Integrity and Compliance at ZEISS

As both a company and a brand, ZEISS stands for integrity: business activities must always be conducted in accordance with applicable laws and internal regulations, no matter where they are carried out. In addition, the activities must be legitimate and, as such, ethically responsible. Integrity cannot simply be decreed but instead must be lived and breathed by management, who act as role models, and be enshrined in the corporate culture. This is why at ZEISS, the Executive Board ensures that clear structures, an effective system, and a global team exist, and it makes the necessary resources available.

ZEISS Code of Conduct

What does the Code of Conduct state? The ZEISS Code of Conduct was first published in 2007. It is a globally applicable Code of Conduct that governs the day-to-day actions of all employees. It covers aspects such as the fair treatment of colleagues and business partners, as well as product safety and environmental protection, and expressly agrees to the international labor standards (ILO standards).

The ZEISS Code of Conduct can be downloaded in one of the following languages:
 

Compliance Management System

As the foundation of compliance management, the ZEISS Group’s Code of Conduct, which the company first published in 2007, describes the risks of conducting business activities and provides specific recommendations. It applies worldwide and encompasses topics such as the fair treatment of employees and business partners, product safety, environmental protection, rules against restricting competition, and anti-corruption measures. In the case of certain particularly sensitive areas, the Code of Conduct refers to additional, internal guidelines. They apply to the assessment and commissioning of sales partners, as well as the handling of gifts and invitations.  

ZEISS has a three-tier compliance structure. At the Group level, responsibility lies with the Chief Compliance Officer and the Director Corporate Compliance, who report directly to the Executive Board. ZEISS’s business groups each have their own Group Compliance Officer, who coordinates activities for the companies that are part of the business group. In turn, each individual company has their own local Compliance Officer who is responsible for training and is the local point of contact for all questions from employees and managers. However, this does not mean that the executives and managers of ZEISS companies are absolved of their responsibility to adhere to legal and internal rules of conduct. They are still obligated to monitor and supervise their local Compliance Officer.  

The Compliance Management Process

ZEISS divides the compliance process into four phases: prevent, detect, respond and correct. 

 

1. "Prevent"

  • to prevent compliance issues through employee training
  • Mix of classroom-based sessions and modern learning formats
  • mandatory foundation course on Compliance/ZEISS Code of Conduct for ZEISS employees

2. "Detect"

  • early identification of misconduct
  • call to employees to report compliance issues

3. "Respond"

  • appropriate reaction to individual misconduct 
  • systematic and consistent actions are top priority

4. "Correct"

  • perform analysis to show possible organizational and process-related shortcomings
  • achieve continuous improvement

In summary, these four phases can prevent systemic compliance infringements, correct wrongdoing and punish them as required. "ZEISS understands zero tolerance" as an obligation to stop all incorrect behavior directed and established or adjust processes to eliminate the possibility of recurrence, as required. 

Compliance tips

All ZEISS employees (including contract workers) and all external business partners are required to report any compliance issues that they become aware of, or if they reasonably suspect a compliance violation. Please let us know as soon as you believe that a crime, legal violation or a case of discrimination has occurred or is likely to occur based on reliable evidence. As a matter of principle, we ask you to report any violations to your ZEISS contact person or to the respective Compliance Officer first. We take every tip seriously and systematically process each tip received.

If you prefer to report observations or alleged legal violations via a professional whistleblower system, please use this link to the "Integrity Line." There you can submit your report – anonymously if you wish – in different languages. You will also find answers to your most important questions in the FAQs there.

We always ensure strict confidentiality when processing your tips regardless of whether you submit your tip anonymously or not. In spite of the precautions cited above, it is still possible that the person concerned may be identified from clues which arise during the investigation. Therefore, the company undertakes to protect bona fide whistleblowers against potential discrimination. This does not apply to bad-faith allegations, however, which are allegations that are clearly wrong or are raised with the aim of unjustly harming someone. These types of tips do not merit investigation, and these whistleblowers are not protected by this policy.

The presumption of innocence applies to all accused persons until the tip-based investigation is complete. This is also a component of fair dealings with one another.

Further information on this topic may be found in the FAQs below and on the Integrity Line page.

1. What should I report?

Findings or observations about a possible or actual breach of the compliance mandate. This means all actions that could or do violate applicable law or internal rules (such as the Code of Conduct), or actions that are or could be in gross contradiction to ethical conduct. The source of your knowledge or suspicion is irrelevant. It may be the result of your own observations, an anonymous or open reference, or mere coincidence.

Of particular relevance are actions that indicate a criminal offence (e.g. theft, fraud, breach of trust, embezzlement, bribery, environmental crime, breach of trade secrets, etc.), or the deliberate, systematic violation of applicable rules (e.g. continued non-compliance with manufacturing or safety standards).

2. When should I report a suspicion or incident?

Whenever an objective, reasonable person considers a violation to be sufficiently probable due to clear indicators (a bona fide whistleblower).

A report must not be made for personal reasons such as revenge. This is the case if there is no evidence of a violation.

3. How is my message handled?

The encrypted data does not pass through a ZEISS server, but through a secure server from the Integrity Line provider EQS. Once a message is received, an automatic notification email will be sent to the Chief Compliance Officer and the Director Corporate Compliance. Only they can log in and access the messages.

On the basis of this content, i.e. your tips and information, the facts will then be clarified. If necessary, appropriate specialist departments will be involved.

4. Am I truly able to report anonymously?

The encrypted data does not pass through a ZEISS server but through a secure server from the Integrity Line provider EQS. The message you submit via the website remains anonymous, unless you have decided to include your name. We cannot identify from which computer the message was sent. Nor can we see the IP address of the sender or similar information, ensuring anonymity.

The Integrity Line allows you to communicate anonymously via an encrypted connection. When you use the Integrity Line, neither your IP address nor your current location are saved at any time. After you have submitted a report, you will receive login details for the Integrity Line that enable you to continue to communicate with the person responsible at Carl Zeiss AG via the protected channel.

5. Does my anonymity remain protected during the investigation?

We want to assure all whistleblowers that we treat their concerns with strict confidentiality. In all investigations or notifications, we ensure that anonymity – if desired – is maintained.

In the course of investigations, however, it is possible the person concerned may be identified from clues which arise during the investigation. Therefore, the company undertakes to protect bona fide whistleblowers against possible discrimination. This does not apply to bad-faith allegations, however, which are allegations that are clearly wrong or are raised with the aim of wrongfully harming someone. These types of tips do not merit investigation, and such whistleblowers are not protected by this policy.

For this reason, ZEISS does not tolerate any discrimination or sanctions against persons who make good-faith reports about possible violations of applicable law or the ZEISS Code of Conduct. We will actively protect the bona fide whistleblower from being personally disadvantaged.

6. How do we handle data protection?

We take the protection of personal data very seriously. This data privacy statement describes the personal data we collect when using the Integrity Line and how we use it. We have taken suitable technical and organizational measures to ensure that all applicable data protection regulations are observed.

The contact responsible for processing personal data is Carl Zeiss AG. Contact persons for questions on data protection can be reached at dataprivacy .internal @zeiss .com. You can also exercise the relevant data protection rights through these channels.

The technical implementation of the Integrity Line is performed by EQS Group AG, Karlstraße 47, 80333 Munich, Germany (“EQS”) on our behalf. Special data protection regulations have been contractually secured with the provider.

The Integrity Line enables you to contact us and submit reports relating to possible compliance and statutory violations. The information you provide is confidential.

The data you provide is stored by EQS in a specially-secured database. EQS uses state-of-the-art technology to encrypt all data stored in the database.

The stored data can be viewed only by those specifically authorized individuals responsible at Carl Zeiss AG or authorized administrators at EQS. All individuals who have the authorization to review data are under an express obligation to maintain confidentiality.

The specially authorized individuals responsible at Carl Zeiss AG will check all submitted reports and, if needed, investigate the matter further. We may have questions for you through the course of this process. To clarify these questions, we prefer communicating via the safe channel of the Intergrity Line.

You may use this safe channel without providing your personal data. However, you may choose to provide information on your identity voluntarily in some cases. If so, you must consent to the processing of this personal data. Our extremely important obligation to maintain confidentiality also applies in these cases. Any personal information is processed by the authorized individuals responsible at Carl Zeiss AG.

We store personal data only for the time we need to process your report, or for the period required by law. All personal data is then deleted or anonymized.

For the purpose of technical implementation, we transfer personal data to EQS within the scope described above. To ensure that data protection is observed, we have concluded an order data processing agreement with EQS.

7. Do I make myself the denunciant with my tip?

No, on the contrary. Please keep in mind that rule violations endanger the company. Crimes against corporate assets, such as theft or embezzlement, harm us all. Offenses such as corruption, antitrust violations, and environmental crimes are punishable by severe penalties for the company, can permanently damage the reputation, jeopardize the company’s economic situation, and ultimately threaten job security.

But violations such as bullying, harassment, or discrimination in the workplace also have far-reaching negative consequences for the employees and departments concerned. It is therefore in the best interest of all of us if maladministration or suspicion of unlawful behaviour is reported immediately. Turning a blind eye out of fear of reprisals is the wrong approach! Reporting your suspicions and the violations you observe is an expression of civil courage in action!

8. Does my tip result in immediate consequences for the person concerned?

The presumption of innocence applies to all accused persons until the tip-based investigation is complete. This is also a component of fair dealings with one another.

9. Who else may I contact in cases of suspicion / incidents?

As a matter of principle, you should first contact your ZEISS contact person if you are aware of or suspect a violation of legal or internal company regulations. If this seems inappropriate (e.g. because you suspect that he or she might be involved in the incident), you should contact Corporate Compliance.

ZEISS Policy

The ZEISS Policy describes ZEISS’s position on the following core topics:

  • ZEISS Brand, products & customer satisfaction
  • Employees, health & safety
  • Compliance & social responsibility
  • External relations, partners & suppliers
  • Environmental protection & energy efficiency
  • Continual improvement & goals

Compliance is an essential component that guides all of our business-related actions and behavior.

ZEISS Policy_2018_A4_DE_90_050_0011I

 

Further information is available in the current Sustainability Report.

If you have any questions or comments on sustainability at ZEISS, please write to us at: respons ibility @zeiss .com