Telit Cinterion Group Suppliers Code of Conduct
December 2023
The Telit Cinterion group (“Telit Cinterion”, “we”, “us” and “our”) is committed to conducting its business with the utmost integrity and in compliance with all applicable laws, rules and regulations and to partner with businesses sharing that commitment.
This code of conduct applies to all suppliers, vendors, subcontractors, licensees and agents that provide products, goods and/or services to Telit Cinterion (each “Supplier”). This code defines our minimum expectations.
Supplier will promptly upon request complete and submit its required self-assessment, due diligence questionnaires and reasonably required documentation. In addition, Supplier shall participate and support Telit Cinterion’s efforts in periodically validating its Suppliers’ compliance with this policy.
We may reconsider our willingness to partner or continue partnering with Suppliers who fail to comply with this policy.
Compliance with Laws – Supplier must comply with all applicable international, national, state and local laws and regulations; including, but not limited to, those related to export control, privacy, labor, immigration, health and safety and the environment.
Ethics, Conflict of interests, Anti Bribery and Corruption – Supplier is required to avoid actions that may result in conflicts of interest with Telit Cinterion, including offering, providing, or reimbursing personal gifts, favors, personal travel expenses, lodging or other housing, services of any kind, excessive meals or entertainment or any other thing of value to Telit Cinterion employees or other representatives,
Supplier is expected to adhere to the highest ethical standards in its business practices. Supplier acting on behalf of Telit Cinterion’s must comply with applicable international and local laws relating to anti bribery and corruption prevention. Supplier may not transfer anything of value, directly or indirectly, to any government official, employees of a government, or political party, in order to influence or obtain any improper benefit or advantage in connection with any transaction that involves Telit Cinterion.
Supplier must not knowingly engage or attempt to engage in any transaction involving proceeds derived from unlawful activity and must perform applicable due diligence checks, in utmost good faith and immediately report to Telit Cinterion any matter suspected of being related to unlawful activity.
Supplier will review and comply with Telit Cinterion’s Code of Ethics and ABC Policy. please visit: Code of Ethics | Telit Cinterion and ABC Policy | Telit Cinterion.
Employment practices – Telit Cinterion believes all workers in our supply chain deserve a fair and ethical workplace. Workers must be treated with the utmost dignity and respect, and Supplier must respect fundamental human rights.
Human Rights Compliance – Supplier must comply (and ensure that each of its subcontractors also complies) with all applicable human rights laws, regulations and codes.
Supplier will implement due diligence procedures of its supply chain, including its suppliers, subcontractors and other participants in its supply chain to ensure there are no human rights violations in its supply chain, including, but not limited to slavery, child labor or human trafficking. If Supplier becomes aware of any violations within its supply chain, it must notify Telit Cinterion immediately.
Child Labor and Forced Labor – Telit Cinterion does not tolerate the use of underage or forced labor and will not knowingly work with any supplier that uses either of these groups as workers. Supplier must only employ workers who meet the applicable minimum legal age requirement as well as complying with all other applicable child labor laws.
Supplier must ensure that employees work in compliance with applicable laws pertaining to regular working hours and overtime hours.
Supplier will review and comply with Telit Cinterion’s Modern Slavery and Child Labour Policy. please visit: Modern Slavery and Child Labor Policy | Telit Cinterion.
Conflict Minerals – Supplier must comply with all applicable laws and regulations regrading Conflict Minerals. Supplier will review and comply with Telit Cinterion’s Conflict Minerals Policy. please visit: Conflict Minerals Privacy Policy | Telit Cinterion.
Workplace Health and Safety – Supplier must provide a safe and healthy working environment, in accordance with local laws, for all employees, which seeks to minimize occupational safety hazards by including appropriate safety controls and procedures, preventative maintenance and protective equipment.
Non-Discrimination – Telit Cinterion does not tolerate discrimination of any kind including race, color, age, gender, sexual orientation, gender identity and expression, ethnicity or national origin, disability, pregnancy, religion, political affiliation, union membership, covered veteran status, protected genetic information, or marital status in hiring and employment practices such as wages, promotions, rewards, and access to training.
Harassment – Supplier must operate a zero-tolerance policy for any form of harassment including sexual harassment in the workplace, treat all incidents seriously, promptly investigate all allegations of harassment, and fairly and adequately impose disciplinary action up to and including dismissal from employment.
Environment – Supplier shall provide products and conduct business operations in a way that protects and sustains the environment, at minimum in accordance with applicable laws and regulations.
Supplier must obtain and keep current all required environmental permits, approvals, and registrations, and comply with applicable operational and reporting requirements.
Protecting Confidential Information – Supplier must protect the confidential information of Telit Cinterion. Supplier given access to confidential information of Telit Cinterion as part of the business relationship will not disclose such information to any unauthorized party, unless explicitly authorized to do so by Telit Cinterion and maintain appropriate technical and security controls to protect our confidential information. Supplier will comply with all specific contractual obligations agreed upon with Telit Cinterion.
Personal Data Protection – Further to the above confidentiality undertaking, Supplier handling personal information received from or in relation to Telit Cinterion’s employees or third parties, in the performance of services on Telit Cinterion’s behalf, must ensure that such information is collected lawfully, is protected against improper access, use and disclosure, is appropriately processed, and, that any applicable or appropriate filings have been completed by Supplier with the relevant authority.
Information Security – At Telit Cinterion we encourage the best-in-class information security standards for all company, customer, supplier and partner information. Therefore, Supplier must comply with all security laws of the locations where Supplier operates, as well as with specific contractual obligations agreed upon with Telit Cinterion and Telit Cinterion’s Security & Business Continuity Plan (BCP) Requirements as specified in Annex A to this code.
Intellectual property – Supplier is expected to respect intellectual property rights. Supplier will manage technology in a manner that protects intellectual property rights.
Export control – Supplier will not violate any national or international export controls or trade, economic or financial sanctions or embargoes applicable to Supplier. Supplier will identify and manage trade restrictions applicable to Supplier and its business, including those related to sanctioned countries and parties.
Supply Chain Awareness and Compliance – Supplier must comply with this Code in all business dealings with Telit Cinterion. Supplier must also bind all its directors, workers, suppliers, agents, contractors, and temporary labor agencies directly supplying goods or services to Telit Cinterion to the principles and obligations of this Code.
Reporting of Violations – It is important that concerns regarding business practices within Telit Cinterion’s operations which do not align with this Code of Conduct are reported to Telit Cinterion promptly.
You may report your issue or concern to Telit Cinterion’s designated officers as soon as possible at: tell@telit.com. Telit Cinterion permits anonymous reporting at This form.
Telit Cinterion treats all reports seriously and fairly, and the Company will promptly investigate all reports submitted.
Telit Cinterion will not retaliate against any person or company that submits a report in good faith.
Updated July 1, 2025
Annex A – Security & Business Continuity Plan (BCP) Requirements
The following describes the various requirements that are the responsibility of the Supplier in respect to Security & Business Continuity Plan (BCP):
1. Physical Security:
- Access Control: Implement robust controls to ensure only authorized personnel have access to the plant. This could include keycards, biometric systems, or even AI-based recognition systems.
- Facility Security: The Supplier’s Facility should be well lit and secured with fencing and surveillance cameras. 24X7 security guard with regular patrols and inspections should be done to identify and address any potential security issues.
- Server room: must have security access control rules with traceability and more restrictions on personal access.
- Physical servers provided by Supplier.
- Physical servers provided by Telit Cinterion
2. Cybersecurity:
- Network Security: Ensure that third party suppliers follows best practices for network security, including using firewalls, network segmentation, secure Wi-Fi networks, EDR and regularly updating and patching systems.
- Data Security: Enforce strong data protection policies. This might include encryption of sensitive data, secure data transfer methods, and regular backups.
- Regular Updates and Patching: Ensuring that all systems and software are regularly updated and patched to protect against known vulnerabilities.
3. Supplier Security:
- Security Audits: Regularly audit third-party suppliers to ensure they are adhering to agreed security practices. This should cover both physical and cybersecurity.
- Contractual Agreements: Contracts with third party suppliers should include clauses that define security expectations and liabilities. The supplier should be required to report any security incidents promptly.
- Supplier Employee Training: The third party supplier’s staff should be trained on security best practices. This includes understanding the importance of not disclosing sensitive information and being able to identify common cybersecurity threats like phishing.
4. Quality Assurance & Control:
- Process Integrity: Ensure third party suppliers maintains high standards of production quality and integrity. Regular inspections and audits can assist in implementing that.
- Product Testing: Implement stringent testing protocols to ensure that the quality of the product is not compromised.
5. Regulatory Compliance:
- Standards Compliance: Ensure Supplier and supply chain with relevant industry standards and regulations, such as ISO 27001 and 22301 standards.
6. Incident Response Plan:
- Incident Management: Have a clear plan for managing security incidents. This should include steps to contain the incident, investigate it, and recover from it. Third party suppliers should be included in this plan and should understand their responsibilities.
7. Data Encryption:
- Ensuring that all sensitive data is encrypted both in transit and at rest to protect it from unauthorized access.
8. Multi-Factor Authentication (MFA):
- Implementing MFA to add an extra layer of security for accessing systems and data.
Supplier shall provide a Business Continuity Plan (BCP) for a manufacturing plant according to the relevant standards which should include but not limited to:
- Risk Assessment: Identify and analyze potential risks and problems that may disrupt operations and supply continuity.
- Third-Party Risk Management: Assessing and managing the security risks associated with third-party vendors and partners
- Business Impact Analysis: Determine the potential effects of these risks on your business processes and how long you can sustain a shutdown (Recovery Time Objective, or RTO).
- Recovery Strategies: Develop and document strategies to resume critical operations within the RTO.
- Plan Development: Write a clear and detailed plan, outlining roles, responsibilities, and procedures.
- Training and Testing: Educate employees about the plan and conduct regular tests to ensure its effectiveness.
- Regular Review: Update the plan regularly based on changing business needs and threat landscapes.
- Third-Party Coordination: Ensure the third-party supplier is fully integrated into your BCP and understands their roles and responsibilities.
- Alternative Facility: If Supplier anticipates a production or supply continuity disruption or halt lasting three months or more, Supplier is obligated to provide, at no further cost, an alternative Facility within one of its mother company facilities. Any transfer will be subject to Telit’s prior written consent.