Netcompany

The role of the administrative, management and supervisory bodies

Board of Directors composition

The Board of Directors consists of five non-executive members elected annually at the Annual General Meeting by the shareholders as per the Articles of Association, which prescribe three to seven members.

• Total members: 5
• Gender distribution: 2 female (40%), 3 male (60%)
• Independence: All five members (100%) are considered independent, according to the Danish Recommendations on Corporate Governance and applicable standards and guidelines
• There are currently only professionals on the Board of Directors
• Each member serves a one-year term and may be re-elected
• The Board of Directors appoints a Chair and a Vice Chair from its members
• Neither the Chairman nor the Vice Chairman are Netcompany executives, and their roles do not overlap with the CEO's responsibilities

Board of Directors members (2024)

Executive Management composition

Executive Management is made up of three executive members registered with the Danish Business Authority.

• Total members: 3
• Gender distribution: 0 female (0%), 3 male (100%)

Executive Management members (2024)

Governance structure

Netcompany has a two-tier governance system consisting of the Board of Directors and Executive Management in which responsibility is divided between the two independent bodies as set out in the Rules of Procedures for the Board of Directors and the Executive Management Instructions.

The Board of Directors is responsible for the overall and strategic management and proper organisation of Netcompany Group's activities. They supervise the Executive Management to ensure long-term value creation for the benefit of the company's stakeholders, including its shareholders.

Executive Management is responsible for executing day-to-day management on behalf of Netcompany Group, which aligns with the overall and strategic directions set by the Board of Directors. The Executive Management regularly meets informally with the Chair of the Board of Directors, and the Group CFO regularly meets informally with the Chair of the Audit Committee.

Board Committees

Board Committees support the Board of Directors by preparing tasks and making recommendations to the Board of Directors, who, in turn, make final decisions on the subjects at hand. The main tasks and duties of each committee are set out in separate committee charters, which are reviewed and, if deemed necessary, updated and approved by the Board of Directors annually. Members of the board committees, including the chair, are appointed by the Board of Directors among its own members.

Responsibility for the oversight of IROs is embedded within the Board Committees, particularly the Audit Committee, as evidenced through each of their committee charters.

Audit Committee

• Composition: Consists of three Board of Director members: Åsa Riisberg (Chair), Bart Walterus, Susan Cooklin
• Purpose and tasks: Assisting the Board of Directors with the oversight of financial, sustainability, and statutory audit matters, internal control and risk management, including business conduct, whistleblower procedures, and related tasks of the Netcompany Group. Tasks include supervision of the external auditor's independence and the procedure for the election of an external auditor and consulting the Board of Directors on environmental, social, and governance decisions, including in relation to the identification and assessment of material IROs and the integration of sustainability due diligence results into governance in processes and controls.

Remuneration Committee

• Composition: Consists of two Board of Director members: Juha Christen Christensen (Chair), Bo Rygaard
• Purpose and tasks: Supporting the Board of Directors by preparing and presenting proposals and recommendations on remuneration for the Board of Directors and Executive Management. Tasks include annually reviewing the Remuneration Policy and ensuring compliance with it, overseeing incentive programmes, including alignment with sustainability commitments when relevant, and specific targets; overseeing pension, retirement, death or disability or life assurance schemes for the Executive Management; and preparation of the Remuneration Report.

Nomination Committee

• Composition: Consists of two Board of Director members: Juha Christen Christensen (Chair), Bo Rygaard
• Purpose and tasks: Supporting the Board of Directors by preparing and presenting decision proposals and recommendations on the composition of the Board of Directors and Executive Management. Tasks include nominating candidates, evaluating the composition of the Board of Directors and Executive Management inclusion in relation to diversity and sustainability competencies, and reviewing the Diversity, Equity, and Inclusion (DEI) Policy annually.

Board meetings and attendance (2024)

Board of Directors meetings attended:

• Bo Rygaard: 8 out of 8 meetings (100%)
• Juha Christen Christensen: 8 out of 8 meetings (100%)
• Åsa Riisberg: 8 out of 8 meetings (100%)
• Susan Cooklin: 8 out of 8 meetings (100%)
• Bart Walterus: 8 out of 8 meetings (100%)

Committee meetings attended:

• Bo Rygaard: 4 out of 4 meetings (100%)
• Juha Christen Christensen: 4 out of 4 meetings (100%)
• Åsa Riisberg: 5 out of 5 meetings (100%)
• Susan Cooklin: 5 out of 5 meetings (100%)
• Bart Walterus: 5 out of 5 meetings (100%)

Sustainability-related expertise

Board of Directors special competencies

All board members possess sustainability-related expertise:

• Bo Rygaard: General Business Management, Corporate Strategy, M&A, Home Market, Human Capital and Organisational Development, General Sustainability Expertise (ESG and CSRD), and experience in serving on other public boards
• Juha Christen Christensen: General Business Management, Corporate Strategy, M&A, Technology and Digital Transformation, International Markets, Human Capital and Organisational Development, General Sustainability Expertise (ESG and CSRD), and experience in serving at other public boards
• Åsa Riisberg: General Business Management, Corporate Strategy, M&A, Private Equity Investing, International Markets, Finance and Accounting, including non-financial reporting (CSRD), General Sustainability Expertise (ESG), and experience in serving on other public boards and audit committees
• Susan Cooklin: General Business Management, Corporate Strategy, Technology and Digital Transformation, International Markets, Public Sector and EU Markets, Human Capital and Organisational Development, and Finance and Accounting, General Sustainability Expertise (ESG and CSRD)
• Bart Walterus: General Business Management, Corporate Strategy, M&A, Technology and Digital Transformation, International Markets, Public Sector and EU Markets, Human Capital and Organisational Development, Finance and Accounting, and Risk Management and Compliance, General Sustainability Expertise (ESG and CSRD)

Executive Management sustainability expertise

• André Rogaczewski (CEO): Digitalisation Impacts on Consumers and End-Users, Non-Discrimination of End-Users, Value Creation through Digitalisation, and Corporate Culture
• Claus Jørgensen (COO): Work-Life Balance, Health and Safety, Secure Employment, Gender Equality and Diversity, Training and Skills Development, Freedom of Association and Social Dialogue, and Data Privacy
• Thomas Johansen (CFO): Financial and Non-Financial Reporting (CSRD), Risk Management and Compliance, Corporate Governance, and Environmental Management

Board evaluation

The Board of Directors annually assess and evaluate the competencies, diversity, knowledge, and experience of the individual members of the Board of Directors and the Executive Management, as well as the cooperation between the two bodies. The findings are reported to the Board of Directors.

During 2024, the Board of Directors engaged external advisors in the conduction of the annual evaluation, as recommended by the Recommendations on Corporate Governance, to be done at least every third year. The evaluation was based on an anonymous questionnaire that the individual members of the Board of Directors had been asked to prepare and comment on, followed by individual interviews between the Chair and the individual members of the Board of Directors.

The evaluation covered the effectiveness, performance, and composition of the Board of Directors as well as other topics included in the Recommendations for Corporate Governance, i.e., the individual member's contribution, the leadership skills of the Chair, the quality of committee work, and meeting participation. The evaluation also assesses and ensures that the skills and expertise available on the Board of Directors are still sufficient and relevant, and utilised in the best possible way.

Key findings from 2024 evaluation:

• The Board of Directors is working well and the materials produced to the Board of Directors are of a high quality
• The Board of Directors has the right competencies and qualifications
• High satisfaction in terms of the cooperation between the Board of Directors and Executive Management
• Both the Executive Management and the Board of Directors found that the Chair leads in an efficient manner and that there is high motivation and engagement
• No current need for any additional committees
• The Board of Directors finds the current composition and members suitable
• Confidence in the ability of the Board of Directors to handle sustainability matters, including the reporting requirements of CSRD
• The delegation of sustainability-related tasks to the Audit Committee has been effective
• The Board of Directors noted amongst itself the importance of continuously evaluating whether the Board of Directors continues to possess the necessary sustainability expertise as Netcompany's sustainability strategy and corporate governance due diligence framework evolves

Oversight of sustainability IROs

Responsibility for the oversight of IROs is embedded within the Board Committees, particularly the Audit Committee. Business conduct policies, including the Code of Conduct, are reviewed and approved annually by the Board of Directors.

Management roles in sustainability IRO control

Group Finance is the primary body within management levels responsible for the identification, management, and communication of IROs. They ensure financial and non-financial compliance through the establishment of appropriate controls and procedures for sustainability data collection, which are integrated with financial reporting systems and guidelines. They ensure legal compliance with all sustainability matters from a reporting perspective, relevant sustainability standards and regulatory requirements.

Group Legal provides counsel for the legal compliance of disclosures on sustainability matters from both a reporting perspective and in terms of relevant sustainability standards and legal requirements for specific matters. Disclosures of governance matters are anchored within Group Legal.

Group HR: Disclosures on social matters concerning our own workforce are anchored within Group HR, who reports data about employees and social activities to Group Finance for DMA and reporting purposes.

Business units: The individual business units are responsible for the research and development of IT services, products, platforms, and projects. The business is supported by Group Finance in terms of the sustainability aspects of navigating the management of business relationships and incorporating considerations of end-user and consumer impacts in design and development processes. The business units also service Group Legal to ensure that IT service activities, products, and platforms comply with applicable sustainability legislation and guidelines, and they are informed by Group HR of any social aspects related to the workforce whenever this is relevant to the specific project.

Executive Management: The Group CFO is the individual within the Executive Management responsible for the disclosure and reporting of financial and non-financial matters. The Executive Management participates in meetings with the Board of Directors and use their knowledge and expertise, supported by the administration and the business, to guide the Board of Directors and enable them to make informed decisions on sustainability matters. Final decisions on IROs are made by the Board of Directors.

Frequency of sustainability discussions

The Board of Directors and its committees are regularly informed of and address sustainability matters. The Board of Directors is informed about sustainability matters quarterly.

Quarterly agenda 2024:

Q1 - Annual Reporting: In the first quarter, the Board of Directors review and approve the Annual Report, including the material IROs of the previous year. The Annual Report informs shareholders and other stakeholders of the results and effectiveness of the policies, actions, as well as metrics and related targets if and when applicable.

Q2 - IRO Reporting: In the second quarter, Executive Management communicates, based on the results of the DMA, the list of identified material IROs and affected stakeholders to the Audit Committee, who in turn presents this information, with related recommendations, to the Board of Directors. The Board of Directors incorporates the results of the DMA into decision-making going forward.

Q3 - IRO Deep dive: In the third quarter, the Audit Committee receives detailed information on material IROs. This includes how the results inform the reporting scope of the Annual Report, with a complete overview of all ESRS topical standards, disclosure requirements, and data points to be disclosed in the Annual Report.

Q4 - Impact, SDD, and policy review: In the fourth quarter, the Audit Committee and the Board of Directors review any mitigating and preventive actions taken in response to material impacts during the year and assess whether additional action is required, and if SDD processes and policies need amending. The Remuneration Committee assesses remuneration to the Executive Management according to their performance during the year, including the sustainability KPIs referred to in the incentive schemes. The Nomination Committee evaluates the profiles of the members of the Board of Directors, and subsequently makes recommendations to the Board of Directors in terms of gender composition, targets, and policies for the Board of Directors and other managerial functions.

In addition to quarterly reporting, the Executive Management is informed of Netcompany's activities on a day-to-day basis. The reporting lines for information on material IROs are disclosed under management responsibilities.

Each quarter, the main risks and mitigating actions are presented to the Audit Committee and the Board of Directors, who discuss Netcompany's overall risk level. Quarterly risk meetings ensure that relevant mitigating actions are implemented by Executive Management, who continuously oversees Netcompany's net risk exposure.

In 2024, a quarterly sustainability impact report was introduced on significant actual and potential negative impacts from value chain activities. This report, informed by the DMA and sustainability due diligence (SDD), tracks actions to prevent, mitigate, or remediate identified impacts and is presented to the Board of Directors alongside financial risks. Thus, sustainability management is integrated into regular risk management processes and controls.

Diversity policy and targets

The Diversity, Equity and Inclusion Policy applies to everyone at Netcompany – from the Board of Directors and Executive Management to all other employees and includes requirements from both hard and soft law. The policy is adhered to by the Board of Directors when a new Board member is proposed at a general meeting and in connection with the hiring and promoting of persons to managerial positions.

The current gender distribution of the Board of Directors is considered equal, and going forward, Netcompany strives to maintain an equal representation of the underrepresented gender on the Board of Directors.

Netcompany has a focus on equal gender distribution both at Netcompany and generally within the IT sector, as there are statistically fewer women in the IT industry. In addition to gender, the company also considers other aspects of diversity e.g., age, or educational and commercial background.

Independence and effectiveness arrangements

As a listed company, Netcompany observes the Danish Recommendations on Corporate Governance, which are based on the comply-or-explain principle. Netcompany fully complies with 40 out of the 40 recommendations according to the Danish Committee on Corporate Governance and annually prepares a statement on corporate governance for the financial year.

A formal risk management policy defines the company's risk appetite, roles, and responsibilities. Netcompany has established a comprehensive risk management structure that ensures the identification, assessment, management, and monitoring of risks across the organisation. A strong risk culture is promoted throughout the company, with all employees responsible for risk management. The governance framework involves both the Board of Directors and Executive Management in risk assessment and decision-making.

Integration of sustainability-related performance in incentive schemes

Overview

We have incentive schemes in place for the Executive Management which are linked to sustainability matters, amongst other factors. These incentive schemes are variable components of the general remuneration policy referred to as our Short-Term Incentive Programme (STIP) and Long-Term Incentive Programme (LTIP), both of which are received by members if they fulfil certain performance criteria (KPIs). If these are partly fulfilled, part remuneration proportional to the level of fulfilment may occur.

Roles covered

The incentive schemes apply to members of the Executive Management, which consists of:

• Chief Executive Officer (CEO)
• Chief Operating Officer (COO)
• Chief Financial Officer (CFO)

Sustainability KPIs tied to remuneration

The specific sustainability-related incentives used to assess the performance of Executive Management members in relation to these schemes are:

• An increase in female representation in managerial positions
• A reduced kWh per employee

Weighting

Currently, 10 percent of the variable remuneration awarded to the Executive Management is dependent on these sustainability incentives.

Governance and evaluation

The Remuneration Committee must evaluate whether the Remuneration Policy satisfies its objectives in terms of the realisation of short- and long-term goals and shareholders' interests on an ongoing basis and, as a minimum, annually in connection with the Remuneration Committee's assistance with the preparation of the Remuneration Report.

The Remuneration Committee's purpose and tasks include:

• Supporting the Board of Directors by preparing and presenting proposals and recommendations on remuneration for the Board of Directors and Executive Management
• Annually reviewing the Remuneration Policy and ensuring compliance with it
• Overseeing incentive programmes, including alignment with sustainability commitments when relevant, and specific targets
• Overseeing pension, retirement, death or disability or life assurance schemes for the Executive Management
• Preparation of the Remuneration Report

In the fourth quarter, the Remuneration Committee assesses remuneration to the Executive Management according to their performance during the year, including the sustainability KPIs referred to in the incentive schemes.

If any major revision is proposed, the Remuneration Policy is presented and voted on at the Annual General Meeting. The Remuneration Policy is also presented and submitted to a vote at least every fourth year in accordance with the Danish Companies Act, section 139 (2), while the Remuneration Report is subject to an advisory vote annually in accordance with the Danish Companies Act, section 139 b (4).

Further information

Further details on the Remuneration Policy are available at netcompany.com/investor/governance/

Strategy, Business Model and Value Chain

Our Business Model

Built to innovate Europe with responsible digitalisation

Netcompany is a leading provider of next-generation IT solutions, focusing on three key elements: People, Sales & Delivery, and Execution. We create products, platforms, and solutions that ensure transparent and easy access to government activities, prioritising citizen engagement and upholding transparency and trust through robust data protection and open governance.

People

• Attracting and nurturing top talent through a structured career path, mentoring, and coaching programmes.
• Offering an inclusive environment where employees thrive through onboarding and continuous learning initiatives.
• Supporting personal and professional growth with wellbeing initiatives and challenging, meaningful tasks.
• Empowering employees with ownership and responsibility to drive innovation and sustainable growth.
• Collaborating with authorities, universities, and businesses to promote long-term digital transformation.

Sales & Deliveries

• Implementing an industry-driven Go-To-Market strategy with tailored, high-quality solutions.
• Balancing strategic top-down decision-making with frontline customer engagement for responsiveness.
• Enhancing customer satisfaction by addressing challenges with innovative and scalable solutions.
• Streamlining delivery through reusability, rapid execution, and efficient resource allocation, reducing waste.
• Strengthening collaboration between market units to foster synergies and drive regional growth.

Execution

• Delivering business-critical solutions with agile, transparent, and methodologies focused on responsible digitalisation.
• Ensuring solutions for cloud, on-premises, or hybrid models to meet diverse needs.
• Leveraging open-source technologies for flexibility, transparency, and customer-driven customisation.
• Reducing risks and accelerating time-to-market through reusable and well-documented solutions.
• Building robust digital infrastructures that support transparency, trust, and responsible digitalisation.

Our Equity Story

Netcompany's ambition is clear and resolute: to become a market leader in IT services in Europe by 2030. This goal is underpinned by a strategic focus on expansion, innovation, and leveraging our unique delivery capabilities and methodologies.

Leading Europe's digital future by 2030

Our ambition is supported by our unique value proposition, which includes:

Delivery Capability and Technical Foundations: We have a proven track record of delivering high-quality, on-time, and on-budget solutions across various markets. This success is underpinned by our robust library of platforms, accelerators, and reusable components that significantly lower risks, enhance productivity, and ensure the efficiency of our delivery processes.

Industry Insight and Go-To-Market strategy: Deep expertise in selected industries, enabling us to provide tailored solutions that meet specific market needs, combined with a structured Go-To-Market approach driven by domain insight and a commitment to helping governments.

Investing in talent and societies

By investing in societies and citizens to stand independently and resiliently, we empower a modern Europe rooted in democracy, justice, and social security:

Talent development: We attract and rigorously train top talent, providing continuous learning opportunities and career development. This ensures our teams are equipped to deliver high-quality solutions and drive innovation.

Societal contribution: We believe in the power of technology to make a positive impact on societies. Our solutions aim to balance innovation, growth, welfare, and political stability, contributing to a modern and democratic Europe.

Driving responsible digitalisation

At the heart of our ambition is a commitment to responsible digitalisation, focusing on transparency, trust, and sustainability:

Citizen empowerment: We prioritise solutions that foster citizen engagement, promote inclusivity, and ensure transparent access to government activities and processes. By leveraging open data initiatives, secure digital identities, and user-centric design principles, we empower citizens to interact with public services more efficiently and confidently.

Sustainable Practices: Our approach to sustainable digitalisation involves developing technology-agnostic, reusable IT solutions that not only enhance efficiency but also promote environmental responsibility. We actively avoid vendor lock-in by building adaptable, modular systems that can evolve with technological advancements and shifting market needs.

Leveraging products and platforms

A cornerstone of our ambition is the effective utilisation of our extensive and diverse portfolio of platforms and products.

Common tools and methodologies: Our delivery model is underpinned by common tools and methodologies that ensure consistency, reliability, and efficiency. This approach reduces time-to-market and lowers the total cost of ownership for our clients.

Reusable solutions: By emphasising reusability, we provide proven, flexible solutions that can be rapidly adapted to meet diverse customer needs across different sectors. This not only enhances our competitive edge but also fosters innovation and sustainability.

Exporting and implementing our business model

Our unique business model and methodologies are integral to our success:

Proven methodology: Our approach to developing and implementing complex solutions is unique and difficult to emulate. This methodology will be applied to new joint projects with acquired companies, ensuring a seamless transition and integration.

Targeted market expansion: In smaller markets, we will establish greenfield operations, while transformational acquisitions will be reserved for opportunities that add significant value through products, platforms, and customer bases.

Expanding market presence in Europe

Netcompany is poised to strategically expand its market presence across Europe to realise its ambition of being a leader in responsible digitalisation. Our expansion strategy will involve a combination of large-scale acquisitions and organic growth initiatives designed to penetrate new markets, increase our footprint, and position us as a key player in the European digital landscape.

Strategic acquisitions: We aim to enter new countries or accelerate growth in established countries by acquiring well-run companies with existing products and customer bases, instantly achieving scale and market penetration.

Organic growth: Simultaneously, we will build our market presence organically by winning significant projects with new clients. This dual approach ensures robust and sustainable growth.

Interests and views of stakeholders

Stakeholder engagement approach

Our key stakeholders include both internal and external parties who help us create value and for whom we generate value. A continuous dialogue with these stakeholders informs our strategic decisions and daily operations in areas such as employee training and development, diversity, equity, and inclusion (DEI) initiatives, our methodology and delivery model, sustainability efforts, procurement practices, and strategic partnerships. Specifically for our clients, we continuously assess their needs to adapt to shifting market demands. Each stakeholder group has unique needs and perspectives, and their relationships with us can lead to both positive and negative impacts. Our goal is to stay informed and act on opportunities and risks identified through our engagement and dialogue with key stakeholders.

Integration into governance and strategy

Views and interests of our key stakeholders are continuously discussed internally in the relevant departments and business units. The Board of Directors are informed regularly, as a minimum, in connection with annual DMA reviews via Executive Management to ensure timely action and ongoing development of our strategy and business model.

Our approach to stakeholder engagement varies depending on the stakeholder group, and we utilise a mix of informal and formal channels and methods to maintain dialogue. Our client dialogue includes informal touchpoints throughout a project lifecycle and formal, structured meetings. Additionally, we conduct an annual client satisfaction survey (NPS) for our most significant client engagements across our entities. Industry insights and discussions with our clients on their risks and opportunities also inform us of the interests and views of end-users.

Beyond our key stakeholder dialogue, we engage with internal subject-matter experts to understand IROs. These experts include key employees with responsibilities and insights into specific parts of our business model and operations. In relation to sustainability matters, we utilise external advisors with in-depth domain knowledge in areas such as environmental matters related to our business model.

Stakeholder engagement is also an important part of our ongoing sustainability due diligence efforts.

Key stakeholder groups

Key concerns and views of stakeholders

The interests and views of our key stakeholders vary due to the nature of the relationship. Generally, our key stakeholders expect us to operate ethically with high standards for business conduct.

Our clients expect best-in-class competencies within our industry as well as domain knowledge in the applicable industries of our clients. The expectations of our people include development and career advancement opportunities, mental and physical wellbeing, and a market conform compensation package.

Integration into strategy and business model

Our DMA and the information in the sustainability statements underscore the most important topics for our stakeholders as it considers the identified interdependencies, IROs related to our value chain.

Distinction between affected stakeholders and users of information

The stakeholder overview identifies both affected stakeholders (employees, suppliers and business partners, clients, civil society and end-users) and users of sustainability information (investors and shareholders). The table distinguishes these groups through separate categorization of their engagement purposes and value creation outcomes.

Material impacts, risks and opportunities and their interaction with strategy and business model

Material IROs Overview

Netcompany has identified material impacts, risks, and opportunities (IROs) through its Double Materiality Assessment (DMA) conducted in 2024. The material IROs are outlined across environmental, social, and governance topics and are primarily concentrated close to the company's own operations, affecting the ability to develop and deliver IT services, products, platforms, and projects.

List of Material IROs

Climate Change (E1)

Water and Marine Resources (E3)

Resource Use and Circular Economy (E5)

Environmental Certification (ISO 14001)

Own Workforce (S1)

Consumers and End-Users (S4)

Business Conduct (G1)

Interaction with Strategy and Business Model

Netcompany's material IROs are primarily located in own operations related to the workforce and resources used when operating data centres for hosting solutions. Parts of the upstream and downstream value chain include crucial equipment and services that the company is dependent on to deliver value to customers and to enable responsible digitalisation across Europe.

Key business relationships are located in the upstream, mainly suppliers of hardware and software, whereas data centre suppliers are considered predominantly in the downstream value chain. In addition to own employees, these upstream components of the value chain enable the company to sustain its strategy and business model.

As material IROs are related to core business activities and ability to grow, initiatives to improve opportunities and mitigate impacts and risks are embedded in already established governance structures. The identified material environmental impacts, which are actual and negative, relate to the strain operations and business model put on the environment regarding carbon emissions and resource use. The identified social impacts are of a predominantly potential negative nature, primarily due to sector challenges such as non-digital consumers, privacy, high workload, and gaps in diversity and inclusion.

Resilience to Material IROs

The company assesses its resilience as high within the time horizons applied in the 2023 and 2024 DMAs. The resilience analysis is based on qualitative input by internal subject-matter experts, including an overall assessment of the mitigating factors in place across all IROs, as gathered in the DMA process.

Regarding climate-related risks specifically, the company considers its business model and current assets and locations to be exposed to a low degree of climate-related risks and assesses resilience to be at a high level. The company has focused on the short- to medium-term and the activities it knows and understands well. The company has fewer insights into the potential value chain risks that could indirectly affect it but generally considers these less likely to pose a real risk to performance and financials. The identified impacts and risks are not considered to directly influence the overall business model or strategy over the short- or medium-term.

Changes to Material IROs from 2023

As a result of continued CSRD implementation following 2023's partial pre-implementation, the DMA 2024 provided more granularity in the identified IROs. The material topics described in the Annual Report 2023 have been assessed at a more detailed level in this sustainability statement, considering sub and sub-sub-topics per CSRD requirements.

Current Financial Effects

The current financial effects of the identified material risks and opportunities are limited. The resources used to ensure compliance with the CSRD and EU Taxonomy are similar to last year, while the number of people working in this area has slightly increased. The company has also increased spending on external advisory and limited assurance due to the CSRD implementation.

Description of the process to identify and assess material impacts, risks and opportunities

Overview

Since 2022, Netcompany has conducted an annual Double Materiality Assessment (DMA) and reported on this in sustainability statements. The methodology for assessing material IROs has evolved to comply with CSRD requirements as well as becoming integrated with the Enterprise Risk Management (ERM) system and Sustainability Due Diligence (SDD).

In 2024, Netcompany expanded on the previous year's DMA to identify the sustainability matters that are material to the business and value chain. The company implemented a more structured approach to CSRD reporting by standardising data collection and established processes for analysing and controlling data.

The DMA introduces Impacts, Risks, and Opportunities (IROs) that inform about sustainability matters. Identifying IROs involves assessing the potential impacts of activities on the environment and people, the risks posed by sustainability matters to Netcompany, and the opportunities that sustainability initiatives can create.

Step-by-step methodology

The 2024 DMA process consisted of five steps:

01 - Re-visiting the 2023 DMA

As previous years' DMAs lay the foundation for the newest, Netcompany revisited the 2023 DMA. The company implemented a structured scoring system and thresholds to further develop and strengthen the methodology and ensure consistency when assessing sustainability matters.

02 - Evaluation of general core elements

Core elements crucial to conducting a DMA were reassessed. These included business model, strategy, value chain, stakeholders, geographic locations, and dependencies.

03 - DMA on each topical ESRS

The sustainability reporting team led the process of collecting data, conducting interviews and assessing the information to form conclusions on materiality. All topics, sub-topics and sub-sub-topics were evaluated based on the same scoring system and thresholds. Internal subject-matter experts were key in this process.

04 - Internal reviews

The sustainability reporting team and the Director of Group Accounting and External Reporting conducted internal reviews in close dialogue with the General Counsel, CFO, and COO, prior to the Audit Committee's review and approval.

05 - Audit Committee review and approval

The Audit Committee was presented with all topical DMAs, the collective list of material IROs, and supporting documentation and explanation. In addition to being presented with the methodology, process, and results, the meeting enabled the Audit Committee to ask questions and provide feedback before approving the 2024 DMA.

Inputs to the assessment

Internal inputs

The assessment rests on initial engagement with relevant stakeholders. The development of the DMA methodology and the management of the DMA process is centralised to ensure consistency in the application of scores and thresholds.

Internal subject-matter experts:

The following table shows which ESRS sustainability matters were assessed by whom and the key input parameters used:

Other internal inputs:

• Policies, documents related to Standard Operating Procedures
• Interviews and questionnaires
• Internal workshops

External inputs

• External environmental experts were consulted to provide domain knowledge
• Co-host data centres were consulted
• Advisory by external experts in social matters (from 2023 DMA)
• External advisors for specific topics

ESRS guidance and sector benchmarks

In the DMA process, the company considered the topics prescribed in the regulation ESRS1 (Article 16) and other relevant topics when assessing IROs.

Both hard and soft law, such as the Danish Recommendations on Corporate Governance, the EU Whistleblower Directive, UK Bribery Act 2019, the Foreign Corrupt Practices Act, current and upcoming EU anti-corruption legislation and the OECD Guidelines on Multinational Enterprises, were consolidated and assessed against current practices.

Scoring criteria for impact materiality

In 2024, Netcompany introduced a scoring system aligned with the ERM system for the DMA process.

For the impact assessment, the company used the scoring system to evaluate the:

• Scale
• Scope
• Irremediability (collectively severity)
• Likelihood of all sustainability matters

Scoring criteria for financial materiality

For financial materiality, the scoring system assessed the:

• Likelihood
• Potential magnitude of financial effects caused by a sustainability matter

Financial risks and opportunities were assessed and scored using the existing ERM framework.

Threshold for materiality

Thresholds were applied for both the financial and impact assessments.

Financial thresholds were applied in the DMA process to assess financial risks and opportunities to ensure alignment with how risks are generally evaluated in relation to financial performance.

For the impact assessment, internally developed thresholds were applied, based on inspiration from advisors. These thresholds helped evaluate and identify impacts to satisfy the needs of stakeholders, including the readers of sustainability statements.

Frequency / when last reviewed

The DMA is reviewed annually and expected to be updated as data and knowledge relating to certain IROs expand, considering, for instance, changes in the factors and inputs assessed when conducting the previous year's DMA.

The most recent DMA was conducted in 2024.

Use of value chain mapping in the process

Netcompany mapped its sustainability impacts and how the external environment could affect Netcompany through the DMA.

Value chain mapping for SDD

As part of the Sustainability Due Diligence process, which informs the DMA, Netcompany mapped its value chain, including upstream and downstream stakeholders, and grouped them by activities, geography, sectors, and business dependencies.

The scoping helps identify and prioritise activities or business relationships with the highest likelihood of adverse impacts. Value chain actors identified as having a higher likelihood of adverse impacts are prioritised for further assessment based on their scoring, not the strength of business relationship.

Value chain context

The sustainability statements cover the main value chain of the Netcompany Group, including the IROs identified in upstream, downstream, and own operations.

As an IT service company, Netcompany's material IROs are mainly located in own operations related to own workforce and the resources used when operating data centres for hosting solutions. Parts of upstream and downstream value chain include crucial equipment and services that the company is dependent on to deliver value to customers and to enable responsible digitalisation across Europe.

Key business relationships are located in the upstream, mainly suppliers of hardware and software, whereas data centre suppliers are considered predominantly in the downstream value chain. In addition to own employees, these upstream components of the value chain enable Netcompany to sustain its strategy and business model. With hardware being crucial to the business model, another feature of downstream value chain includes the resource outputs related to decommissioned data centres and office hardware.

Integration with governance and decision-making

Following the sustainability governance, the sustainability reporting team in Group Finance managed the DMA process in collaboration with internal subject-matter experts and with external advisory when applicable.

To ensure an understanding of CSRD's legal framework and the identified IROs, the Audit Committee was presented with a thorough walkthrough of the DMA methodology, thresholds, process, and findings before approving the final DMA.

The Board of Directors incorporates the results of the DMA into decision-making going forward. In the second quarter, Executive Management communicates, based on the results of the DMA, the list of identified material IROs and affected stakeholders to the Audit Committee, who in turn presents this information, with related recommendations, to the Board of Directors.

Changes to material IROs

As a result of continued CSRD implementation following 2023's part pre-implementation, the DMA 2024 provided more granularity in the identified IROs. The material topics described in the Annual Report 2023 have been assessed at a more detailed level in this sustainability statement, considering sub and sub-sub-topics per CSRD requirements.

Transition plan for climate change mitigation

Currently, we do not have a transition plan for climate change mitigation, ensuring our strategy and business model are compatible with the transition to a sustainable economy and limiting global warming to 1.5 degrees in line with the Paris Agreement, but have initiated work to assess how to best approach this, based on the full GHG disclosures established for 2024.

Policies related to climate change mitigation and adaptation

Netcompany has established environmental policies that address climate change mitigation and adaptation. These policies are not disclosed under a specific formal name but are described as "environmental policies" covering climate-related matters.

Environmental Policies

Key content and principles:

• Renewable energy deployment: The policies address the need for renewable energy by actively seeking to deploy clean and renewable energy sources in network and data centre operations and facility management
• Energy consumption management: The policies address caution around energy consumption by deploying available technology with low energy demand, which shall be used whenever applicable
• Modern power-saving infrastructure: The policies aim to ensure that modern power-saving infrastructure exists across entities and that the most energy-efficient hardware available is used
• Building energy optimisation: The policies seek to decrease overall energy consumption from buildings through optimisation of heating and cooling
• Data centre standards: The policies include collaboration with co-host data centre partners to ensure external server capacity meets the highest environmental standards
• Business travel: The policies state that employees should consider environmentally friendly telecommunication solutions as an alternative to travel. If travel is required for business consideration, alternative means of transportation must be considered when effective

Scope:

• The policies address business operations, including offices and data centre activities across the Group
• The policies cover employee business travel
• The policies extend to collaboration with co-host data centre partners

Governance and oversight:

Not explicitly disclosed in the excerpts provided.

Link to identified risks:

The policies address the identified financial risk of failing to meet both existing and potential clients' demands for climate-mitigating actions by addressing carbon footprint related to business travel.

Public availability:

The excerpts reference a policy overview on page 80, but no specific URL or public accessibility statement is provided.

Implementation and monitoring:

Established processes are anchored within the functions that have daily responsibility for ensuring adherence to policies. Environmental topics are integrated into relevant business functions. The company considers the efforts required to manage climate actions to be moderate and does not expect significant resources will need to be allocated for next steps in climate action plans.

Current status:

The company acknowledges that while important steps have been taken, "our journey to reducing our carbon emissions is in its early stages." The company is currently establishing its carbon footprint throughout the organisation and preparing to address areas other than sourcing renewable energy and business travel by initially building a solid carbon data foundation.

Actions and resources in relation to climate change policies

Overview

Netcompany's mitigation actions relate to impacts addressed in their environmental policy. The company has worked on mitigating impacts of energy consumption before implementing CSRD reporting requirements. Actions focus on deploying renewable energy and establishing a solid foundation for reporting practices.

Renewable Energy Deployment

Scope: Own operations (offices and data centre activities)

Actions taken:

• Power Purchase Agreements (PPA) in Denmark covering office activities, with plans to establish additional PPAs for remaining office activities (expected to be signed in 2025)
• Guarantees of Origin (GoO) purchases for electricity from renewable sources to cover remaining Group electricity consumption

Results achieved in 2024:

• 200 MWh reduction through PPA in Denmark
• 2,889 MWh additional excess GoO reduction secured
• 89 MWh additional excess GoO reduction through lessor's PPA for office facilities in Denmark
• 6,822 MWh reduction through additional GoOs in the market
• Overall renewable energy share improved by 9.4 percentage points, from 47.2% to 56.6%

Client Emissions Reporting Tool

Scope: Downstream value chain

Action: Set up a tool to calculate emissions specific to client engagements to provide clients with reliable data for their GHG reporting

Time horizon: Ongoing optimization expected

Resources Allocated

Non-financial resources:

• Current resources dedicated to managing climate actions are integrated into relevant business functions
• The company considers efforts required to manage climate actions to be moderate
• No significant resource allocation expected for next steps in climate action plans

Financial resources: Not quantified in the disclosure

Business Travel Mitigation

Scope: Own operations

Policy-based actions:

• Employees should consider environmentally friendly telecommunication solutions as an alternative to travel
• When travel is required, alternative means of transportation must be considered when effective

Energy Efficiency Actions

Scope: Own operations

Actions:

• Deployment of available technology with low energy demand
• Ensuring modern power-saving infrastructure exists across entities
• Using the most energy-efficient hardware available
• Decreasing overall energy consumption from buildings through optimization of heating and cooling
• Collaboration with co-host data centre partners to ensure external server capacity meets highest environmental standards

Links to Policies and Targets

All actions are linked to the environmental policies described in E1-2. The company has not identified material climate-related targets for disclosure under E1-4, but processes are anchored within functions responsible for policy adherence and addressed through ISO 14001 certifications.

Targets related to climate change mitigation and adaptation

Netcompany has not identified any material targets relevant to disclose for climate change mitigation and adaptation.

As stated in the E1-4 section:

"We have not identified any material targets relevant to disclose. Our established processes are anchored within the functions that have daily responsibility for ensuring adherence to our policies. Environmental topics are also addressed on a continuous basis through our ISO 14001 certifications."

The company notes in E1-1 that:

"Currently, we do not have a transition plan for climate change mitigation, ensuring our strategy and business model are compatible with the transition to a sustainable economy and limiting global warming to 1.5 degrees in line with the Paris Agreement, but have initiated work to assess how to best approach this, based on the full GHG disclosures established for 2024."

Energy consumption and mix

Energy consumption by source

Scope and methodology

Non-renewable sources: Covers fuel consumption related to the Group's leasing car fleet, natural gas consumption related to the heating of office buildings, consumption of electricity related to Netcompany-controlled data centre operations and office activities, and district heating related to office activities. For conversion from litre and m³ consumption to megawatt-hours, Defra/DEEC's Fuel conversion factors from 2024 have been used.

Renewable sources: Covers district heating and electricity related to office activities and Netcompany-controlled data centre operations.

The overall energy consumption increased by 13.4% from 16,903.3 to 19,172.2 megawatt-hours. This increase was primarily a result of a full year in the new headquarters and new office buildings in Greece. The total renewable energy share improved by 9.4 percentage points, increasing from 47.2% to 56.6%.

In 2024, through a PPA in Denmark, the company achieved a 200 MWh reduction, and secured an additional excess GoO reduction of 2,889 MWh. The lessor of office facilities in Denmark has a PPA where an additional excess GoO reduction of 89 MWh was achieved. Furthermore, an additional reduction of 6,822 MWh was secured through additional GoOs in the market.

Gross Scopes 1, 2, 3 and Total GHG emissions

Netcompany discloses gross GHG emissions in line with ESRS E1-6 requirements, with base year 2022 and multi-year data. All figures in tonnes CO₂e unless otherwise stated.

Scope 1 GHG emissions

Scope 1 sources: Fuel consumption for leased cars and natural gas for office heating. The leased car fleet comprises the majority of Scope 1 emissions. No further disaggregation by stationary/mobile combustion provided.

Scope 2 GHG emissions

Scope 2 sources: Electricity and district heating for data centres and offices. In 2024, 100% of electricity consumption on the European energy grid was covered by Guarantees of Origin (GoO). The market-based increase was driven by increased business activities in entities operating outside the European energy grid.

Scope 3 GHG emissions

Netcompany reports six Scope 3 categories in 2024 (five in 2023; category 5 Waste added in 2024). The 2022 figure has been restated to include five categories (previously only business travel).

Note: The 2023 figure for category 7 (Employee commuting) has been restated from 6,054.7 to 4,647.5 following a change in method.

Categories assessed as not material: 4 (Upstream transportation and distribution), 8 (Upstream leased assets), 9 (Downstream transportation and distribution), 10 (Processing of sold products), 11 (Use of sold products), 12 (End-of-life treatment of sold products), 13 (Downstream leased assets), 14 (Franchises), 15 (Investments).

Total GHG emissions

GHG intensity based on net revenue

Intensity calculation: Gross Scope 1 + Scope 2 (location-based or market-based) + gross Scope 3 emissions divided by reported net revenue in DKK million.

GHG data hierarchy

Netcompany discloses the quality of underlying data for Scope 1, 2, and selected Scope 3 categories using a six-tier hierarchy (1 = actual invoice data; 6 = publicly available price-based estimates).

Scope 1:

• Diesel: 97.2% actual invoice data; 2.8% average price-based estimate
• Petrol: 89.8% actual invoice data; 10.2% average price-based estimate
• Gas: 13.0% actual invoice data; 82.9% vendor portal data; 4.1% average price-based estimate

Scope 2:

• Electricity: 55.1% actual invoice data; 30.6% vendor portal data; 0.8% vendor-supplied; 5.8% historical estimate; 7.7% average price-based estimate
• District heating: 2.1% actual invoice data; 69.3% vendor portal data; 28.6% historical estimate

Scope 3:

• Category 1 (Purchased goods and services): 0.3% supplier-specific data; 99.7% spend-based
• Category 2 (Capital goods): 100% spend-based
• Category 5 (Waste): 16.3% supplier-specific data; 83.7% spend-based
• Category 6 (Business travel): 19.8% supplier-specific data; 80.2% spend-based

Methodology notes

Scope 1: Calculated using Defra GHG Conversion factors 2024. Covers fuel for leased cars and natural gas for office heating. Fuel conversion from litres and m³ to MWh uses Defra/DEEC factors 2024.

Scope 2: Location-based uses 2024 IEA country factors. Market-based uses 2022 European residual mix for EU entities and 2024 IEA country factors for non-EU entities. Renewable energy certificates (GoO) are only recognised where a cancellation statement or signed letter of intent is available at reporting time.

Scope 3:

• Category 1: Direct cost (including VAT) multiplied by Defra Table 13 spend-based emission factors, converted to GBP at monthly average exchange rates. Hardware purchases for DK, NL, NO, PL, UK, VN use 0.3% supplier-specific data; the remainder is spend-based. Freelancers working on Netcompany premises have been subtracted from the cost base to avoid double counting.
• Category 2: Capitalised cost multiplied by Defra Table 13 spend-based factors, converted to GBP at monthly average exchange rates.
• Category 3: Indirect emissions from fuel and energy production not captured in Scope 1/2, calculated using 2024 IEA country factors multiplied by Scope 1 and Scope 2 consumption.
• Category 5 (Waste): Actual waste data from headquarters (March–October 2024) used as proxy to estimate waste at all office locations based on office capacity and waste per seat. Calculated using Defra GHG Conversion factors 2024.
• Category 6 (Business travel): Direct cost (including VAT) for flights, taxis, trains, buses, ferries, and accommodation multiplied by Defra Table 13 spend-based factors, converted to GBP at monthly average exchange rates. For flight data (DK, NO, NL, PL, UK), 19.8% based on supplier-specific data; the remainder spend-based.
• Category 7 (Employee commuting): Based on a Group-wide survey (September 2023, 78% response rate) covering means of transport, vehicle type, distance to work, and average weekly days in office. Emissions calculated for employees on 1 November 2024 using Defra 2024 business travel-land emission factors. Non-participants and new employees are accounted for using country-average emissions. The 2023 figure was restated to reflect adjustments to the method concerning leavers and newcomers.

Restatements: The 2023 Employee Commuting figure (category 7) was restated from 6,054.7 to 4,647.5 tCO₂e. The 2022 base year was restated to include five categories (previously only business travel reported).

Biogenic CO₂: Not separately disclosed.

Regulated emissions (e.g. EU ETS): Not disclosed.

Anticipated financial effects from material physical and transition risks and potential climate-related opportunities

The excerpts show that ESRS E1-9 data points are marked as "Not relevant" in Netcompany's disclosure:

• ESRS E1-9 (66): Exposure of the benchmark portfolio to climate-related physical risks - Not relevant
• ESRS E1-9 (66 (a)): Disaggregation of monetary amounts by acute and chronic physical risk - Not relevant
• ESRS E1-9 (66 (c)): Location of significant assets at material physical risk - Not relevant
• ESRS E1-9 (67 (c)): Breakdown of the carrying value of its real estate assets by energy-efficiency classes - Not relevant
• ESRS E1-9 (69): Degree of exposure of the portfolio to climate-related opportunities - Not relevant

No quantified financial effects, time horizons, methodologies, specific assets flagged for transition risk, or CapEx/OpEx implications related to climate-related risks and opportunities are disclosed in the available excerpts.

Policies related to own workforce

Netcompany has implemented several policies to manage workforce topics, demonstrating a commitment to respect and protect the human and labour rights of employees. The policies address material topics including discrimination, harassment, health and safety, diversity and inclusion, privacy, and working conditions.

Code of Conduct

Scope: Group-wide (all Netcompany entities)

Governance: Reviewed and approved annually by the Board of Directors. Group Legal conducts the annual audit and presents to the Board of Directors for final approval.

Key content:

• Explicitly addresses human trafficking, forced labour, compulsory labour, and child labour
• Personal conduct and workplace safety
• Non-discrimination and harassment
• Freedom of association and collective bargaining
• Anti-corruption, bribery, and fraud
• Data privacy and ethics
• Environmental responsibility

International standards alignment: Based on the EU Charter of Fundamental Rights, OECD Guidelines for Multinational Enterprises, UN Guiding Principles on Business and Human Rights, UN Declaration of Human Rights, ILO Conventions, and local legislation.

Public availability: Referenced at Page 143

Monitoring: All new employees receive Business Conduct training as part of onboarding covering Anti-Bribery and Anti-Corruption; Equity, Diversity, and Inclusion; Environment; and Data Ethics. Annual training prescribed for all (100%) functions at risk with respect to corruption and bribery (Executive Management and employees at Principal and Partner level). General Counsel conducts in-person training of Executive Management annually.

Diversity, Equity, and Inclusion Policy

Scope: Group-wide - applies to everyone at Netcompany from the Board of Directors and Executive Management to all other employees

Governance: Adhered to by the Board of Directors when proposing new Board members at general meetings and in connection with hiring and promoting persons to managerial positions.

Key content:

• Promotes equal opportunities and advances diversity and inclusion
• Includes requirements from both hard and soft law
• Addresses various forms of discrimination including racial and ethnic origin, colour, sex, sexual orientation, gender identity, disability, age, religion, political opinion, national extraction, and social origin
• Includes commitments to inclusion and positive action for vulnerable groups
• Focus on equal gender distribution
• Extended diversity outlook to include multiple social identity attributes

Compliance: Constitutes compliance with section 107d of the Danish Financial Statements Act and the Danish Recommendations on Corporate Governance.

Public availability: www.netcompany.com/investor/governance/

Policy Against Discrimination, Harassment and Sexual Harassment

Scope: DK, NL, NO, PL, UK, VN entities

Key content:

• Aims to eliminate discrimination and harassment
• Covers various forms of discrimination including racial and ethnic origin, colour, sex, sexual orientation, gender identity, disability, age, religion, political opinion, national extraction, and social origin
• Covers other forms of discrimination under union regulation and national law

Channels for raising concerns: Reports can be submitted through the whistleblower system to the Board of Directors or through HR as detailed in employee handbooks. Thorough investigations are conducted, impacts are mitigated, and insights are integrated into policies and management systems.

Health and Safety Policy

Scope:

• AE, BE, CY, GR, JO, LU, RO, US, ZA entities
• DK, NL, NO, PL, UK, VN entities (separate policy)

Key content:

• Maintains a management system for workplace accident prevention
• Ensures employee safety and wellbeing
• Covers 100% of employees (excludes freelancers and contractors)

Implementation: All employees are covered by the health and safety management system.

Whistleblower Policy

Scope: Group-wide

Key content:

• Ensures protection of whistleblowers through independent and autonomous system
• Available to employees and relevant external stakeholders
• Enables identification and investigation of unlawful behaviour through anonymous channel
• Can be used to report violations of EU law within scope of Whistleblower Directive
• Covers serious offences including corruption, bribery, fraud, sexual harassment, public procurement, environmental protection

Governance: Managed by external lawyers and General Counsel trained in managing reports according to applicable guidelines and legislation.

Compliance: Complies with legal requirements under national law transposing the EU Whistleblower Protection Directive.

Public availability: Details available in Whistleblower Policy and Whistleblower Procedure

Employee Resource Group Policy

Scope: DK, NL, NO, PL, UK, VN entities

Governance: Overseen by the COO, supported by ERG leads

Key content:

• Serves as direct employee interaction channel
• Plays a role in determining mitigation approaches and evaluating effectiveness of initiatives
• Type and frequency of engagement determined at country level

Privacy Policy – for processing employee's personal data

Scope: DK, NL, NO, PL, UK, VN entities

Key content:

• Addresses privacy concerns related to employee personal data
• Ensures GDPR compliance

Data Privacy Policy

Scope: AE, BE, CY, GR, JO, LU, RO, US, ZA entities

Key content:

• Addresses privacy concerns related to employee personal data

Anti-harassment Policy

Scope: GR entity

Key content:

• Addresses harassment in the workplace

Policy implementation and effectiveness

The company has established clear channels for reporting concerns, including the whistleblower system and HR channels. All reports of discrimination, harassment, unlawful actions, or misconduct are taken seriously. Thorough investigations are conducted when reports are made, impacts are mitigated, and insights are integrated into policies and management systems to support future prevention.

The policies are reviewed annually to ensure compliance with applicable legislation and fundamental human rights. Group Legal ensures alignment with international regulations, and the Board of Directors provides final approval.

Taking action on material impacts on own workforce

Netcompany's policies, procedures, and processes serve as the foundation for actions to prevent potential negative impacts and foster positive outcomes. These frameworks help identify and implement actions to address potential negative and positive impacts on the workforce. By conducting regular assessments and incorporating feedback from employees through channels such as annual social surveys, dialogues with ERGs, and formal HR channels, the company ensures efforts align with employee needs and contribute to a supportive and inclusive workplace.

All actions implemented in 2024 are ongoing and subject to continuous assessment. Actions are managed and monitored regularly by HR.

Scope: Own operations (own workforce) Time horizon: Not explicitly stated; 2024 actions are ongoing Resources: Not quantified

---

Action 1: Social Survey

Description: Launched annual Social Survey in 2024 to cultivate an environment that values the voices, ideas, and experiences of everyone. Provides a channel for employees to share thoughts and suggestions, fostering open communication and collaboration.

Purpose: Enhance inclusivity, foster a positive workplace, identify effective initiatives and future focus areas.

Scope: Own workforce
Time horizon: Launched 2024, ongoing
Resources: Not quantified
Expected outcomes: Continuous improvement, alignment with societies in which the company operates
Links to: Diversity initiatives

---

Action 2: "Glampet High" on Roblox

Description: Launched in 2024, a learning-based universe on Roblox designed for middle school girls. Partnership with Google and Lundbeck to spark interest in science and technology early on. Engages girls on Roblox (platform with over 50 million daily users, half of whom are girls).

Purpose: Address systemic challenge of gender imbalance in STEM, promote gender equality and inclusion.

Scope: Own operations (talent pipeline/recruitment)
Time horizon: Launched 2024
Resources: Partnership with Google and Lundbeck (non-financial)
Expected outcomes: Draw attention to STEM, promote gender equality
Links to: Gender equality policy

---

Action 3: "Exploring the New Technological Landscape II" Initiative

Description: Partnership with "The Tipping Point" NGO to offer children in remote areas of Greece this initiative, inspiring schoolchildren, especially girls, to pursue IT careers.

Purpose: Nurture talent and inspire passion for technology among young students, particularly girls.

Scope: Own operations (talent pipeline)
Time horizon: 2024
Resources: Partnership with The Tipping Point NGO (non-financial)
Expected outcomes: Increased interest in IT careers among girls
Links to: Gender equality and inclusion initiatives

---

Action 4: Sponsorship and Collaboration Events

Description: Sponsored events including "Women in Digital", "Greek Women in STEM Symposium", and collaborated with "WELEAD" NGO through podcasts, webinars, and recruitment articles.

Purpose: Create a more inclusive environment for women in STEM careers.

Scope: Own operations (recruitment, inclusion)
Time horizon: 2024
Resources: Sponsorships (amount not quantified), partnerships (non-financial)
Expected outcomes: More inclusive environment for women in STEM
Links to: Gender equality and inclusion policy

---

Action 5: Voluntary Recruitment Interview Survey

Description: Introduced in 2024 via SmartRecruiters, includes questions to ensure candidates can present their skills and communicate any necessary adjustments due to disabilities or neurodiversity.

Purpose: Ensure interview process is inclusive and equitable.

Scope: Own operations (recruitment)
Time horizon: Introduced 2024
Resources: SmartRecruiters platform (non-financial)
Expected outcomes: Inclusive and equitable recruitment
Links to: Employment and inclusion of persons with disabilities

---

Action 6: Updated Job Advertisements

Description: Updated job advertisements to highlight commitment to inclusivity and diversity. Ads state that recruitment is merit-based and provide a dedicated email for candidates needing adjustments or support during the interview process.

Purpose: Reinforce dedication to accessibility and support for all candidates.

Scope: Own operations (recruitment)
Time horizon: 2024
Resources: Not quantified
Expected outcomes: Increased accessibility for candidates with disabilities
Links to: Diversity, Equity, and Inclusion Policy

---

Action 7: Training and Skills Development Updates

Description: Strengthened commitment to equality and inclusion across training and development in 2024 by:

• Revising training materials to be gender-neutral and more welcoming
• Adding questions about inclusion and comfort to post-training surveys
• Integrating inclusivity into all relevant processes and training

Purpose: Foster a workplace where everyone feels respected and valued; gather feedback to guide continuous improvement.

Scope: Own operations (own workforce)
Time horizon: 2024, ongoing
Resources: Not quantified
Expected outcomes: Diverse, supportive workplace; continuous improvement
Links to: Training and skills development policy

---

Action 8: Security Awareness Training Programme

Description: Launched mandatory Security Awareness Training programme in 2024 for all employees focused on secure login practices, in response to phishing attacks utilizing deceptive websites and fake login interfaces.

Purpose: Fortify cybersecurity posture and protect sensitive information handled daily.

Scope: Own operations (all employees in DK, NL, NO, PL, UK, VN)
Time horizon: Launched 2024, ongoing
Resources: Netcompany Academy (non-financial)
Expected outcomes: Improved security awareness and practices
Links to: Health and safety, data protection policies

---

Existing Programmes (Ongoing)

The excerpts also reference continuous ongoing programmes:

Talent Development Framework (four pillars):

1. Talent development from day one: Attracting and retaining top talent
2. Formal training via academies: Employees automatically enrolled in learning academies for continuous development
3. On-the-job training: Quick onboarding with professional and social belonging
4. Peer-to-peer mentoring: Direct career coaching through senior peers and managers

Scope: Own operations
Time horizon: Ongoing
Resources: Learning academies, internal mentors (non-financial)
Expected outcomes: Career development, skill progression
Links to: Training and skills development policy

---

Note on Working Conditions

The company explicitly states: "We do not report on specific actions regarding working conditions and other work-related rights topics. While we are deeply committed to ensuring good working conditions and safeguarding work-related rights, reporting on these actions would merely reflect our compliance with existing regulations and recognised human rights standards and not be a response to an actual identified impact."

Targets related to own workforce

Netcompany has not set specific targets related to its own workforce.

As stated in the disclosure:

"We have not set specific targets but continuously evaluate our initiatives and their impacts at appropriate management levels as part of our business conduct. Our established processes are anchored within the functions that have day-to-day responsibility for ensuring adherence to our policies, in addition to our continuous engagement channels and channels to raise concerns. This decision reflects our commitment to strategic focus and industry-specific priorities."

The company relies on continuous evaluation of initiatives through established processes and engagement channels rather than setting quantified targets for own workforce matters.

Characteristics of the undertaking's employees

Total headcount

Accounting principle: The total headcount of employees at Netcompany Group is calculated by aggregating the employee count across all countries of operation while excluding freelancers and contractors. This calculation is based on an average taken over the reporting period.

Geographic distribution

¹ All entities with insignificant employment, i.e., less than 50 employees, are reported as others.

Employment characteristics

Note: The workforce consists of permanent employees. This includes student assistants and trainees but excludes freelancers and contractors.

Full-time equivalent (FTE)

Average number of employees:

• 2024: 6,854 FTEs
• 2023: 6,638 FTEs

Freelancers and contractors

Accounting principle: Freelancers and contractors are classified as non-employees. The total is based on an average taken over the reporting period.

Employee turnover

Accounting principle: Employee turnover rate is defined as the proportion of employees who have left Netcompany Group expressed as a percentage. The total number of employees who left is calculated by aggregating departures across all countries of operation during the reporting period, excluding freelancers and contractors.

Additional context: The attrition rate for 2024 was 18.1% compared to 15.3% in 2023. The increase was due to ongoing focus on maintaining an efficient pyramid structure and was driven by a higher proportion of involuntary churn compared to 2023.

New hires

In 2024, Netcompany attracted more than 1,700 new employees to the Group, and client facing FTEs grew by 4.1%.

Age distribution

Characteristics of non-employees in the undertaking's own workforce

Number of non-employee workers

Methodology

Freelancers and contractors are classified as non-employees. They are individuals whose labour contributes to Netcompany Group but do not hold an employment contract with the company. The total number of freelancers and contractors is calculated by aggregating the total headcount of freelancers and contractors. This calculation is based on an average taken over the reporting period.

Geographic concentration

Freelancers and contractors play an essential role in operations, particularly in GR (Greece), LU (Luxembourg), and PL (Poland), where they represent a substantial segment of the workforce.

Health and safety coverage

Collective bargaining coverage and social dialogue

Collective bargaining coverage

Coverage rate by region (for countries with >50 employees representing >10% of total employees):

Social dialogue and worker representation

Workplace representation (EEA only): Denmark, Greece

Netcompany has four collective bargaining agreements within the European Economic Area (EEA). Only those in entities with more than 50 employees and representing at least 10% of the total workforce are reflected in the reported figures.

The company does not have representation agreements by European Works Council (EWC), Societas Europaea (SE) Works Council, or Societas Cooperativa Europaea (SCE) Works Council in place.

Workers' representatives

Workers' representatives are defined as employee-elected individuals who represent the workforce in specific locations concerning employee-related topics, such as the work environment and working conditions. For entities with significant employment (above 50 employees and representing at least 10% of total employees), coverage is calculated by aggregating the total number of employees in each entity (excluding freelancers and contractors) and dividing this total by the number of employees covered by workers' representatives in the respective entities in the reporting period.

Methodology

Collective bargaining: The coverage of collective bargaining is calculated by aggregating the total number of employees covered by collective bargaining agreements in the reporting period, excluding freelancers and contractors, and dividing this total by the number of employees in Netcompany Group. For entities with significant employment (above 50 employees and representing at least 10% of total employees), the coverage is calculated by aggregating the total number of employees in each entity, excluding freelancers and contractors, and dividing this total by the number of employees covered by collective bargaining in the respective entities.

Diversity metrics

Gender distribution in top management and management

Top Management by gender

Definition: Top management is defined as the two levels below the administrative management and supervisory bodies: partners and principals in DK, NL, NO, PL, UK, and VN. Top management in BE, GR, and LU is defined as one level below the administrative management and supervisory bodies: Directors.

Management by gender

Definition: Management is defined as the three levels below the administrative management and supervisory bodies: partners, principals and managers in DK, NL, NO, PL, UK, and VN. Management in BE, GR, and LU is defined as the two levels below the administrative management and supervisory bodies: directors and managers.

Board of Directors and Executive Management

Board composition: As of 31 December 2024, the Board of Directors consists of five persons, two of which are female and three of which are male (i.e., a 40%/60% gender distribution).

Age distribution of total workforce

Methodology: The age distribution is calculated by aggregating the total headcount of employees under 30 (29 or younger), employees between 30 and 50 (30 to 49), and employees aged 50 or above, excluding freelancers and contractors. This calculation is based on an average taken over the reporting period.

Key Performance Indicators (KPIs) summary

Note on gender reporting: Legal constraints in some operating countries, as well as limitations imposed by reporting obligations to public institutions, have confined reporting to the two legal genders, male and female, which align with current regulatory frameworks. Only the two legal genders (male/female) are considered when calculating the share of the underrepresented gender.

Adequate wages

Netcompany has assessed adequate wages as not material to its business model and operations.

As stated in the sustainability statement:

"When considering our business model the topics adequate wages, adequate housing, and secure employment are considered not material."

No benchmark (living wage or minimum wage), coverage percentage, geographic scope, methodology, or targets related to adequate wages are disclosed in the provided excerpts.

Social protection

We ensure that our employees are covered against loss of income due to major life-changing events, such as sickness, occupational injury, parental leave, and retirement, in accordance with employment terms and conditions described in employee handbooks and contracts.

Coverage

• % of employees covered: 100% of employees are entitled to social protection
• Scheme type: Coverage provided in accordance with employment terms and conditions in employee handbooks and contracts
• Protection areas: Sickness, occupational injury, parental leave, and retirement

Family-related leave (2024)

Methodology note: Family-related leave includes leave for caring for sick children or relatives, maternity leave, paternity leave, parental leave, breastfeeding, birth, and adoption. Family-related leave is calculated by dividing the distinct count of employees of each gender who have taken family-related leave by the entitled employees for each gender. Calculation includes all employees within Netcompany Group, excluding freelancers and contractors.

Sickness absence (2024)

• Sickness rate: 3.0% (2023: 3.1%)

Note: Due to GDPR restrictions, the company cannot differentiate between occupational diseases as outlined by the ILO. The company reports on all recorded sickness without distinguishing between work-related and non-work-related cases.

Methodology note: Sickness absence is calculated by dividing the total sickness hours in Netcompany Group by the aggregated working hours. Calculation is based on the reporting period and includes all employees within Netcompany Group, excluding freelancers and contractors.

Persons with disabilities

Due to legal restrictions under the EU General Data Protection Regulation (GDPR) covering all EU member states and EEA countries, as well as similar principles of personal data protection through national legislation in the countries we operate in outside the EU and EEA, we are unable to report on the number of persons with disabilities within our organisation.

Actions related to employment and inclusion of persons with disabilities (2024)

In 2024, we introduced a voluntary Recruitment Interview Survey via SmartRecruiters, which includes questions to ensure that candidates have the opportunity to present their skills and communicate any necessary adjustments due to disabilities or neurodiversity. This ensures that our interview process is inclusive and equitable.

In addition, we have updated our job advertisements to highlight our commitment to inclusivity and diversity. The ads now state that our recruitment is merit-based and provide a dedicated email for candidates needing adjustments or support during the interview process. This language reinforces our dedication to accessibility and support for all candidates.

Training and skills development metrics

Average training hours per employee

Performance appraisal coverage

Methodology notes:

Training hours are defined as time spent on training and skills development including on-site training, online courses, workshops, certification programs, educational opportunities, pop-up courses, and adherence to a Code of Conduct. It does not include trainee programmes, course development, or instructor teaching time. Training hours per employee are calculated by dividing total recorded training hours by headcount for each gender, based on the reporting period and including all employees excluding freelancers and contractors.

Performance appraisal participation is calculated using total employee headcount from S1-6 as the denominator. The rate includes employees who are not eligible for appraisals but are part of total headcount, so the disclosed rate cannot reach 100%. Excludes freelancers, contractors, trainees, student assistants, and partners. Employees joining after specific dates (September 15th for some entities, September 1st for others) are not eligible for appraisals.

Health and safety metrics

Coverage

All employees are covered by Netcompany's health and safety management system. Freelancers and contractors are not covered by the system (0%). In 2024, no occupational fatalities were recorded among employees or any workers operating on Netcompany sites.

Methodology notes

Number of work-related accidents: The consolidated number of accidents occurred for employees within the reporting period recorded in local health and safety management systems of Netcompany Group entities.

Rate of recordable work-related accidents: This rate represents the number of work-related accident cases per one million hours worked and is calculated by dividing the number of cases registered in the reporting period by the aggregated working hours in Netcompany Group and multiplied by one million.

Number of cases of recordable work-related ill health: Not currently measured due to legal restrictions on the collection of data.

Number of days lost: The number of days lost, from and including the first full day and last day of absence, and including all calendar days of the period (e.g., incl. weekends and public holidays).

Number of fatalities: The number of fatalities registered across Netcompany Group and other workers working on Netcompany sites resulting from work-related injuries or work-related ill health.

Work-life balance metrics

Entitlement and take-up of family-related leave (2024)

Scope and methodology

Netcompany ensures that all employees are entitled to take family-related leave in accordance with employment terms and conditions described in employee handbooks and contracts.

Family-related leave includes leave for caring for sick children or relatives, maternity leave, paternity leave, parental leave, breastfeeding, birth, and adoption. The definition does not include time off for employees' own doctor appointments or illness related to pregnancy outside of parental leave or time off for funerals or relatives' deaths. Family-related leave does not include time registered as unspecified leave of absence.

Calculation methodology: Family-related leave is calculated by dividing the distinct count of employees of each gender who have taken family-related leave by the entitled employees for each gender (entitled employees are defined in the same way as 'total headcount' in S1-6). An employee who has taken family-related leave in multiple months is only counted once for the whole year. This calculation is based on the reporting period and includes all employees in headcounts within Netcompany Group, excluding freelancers and contractors.

Compensation metrics

Pay gap

Pay gender ratio: 21.1% (2024)

The gender pay gap reflects historical sector factors in the IT industry, where more men pursue STEM education and make up the majority of the talent pool, which is evident in leadership levels and throughout the organisation. Many of Netcompany's diversity initiatives aim to balance gender representation in leadership and throughout the organisation and achieve pay equity for equal qualifications and jobs. Although the company practices equal pay for equal work, the overall figures are affected by the gender imbalance in the sector. Without these sector-specific impacts, the company's gender pay data reflects equality.

Remuneration ratio

Total remuneration ratio: 1:65 (2024), 1:26 (2023)

The CEO pay ratio disclosed in the five-year highlights shows 1:16 (2024), 1:18 (2023, 2022), 1:20 (2021), and 1:19 (2020).

The increase in the total remuneration ratio from 2023 to 2024 was due to extraordinary remuneration in the form of a Matching Shares Programme (MSP).

Methodology

Gender pay ratio methodology: The gender pay ratio is calculated on the basis of all Netcompany Group employees' gross hourly pay levels where every taxable salary element plus pension contributions is included. The average gross hourly pay level of male employees is subtracted by the average gross hourly pay level of female employees, which is divided by the average gross hourly pay level of male employees and ultimately multiplied by 100.

Total remuneration ratio methodology: The total remuneration ratio is calculated by dividing the highest-earning employee's total annual salary by the median annual salary for employees in Netcompany Group, with the annual salary being defined as taxable income plus any employer and employee-paid pension contributions, excluding the highest earning employee. A list of employees' monthly gross salaries is created to calculate the median salary. The employee with the median salary is then selected and calculated in full, where every taxable salary element plus pension contributions is included. If the selected employee has irregular salary elements during the reporting period, an employee with the same monthly gross salary is selected instead.

Incidents, complaints and severe human rights impacts

Reported incidents and complaints (2024)

Grievance mechanisms

Netcompany addresses all discrimination incidents and complaints filed within the organization through formal channels. Given the sensitive nature of these matters, details about the incidents are not disclosed. Each report or complaint is handled with the highest level of confidentiality through three primary grievance mechanisms:

HR grievance mechanism: Accessible via the intranet and detailed in employee handbooks. HR manages the resolution process on a case-by-case basis, with Legal involved if necessary.

IT grievance mechanism: For data and privacy issues, accessible via the intranet and detailed in employee handbooks and security policy. Issues are tracked and monitored through an internal ticketing system with regular audits.

Whistleblower system: Operated externally through law firm Plesner, allows employees to raise concerns directly and confidentially with full anonymity. Legal tracks and monitors issues raised.

Monitoring and compliance

No fines and penalties related to discrimination were registered in 2024. The company monitors any fines and penalties to ensure they are promptly identified and addressed. In 2024, no severe human rights incidents relating to the workforce occurred, and consequently, no fines, penalties, or compensation related to severe human rights incidents were registered.

Business conduct policies and corporate culture

Netcompany has established several policies to foster a corporate culture of responsible business conduct throughout its organisation, anchored in internationally recognised standards.

Code of Conduct

Policy name: Code of Conduct (CoC)

Scope: Group-wide (applies to all board members and employees across the Netcompany Group and is communicated to relevant business relationships)

Key content and principles:

• Sets minimum standards for integrity based on international principles
• Prohibits forced labour, child labour, and human trafficking
• Promotes anti-discrimination and anti-harassment standards
• Ensures a safe and healthy working environment by complying with health and safety laws
• Implements procedures to prevent hazards and accidents
• Commits to continuous improvement in eco-friendly practices
• Upholds fair competition and prohibits corruption, complying with anti-bribery laws
• Prioritises data privacy and confidentiality in adherence to relevant laws
• Ensures the highest standards of ethical behaviour
• Fosters a respectful, inclusive, and safe working environment
• Violations reported through various channels, including the anonymous whistleblower system
• No retaliation for good faith reports

Approval and oversight: The Executive Management and the Board of Directors annually review and amend when necessary. General Counsel is accountable for implementation.

Link to international standards:

• The OECD Guidelines for Multilateral Enterprises
• The OECD Due Diligence Guidance for Responsible Business Conduct
• The UN Guiding Principles on Business and Human Rights
• The UN Declaration of Human Rights and the Convention on the Rights of the Child
• ILO Conventions
• EU Corporate Sustainability Reporting Directive (CSRD)
• EU Taxonomy Regulation
• General Data Protection Regulation (GDPR)
• EU Charter of Fundamental Rights

Public availability: Corporate website & Corporate intranet

Monitoring and implementation:

• All new employees receive Business Conduct Training covering the CoC as part of their onboarding
• The training includes both an educational element and a quizzing element to ensure participants have understood the content
• The Anti-Bribery and Anti-Corruption training module is prescribed annually for all (100%) functions at risk with respect to corruption and bribery
• General Counsel conducts an in-person training session of the Executive Management members annually

Anti-Bribery and Anti-Corruption Policy

Policy name: Anti-Bribery and Anti-Corruption Policy

Scope: Group-wide

Key content and principles:

• Adopted in 2018 to complement the Code of Conduct
• Provides clear guidelines on offering and receiving gifts and hospitality to ensure they do not serve as attempts to improperly influence decisions
• Encourages transparency in all actions and undertakings
• Organisational procedures to maintain constant oversight over company expenses, including an approval system where every gesture (gifts, meals, or any other form of gift or hospitality) necessitates approval from a designated superior

Approval and oversight: Not explicitly stated in the excerpts

Link to international standards: Ensures compliance with relevant anti-corruption and anti-bribery laws including UK Bribery Act 2019, Foreign Corrupt Practices Act, and upcoming EU anti-corruption legislation

Public availability: Not explicitly stated in the excerpts

Monitoring and implementation:

• Any allegations or incidents indicating potential violations are promptly investigated by Group Legal
• If violations are confirmed, they are promptly addressed and corrective measures are taken
• All outcomes, findings, and decisions relating to an investigation are reported to the relevant individual or department within management and to the Board of Directors
• Incidents identified within the value chain are reported to the Audit Committee and the Board of Directors

Whistleblower Policy

Policy name: Whistleblower Policy

Scope: Group-wide

Key content and principles:

• Provides a safe and confidential reporting channel for employees and stakeholders to report suspected misconduct, unethical behaviour, and legal violations
• Ensures all reports are taken seriously, investigated thoroughly, and handled with the utmost confidentiality
• Protects whistleblowers from retaliation
• In compliance with legal requirements under national law transposing the EU Whistleblower Protection Directive
• Can be used to report violations of EU law within the scope of application of the Whistleblower Directive as well as reports otherwise regarding serious offences or other serious issues (e.g., corruption and bribery, fraud, sexual harassment, public procurement, protection of the environment, etc.)
• Independent and autonomous nature ensures full anonymity and objective investigation by external lawyers and General Counsel

Approval and oversight: General Counsel is accountable for implementation. Whistleblower reports are monitored and administered by an external law firm.

Link to international standards:

• General Data Protection Regulation (GDPR)
• EU Whistleblower Protection Directive

Public availability: Corporate website & Corporate intranet

Monitoring and implementation:

• Training and information about the Whistleblower System is provided to all employees through Business Conduct Training
• External law firm processes reports and treats them confidentially to protect the whistleblower
• In 2024, 16 reports were submitted via the Whistleblower System, of which 6 were assessed to be in scope

Diversity, Equity, and Inclusion Policy

Policy name: Diversity, Equity, and Inclusion Policy

Scope: Group-wide (applies to everyone at Netcompany – from the Board of Directors and Executive Management to all other employees)

Key content and principles:

• Ensures equal opportunities for all
• Builds an inclusive culture
• Contributes positively to societies we operate in
• Recognises and respects individual identities
• Promotes social sustainability in communities served
• Increases representation of underrepresented gender in managerial roles
• Addresses various forms of discrimination, including racial and ethnic origin, colour, sex, sexual orientation, gender identity, disability, age, religion, political opinion, national extraction, and social origin
• Includes commitments to inclusion and positive action for vulnerable groups

Approval and oversight: HR Director is accountable for implementation. The policy is adhered to by the Board of Directors when a new Board member is proposed at a general meeting and in connection with the hiring and promoting of persons to managerial positions.

Link to international standards: UN Global Compact

Public availability: www.netcompany.com/investor/governance/ and Corporate intranet

Monitoring and implementation:

• The Nomination Committee reviews the Diversity, Equity, and Inclusion (DEI) Policy annually
• Tailored training programmes and policies cultivate a more inclusive culture, equipping managers to hire, lead and engage all people
• Effectiveness assessed through employee surveys

Data Ethics Policy

Policy name: Data Ethics Policy

Scope: Group-wide

Key content and principles:

• Implemented in 2020
• Based on applicable legislation, standards, and recommendations
• Revised whenever necessary (e.g., in connection with new guidelines and legislation relevant for the handling of data and for Netcompany's role as an IT service provider)
• Applies standards for data ethics to all processing activities and security measures
• Ensures processing activities match the requirements of the data being handled
• Implements AI considerations into internal risk management systems and operations
• Use of AI technology is based on well-known and widely approved AI models
• All processing of data by AI models is fully compliant with intellectual property laws and GDPR principles (including data minimisation, storage limitation, and purpose limitation)

Approval and oversight: Chief Financial Officer is accountable for implementation

Link to international standards:

• ISO/IEC 27001
• ISO/IEC 27018
• EU Artificial Intelligence Act
• OECD Principles on Good Practice for Data Ethics
• Ethics Guidelines for Trustworthy Artificial Intelligence
• General Data Protection Regulation (GDPR)

Public availability: Corporate website & Corporate intranet

Monitoring and implementation:

• Reported in accordance with section 99d of the Danish Financial Statements Act
• Participation in initiatives and projects such as 'Responsible Use of AI Assistants in the Public and Private Sectors'
• Internal audit controls to secure compliance with both information security and data protection requirements
• All employees are regularly trained in the Netcompany Methodology
• Work to ensure diversity throughout the organisation as part of data ethical considerations to help prevent unintentional biases

Environmental Policy

Policy name: Environmental Policy

Scope: DK, NL, NO, PL, UK, VN

Key content and principles:

• Addresses emissions, energy consumption, water resources, waste management, noise emissions, and procurement
• Commits to protecting the environment by preventing pollution and minimising negative impacts
• Complies with environmental laws and continuously improves practices

Approval and oversight: Chief Financial Officer is accountable for implementation

Link to international standards: ISO 14001

Public availability: Corporate website & Corporate intranet

Monitoring and implementation: Not explicitly stated in the excerpts

Health and Safety Policy

Policy name: Health and Safety Policy

Scope: Two versions exist:

• AE, BE, CY, GR, JO, LU, RO, US, ZA
• DK, NL, NO, PL, UK, VN

Key content and principles:

• Ensures employee safety and wellbeing
• Maintains a management system for workplace accident prevention
• 100% of employees are covered by the health and safety management system

Approval and oversight: Not explicitly stated in the excerpts

Link to international standards: Not explicitly stated in the excerpts

Public availability: Corporate intranet

Monitoring and implementation:

• Work-related accidents are recorded in local health and safety management systems
• In 2024, 17 work-related accidents were recorded (rate of 1.26%)
• No occupational fatalities were recorded

Policy Against Discrimination, Harassment and Sexual Harassment

Policy name: Policy Against Discrimination, Harassment and Sexual Harassment

Scope: DK, NL, NO, PL, UK, VN

Key content and principles:

• Aims to eliminate discrimination and harassment, promote equal opportunities, and advance diversity and inclusion
• Covers various forms of discrimination, including racial and ethnic origin, colour, sex, sexual orientation, gender identity, disability, age, religion, political opinion, national extraction, and social origin, as well as other forms of discrimination under union regulation and national law
• All reports of discrimination, harassment, unlawful actions, or any misconduct are taken seriously
• Reports can be submitted through the whistleblower system or through HR

Approval and oversight: Not explicitly stated in the excerpts

Link to international standards: Not explicitly stated in the excerpts

Public availability: Corporate intranet

Monitoring and implementation:

• Thorough investigations are conducted for all reports
• Impacts are mitigated and insights are integrated into policies and management systems to support future prevention

Data Privacy Policy

Policy name: Data Privacy Policy

Scope: AE, BE, CY, GR, JO, LU, RO, US, ZA

Key content and principles:

• Ensures protection and confidentiality of employee information
• Outlines collection, use, storage, and security of personal data
• Complies with relevant data protection laws
• Safeguards employee privacy
• Upholds the highest data security standards
• Upholds the protection of intellectual property law

Approval and oversight: Data Protection Officer is accountable for implementation

Link to international standards:

• ISO/IEC 27001
• ISO/IEC 27018

Public availability: Corporate intranet

Monitoring and implementation: Not explicitly stated in the excerpts

Employee Resource Group Policy

Policy name: Employee Resource Group Policy

Scope: DK, NL, NO, PL, UK, VN

Key content and principles:

• Promotes diversity and inclusion
• Voluntary, employee-led groups
• Foster a culture of inclusion and belonging
• Develop future leaders
• Enhance employee engagement
• Improve retention and attraction
• Includes commitments to inclusion and positive action for vulnerable groups

Approval and oversight: Chief People Officer is accountable for implementation. Overseen by the COO and supported by ERG leads and sponsored by an employee at the Partner level.

Link to international standards: UN Global Compact

Public availability: Corporate intranet

Monitoring and implementation:

• ERGs serve as direct employee interaction channels
• The type and frequency of engagement through ERGs, including meetings, are determined at the country level
• Allow employees to advocate for their needs and feel represented and valued

Security Policy

Policy name: Security Policy

Scope: DK, NL, NO, PL, UK, VN

Key content and principles:

• Technical and organisational security as an essential part of any safe data processing
• Daily operations based on a highly detailed security policy and organisational procedures, all of which comply with ISO/IEC 27001
• Processes all data with the utmost respect for the sensitivity of the data and any privacy rights

Approval and oversight: Not explicitly stated in the excerpts

Link to international standards: ISO/IEC 27001

Public availability: Not explicitly stated in the excerpts (mentioned in relation to employee handbooks)

Monitoring and implementation:

• Internal audit controls to secure compliance with both information security and data protection requirements
• All employees are regularly trained in the Netcompany Methodology
• Data securely stored in data centres to ensure data availability

Netcompany also references additional policies and procedures in the excerpts including Quality Management Policy, Netcompany Methodology, IT Contingency Plan, GDPR Data Breach Policy, General Information Security Policy, and Business Continuity Policies, though detailed information on these is limited in the provided excerpts.

Incidents of corruption or bribery

Confirmed incidents and convictions

Netcompany reported zero incidents of corruption or bribery during 2024:

The company stated: "We have not had any incidents, convictions, or fines for violation of anti-corruption and anti-bribery laws, or any breaches of procedures and standards in relation to anti-bribery and anti-corruption during 2024. Furthermore, Netcompany has not had any legal proceedings regarding corruption or bribery brought against us or our employees, nor have we identified any actual impacts or incidents of corruption and bribery to which we are directly linked through a business relationship in our value chain."

Disciplinary actions and contract terminations

No employees were dismissed or disciplined for corruption or bribery during the reporting period. No contracts with business partners were terminated or not renewed due to corruption or bribery violations.

Investigation procedures and speak-up mechanisms

Netcompany maintains a whistleblower system operated externally through law firm Plesner, allowing employees to raise concerns directly and confidentially. The system ensures full anonymity and is accessible via the company intranet. In 2024, 16 reports were submitted through the whistleblower system, of which 6 were assessed to be in scope. None of the reports concerned corruption or bribery.

Any allegations indicating potential violations of the Anti-Bribery and Anti-Corruption Policy are promptly investigated by Group Legal if reported internally, or in accordance with whistleblower procedures if reported through the Whistleblower System. If a violation is confirmed, corrective measures are taken and outcomes are reported to relevant management and the Board of Directors.

Accounting principles

Convictions for violations: Conviction of a Group entity by a court of law determined during the financial year.

Fines for violations: Fines for a Group entity determined by a court of law during the financial year.

Payment practices

Netcompany's payment practices are designed to ensure responsible engagement with suppliers and adherence to agreed terms. The company has identified failure to maintain good relationships with suppliers and unfair treatment of SMEs through late payments as a potential negative impact within their business conduct IROs.

Standard payment terms

Netcompany's standard payment terms are 30 days. The procurement processes rely on adhering to specific payment terms issued by each individual supplier, with payments made in accordance with the original agreed terms of the contract. Where payment terms are not determined by the supplier or otherwise codified, the company aims to pay all invoices within 30 days, or within the equivalent local standard where applicable.

The company recognises the importance of preventing delayed payments to small and medium-sized enterprises (SME) in particular by encouraging open communication and transparency in terms of payment terms and practices.

Payment practices performance (2024)

Note: A negative number indicates late payments. The average number of days is calculated by determining the difference between the due dates and the payment dates for all invoices paid within the year across entities in DK, GR, NL, NO, PL, UK, and VN, using a weighted average for the entire Group.

Context and contributing factors

On average, Netcompany's payments to suppliers are done 12.5 days after the due date. The company notes that:

• Payments within the public segment often have a setup characterised as direct debit, which does not always align with invoice due dates
• Suppliers are in those cases authorised to determine the specific transaction date themselves
• Prolonged supplier negotiations or lost invoices have affected the number of payment days negatively

Legal proceedings

Netcompany has not been involved in any legal proceedings related to late payments during 2024.

Prompt payment code participation

No disclosure regarding participation in or compliance with any prompt payment code or initiative.