Business ethics, privacy, and security

Business ethics, privacy, and security

Conducting ourselves ethically with honesty and integrity and maintaining high standards around privacy and data security are essential to doing business the right way every day at u-blox. Our reputation and success are a result of our collective behavior. The key material topics in this section include responsible governance, ethical and compliant behavior, including anti-corruption, and privacy and data security. 

  • Pillar 1 and targets
  • Responsible governance
  • Ethical and compliant behavior
  • Code of Conduct and annual business ethics training
  • No weapons or weapon systems
  • Privacy
  • Security

The u-blox Code of Conduct

No weapons or weapon systems

Sometimes, IoT innovations developed to benefit humanity can also be used to cause harm.  One of the central pillars of the u-blox Code of Conduct is the policy we set out in 2002 prohibiting the sale of our products for use in weapons and weapon systems - including systems for target identification.

All u-blox products are designed for lawful, commercial use and civilian purposes only. Our global sales teams are regularly trained on u-blox's policy and distributors are contractually obliged to adhere to these restrictions:

 

We do not sell products when the intended use is for integration into weapons or weapon systems, including:

  • Guns, cannons, or weapon systems, e.g., systems for identifying or localizing targets
  • Systems for the guidance of missiles, bombs, or bullets
  • Military drones, military unmanned vehicles, or military robots

 

We do not sell to trade embargoed countries, including:

Belarus, Iran, North Korea, Sudan, Syria, Cuba, Russia, and the territories occupied by Russia in Ukraine. In 2022 we added all members of the Eurasian Economic Union because its members are in a free trade zone with Russia and Belarus.

 

Speak Up at u-blox

Our Speak Up whistle-blower program provides a safe, easy, and anonymous way for employees to report potential misconduct related to our business. Complaints can be made directly through an externally provided service, which allows reporting anonymously. Our Compliance Committee will investigate all reports and has the power to set binding actions that require the relevant part of the business to follow. The binding advice can be overruled by a majority of the Executive Committee. The Compliance Committee (General Counsel and Head of Human Resources) refers to the Audit Committee. These could include organizational measures to protect against similar occurrences in the future and individual disciplinary action. Further, the u-blox program protects whistle-blowers against dismissal, demotion, and other forms of retaliation.

More about the Speak Up program

Proactive Security Monitoring, Testing & Threat Intelligence

To identify threats and vulnerabilities, we systematically engage a 3rd party SOC for 24/7 security monitoring, and our in-house Red Team of security analysts. Furthermore, we collaborate with independent security researchers to test our products and IT infrastructure.

Additionally, we run an invite-only Bug Bounty on selected customer services, and we have a Responsible Disclosure Policy in place to enable individuals or organizations to report product and service vulnerabilities to us.

the u-blox Responsible Disclosure Policy and Bug Bounty

Read more in our sustainability report in the chapter Pillar 1: Business Ethics, Privacy, and Data Security