in any way whatsoever, even in the form of mere assistance and help, with such organizations. To this end, Arxis does not establish any relationship of a working, collaborative or commercial nature with subjects, whether they are natural or legal persons, directly or indirectly involved in criminal organizations or, in any event, linked by kinship and/or affinity with exponents of known criminal organizations, as well as not financing or, in any event, facilitating any activity referable to such organizations.

8 PROTECTION OF INDUSTRIAL AND INTELLECTUAL PROPERTY RIGHTS
Arxis complies with the legislation on the protection of trademarks, patents and other distinctive signs and on copyright. In particular, the Company does not allow the use of intellectual works without the S.I.A.E. symbol or equipped with an altered or counterfeited 16 symbol, prohibits the reproduction of computer programs and the contents of databases, as well as the appropriation and dissemination, in any form, of protected intellectual works, including by revealing their content before it is made public. Arxis does not allow the use, for any reason and for any purpose, of products with counterfeit brands or symbols.
9 COLLABORATION WITH THE AUTHORITIES IN THE EVENT OF INVESTIGATIONS
Arxis recognizes the value of the judicial and administrative function and pursues the goal of maximum integrity and fairness in relations with the competent authorities. The Company undertakes to adopt all the measures necessary to provide the collaboration requested by the Authorities, within the limits in compliance with current legislation.
10 CORRECT USE OF IT SYSTEMS
The Company pursues the objective of the correct use of IT or telematic services, in order to guarantee the integrity and authenticity of the data processed, to protect the interests of the Company and third parties, with particular reference to the Authorities and Public institutions. To this end, Arxis adopts appropriate measures to ensure that access to telematic and IT data takes place in full compliance with the regulations in force and the privacy of the subjects possibly involved and in order to guarantee the confidentiality of the information and ensure that its processing is carried out by subjects expressly authorized to do so, preventing undue interference. In particular, the Company prohibits:
  • illegal entering into IT or telematic systems protected by security measures;
  • the destruction, deterioration, cancellation or alteration of information, data or computer programs of others, of the State or of another public body;
  • the production of false IT documents, both private and public, with evidential value;
  • the installation of equipment designed to intercept, prevent or interrupt communications relating to an IT or telematic system or between several systems;
  • the subtraction, reproduction, dissemination or illegal delivery of codes, passwords or other means used to access a computer or telematic system protected by security measures.
3a. RULES OF BEHAVIOR
1 PRINCIPLES AND RULES OF BEHAVIOR FOR ARXIS STAFF
Staff must conform their behavior, both in internal relations and in relation to interlocutors who are external to the Company, with current legislation, this Code of Ethics and Corporate Regulations. Human resources are the most precious and indispensable resource for the operation of the company. The motivation and professionalism of the Recipients are decisive factors for the achievement of Arxis’s objectives and for responding to customer needs. Arxis requires its employees, at all levels, to collaborate in the development of a widespread climate of respect for colleagues, avoiding and, if necessary, reporting behavior that is harmful to the dignity of the person, gender differences, political and religious beliefs. The proper functioning of business processes and customer satisfaction derive, to a significant extent, from the professional skills of the employees and the behavior into which they translate. The development of professional skills in terms of knowledge, competences and practical skills is the subject of specific training programs, defined in relation to the profiles of the organizational roles present in the company. Arxis offers the same career opportunities to those who possess the characteristics required for access to higher functions, positions and/or profiles, without any discrimination and on the basis of merit-based criteria, of acquired professional competence and, in any event, on the basis of strictly professional and transparent parameters. The management of employment relationships is aimed at guaranteeing equal opportunities and encouraging the professional growth of employees. The Company promotes policies that facilitate the balance between personal and professional life, also by promoting forms of flexible working. The department managers fully employ and exploit all the professional skills present in the organization to encourage the development and growth of their collaborators. Arxis considers staff training and continuous updating on specific issues to be an indispensable requirement of the company. The Company promotes team spirit and mutual collaboration and expects employees, at all levels, to collaborate in maintaining a climate of mutual respect for the dignity and reputation of everyone. Every employee and collaborator must act loyally and in good faith, observing the obligations signed in the employment contract and ensuring active and intense collaboration, according to the directives of the company, as well as knowing and observing the ethical rules contained in this Code, modelling their own behavior on respect, cooperation and mutual collaboration. All actions, operations and negotiations and, in general, the behavior adopted in the performance of work activities, must be based on the principles of honesty, fairness, integrity, transparency, legitimacy, clarity and mutual respect, as well as be open to checks and controls according to current regulations and internal procedures. All activities must be carried out with commitment and professional rigor. Everyone must provide professional contributions appropriate to their assigned responsibilities and must act in such a way as to protect the reputation of the Company. With specific reference to the corporate department managers, each has the obligation to:
  • ensure compliance with the Code by their direct subordinates;
  • represent an example for their collaborators through their own behavior;
  • make every effort to ensure that their collaborators understand that the provisions contained in the Code are an integral part of their work performance;
  • select collaborators who undertake to observe the principles contained in the Code;
  • promptly inform the Board of Directors of any reports or needs from their subordinates.
Failure by department managers to comply with the aforementioned obligations may result in the application of disciplinary sanctions, including dismissal. In general, anyone who, acting in the name or on behalf of the Company, comes into contact with third parties with whom the Company intends to undertake commercial relations or is required to have relations of an institutional, social, political or any other nature, has the obligation to:
  • inform such subjects of the commitments and obligations imposed by the Code;
  • require compliance with the obligations of the Code in carrying out their activities;
  • take the necessary steps in case of refusal by third parties to comply with the Code or in case of failure or partial execution of the commitment to comply with the provisions contained in the Code itself.
In order for Arxis to operate fairly and transparently, all staff must make every effort to ensure that every decision taken in the context of their activities is made in the interest of the Company. Therefore, in conducting any activity, personnel are required to avoid situations of personal interest that constitute or may constitute, even if only potentially, a conflict between individual interests and those of the Company. All staff are obliged to refrain from taking advantage of their position within the Company in order to favor their person or third parties to the detriment or disadvantage of the Company. It is therefore forbidden to take part, either directly or indirectly, and for any reason whatsoever, in commercial initiatives that place staff, even if only potentially, in a situation of competition with the Company, unless such participation has been previously communicated to the Board of Directors and approved by the same. In particular, everyone is required to report the specific situations and activities in which they or, to the best of their knowledge, their relatives or similar up to the 2nd degree or de facto cohabitants, possess economic and financial interests (owner or shareholder) in the context of suppliers, customers, competitors, third party contractors or related parent or subsidiary companies, or hold administrative or control or managerial roles there. The following situations also represent conflicts of interest: ♣ use of one’s position in the company or of information or business opportunities acquired in the exercise of one’s office, to the undue advantage of oneself or of third parties; ♣ carrying out work activities by the employee and/or their family members at suppliers, sub-suppliers and competitors. In any event, ARXIS management and employees are required to avoid all situations and all activities in which a conflict with the company’s interests may arise or which may interfere with their ability to make decisions impartially and in the best interests of the company and in full compliance with the principles and contents of the Code or, in a general sense, to fulfill their functions and responsibilities to the fullest extent. Arxis requires that, in the context of work relationships inside or outside the company, there should be no harassment of employees, suppliers, customers or visitors under any circumstances or for any reason, including:
  • intimidation, threats, behavior or verbal offense that is an obstacle to the peaceful performance of one’s duties;
  • the creation of an intimidating, hostile or isolating work environment towards individuals or groups of workers;
  • unjustified interference with the performance of other people’s work;
  • the abuse, on the part of a superior, of their position of authority;
  • hindering the individual job prospects of others for mere reasons of personal competitiveness.
Arxis also requires that internal and external work relations should involve no discrimination of any kind against employees, suppliers, customers or visitors related to gender, race, language, religion, political opinion, personal or social conditions. Arxis implements preventive actions and rejects mobbing and personal harassment of all kinds, including harassment of a sexual nature. Anyone who, while working for the Company, believes that they have been subjected to harassment or that they have been discriminated against for any reason, can report the incident to the Board of Directors. Any act of retaliation against an employee who rejects, complains about or reports such unfortunate facts is prohibited. Arxis prohibits any employee or collaborator from abusing of alcoholic substances during working hours and before work; it also prohibits the taking, during working hours and/or before work, of drugs, hallucinogens or substances that otherwise prevent or hinder the regular performance of work. In any event, the Company also discourages the abuse of alcoholic substances and the use of drugs by every employee or collaborator outside working hours and regardless of the influence of such behavior on the regular performance of their work. In any event, states of chronic dependence on alcohol and drugs, which have an impact on the work performance and which may disturb the normal performance of the same, will be equated to the previous cases, regardless of the fact that the employee or collaborator did not abuse of alcoholic substances or take drugs during working hours. In the course of work and in the workplace, the following will be considered a conscious breach of the principles of this Code: ♣ providing service under the effects of the use/abuse/dependence of alcoholic substances, drugs or substances with a similar effect; ♣ abusing alcoholic substances, consuming psychotropic or narcotic substances or providing drugs for any reason during the course of work. Arxis undertakes to carry out the checks provided for by the legislation in force on its staff in order to verify their suitability for carrying out the tasks at risk by adopting any necessary measures. Recipients are required to respect and enforce the internal provisions and current legislation on the prohibition of smoking inside the premises, vehicles or other environments where smoking is prohibited for safety reasons. With regard to the use of electronic cigarettes, considering that no univocal certain effects have been reported on the impact on health in enclosed environments concerning the particulate inhaled using these cigarettes, whose cartridges may, in addition to nicotine, also contain other substances, albeit in nanometric measures, Arxis has decided, within its organization.
3b. RULES OF BEHAVIOR
1 RELATIONS WITH CUSTOMERS
Arxis wishes to apply the principles of collaboration, fairness, responsibility and loyalty in every relationship and business relationship, without prejudice to compliance with legality and competition. The relationship with customers is based on listening, availability, courtesy, honesty, loyalty, professionalism and, in any event, compliance with the general principles of this Code. In particular, it is mandatory to:
  • scrupulously observe the provisions of this Code;
  • observe the rules for personnel and internal procedures for managing relationships with customers;
  • provide, within the limits of the contractual provisions, reliable and quality services;
  • commit to providing a service that guarantees higher standards and seeking solutions aimed at providing added value to the customer;
  • provide accurate and exhaustive information about the services provided;
  • adhere to the truth in communications, refraining from any misleading practices;
  • consider the expectations of the various categories of customers.
Communications to customers must be formulated in full compliance with regulatory provisions, with clear, precise and complete methods. Arxis implements measures and procedures to verify and evaluate that customers are satisfied with the products and services offered, so as to continuously improve the level of its commercial offering and to be able to remedy cases of possible dissatisfaction quickly and effectively. In order to guarantee the maximum transparency and integrity of the sales system, Arxis establishes and implements an appropriate system of delegations and the segregation of functions. Customers often make personal data and information available for commercial purposes. Arxis takes all necessary measures to ensure the compliance of processing with the provisions of the law or regulations applicable from time to time and, in any event, the confidentiality of data and information according to the legitimate expectations of the customers themselves.
2 SUPPLIER RELATIONS
We are committed to making a positive contribution to society and to establishing and maintaining fair, trusting business relationships with our suppliers and other business partners. We try to establish business relationships with individuals who adhere to integrity standards similar to ours and we count on the collaboration of our suppliers to achieve the goals we set ourselves and not to fail in our commitment to integrity. In relationships involving the supply of goods, works and/or services, the Recipients of the provisions of this Code are obliged to: ♣ adopt objective criteria in carrying out the selection and evaluation procedures of suppliers, according to declared and transparent methods; ♣ not preclude any supplier, in possession of the required requisites, from competing to be awarded a supply contract with the Company, adopting selection criteria that observe the principles of transparency, competition and objectivity. When selecting the supplier, Arxis takes into account its ability to guarantee professionalism, financial solidity, appropriate corporate quality systems, availability of means and organizational structures, as well as compliance with the obligations regarding labor law and confidentiality; ♣ maintain a frank and open dialogue with suppliers, in line with good commercial practices; ♣ ensure the transparency and traceability of operations. Regarding contracts with suppliers, contractual clauses must be introduced which, depending on the case, may provide for declarations by the supplier regarding the possession of the subjective and organizational requirements, the know-how and resources appropriate for the needs and reputation of Arxis, as well as those related to the existence and effective implementation of appropriate corporate quality systems and compliance with labor law and confidentiality obligations. Regarding purchasing operations, it is necessary to verify the origin and quality of the goods in order to ascertain that they are not goods that do not conform to the characteristics specified or agreed and that they are not counterfeit. ARXIS is also aware of the enormous damage to society and free competition that can be linked to the presence of mafia infiltrations or other forms of crime in the business world and therefore undertakes to implement the current anti-mafia legislation and to exclude, in accordance with current legislation, any form of relationship with any subject if they learn of a conviction for activities related to organized crime by the competent judicial authorities. It is mandatory to check any information available in advance, including financial and reputational information, on commercial counterparties and suppliers before establishing significant business relationships with them, in order to ascertain their respectability, reliability and the legitimacy of their business. Relations with all suppliers are governed by the same general principles and are subject to continuous monitoring by Arxis. In particular: ♣ independence from individual suppliers must be pursued, avoiding the establishment of exclusive and/or long-term relationships, where not strictly necessary; ♣ consultancy contracts for which an analysis of the actual business need has not been carried out must be avoided; ♣ consultancy contracts must, in any event, provide for the evaluation of the effectiveness and quality of the service rendered, at the end of each service provided by the supplier.

Breaches of the general principles of the Code by suppliers result in the right of the Company to implement express termination clauses included in the individual supply contracts, together with the provision of specific declarations regarding knowledge of the principles contained in the Code and the undertaking of the obligation to observe these principles.

3 RELATIONS WITH THE COMMUNITY: ENVIRONMENT
Arxis’s business is based upon the principle of protecting and safeguarding the environment. Arxis complies with all EU and national legislation on environmental protection, as relevant. It also pays continuous attention to the evolution of legislation on the matter, in order to promptly adapt to the requirements that may arise. The company regularly checks the impact of its business on the environment and, on this basis, takes the necessary actions to remedy the negative effects and correct its operating procedures. The adherence of suppliers to the environmental principles summarized in this Code is an element that contributes to their evaluation by Arxis.
4. IMPLEMENTATION MECHANISMS
The Board of Directors has the following duties regarding the implementation and control of the Code:
  • cooperate in the decisions regarding the application of any sanctions for breaches of the Code with the manager of the person responsible for the censured behavior;
  • express opinions on the revision of the most significant company policies and procedures, in order to ensure consistency with the Code;
  • verify the application of the code and compliance with it;
  • monitor the initiatives for the dissemination of knowledge and understanding of the Code;
  • propose any revision of company policies and procedures with significant impacts on business ethics, as well as any updates, changes and/or additions to this Code.
The Code is brought to the attention of the Recipients and internal and external stakeholders through specific communication initiatives. In order to ensure the correct understanding of the Code by all Arxis employees and collaborators, the Company makes available its HR organization, which will undertake to clarify any doubts regarding the principles and ethical standards contained therein. In the event that the Recipients become aware of potential illegal behavior, they are obliged to report in accordance with the following. Reports can originate from any person: employees (including managers), members of corporate bodies (e.g. Board of Directors, etc.), third parties (e.g. partners, customers, suppliers, etc.). Reports must be sent to the Board of Directors. Any stakeholder who receives a report is required to immediately forward it to the competent person, guaranteeing its confidentiality. Reports are made in writing and possibly also anonymously and are sent as follows: by e-mail to the address: coach@arxis.it; by post to the attention of the Chairman of the Board at the address: Arxis srl – Via Torri Bianche 9 – 20871 Vimercate (Province of Monza and Brianza). It is the responsibility of the BoD to carry out an analysis of the report, possibly listening to its submitter and the person responsible for the alleged breach and involving in this analysis, if appropriate, additional functions that are competent in the matter. The Arxis Board of Directors will act in such a way as to guarantee the person who reported the alleged breach against any type of retaliation, understood as an act that could give rise to even just a suspicion of discrimination or penalization. The confidentiality of the identity of the person who submitted the report party is also ensured, without prejudice to legal obligations.

Any reports concerning the Chairman of the Board of Directors must be sent to one of the other two Directors.