Saviynt Customer Sustainability Code of Conduct

Purpose and Scope

Saviynt expects all Customers, contractors, and business partners (“Customers”) to operate responsibly, ethically, and in alignment with the principles outlined in this Customer Sustainability Code of Conduct (“Code”). These expectations apply to all goods and services provided to Saviynt and are intended to complement, not replace, contractual requirements or applicable laws.

Ethical Business Conduct

Customers must conduct business with integrity and in compliance with all applicable laws and regulations. This includes laws related to anti-bribery, anti-corruption, competition, data protection, trade controls, and financial reporting. Customers must avoid conflicts of interest, maintain accurate records, and prohibit any form of bribery, improper payment, or unethical influence.

Human Rights and Fair Labor

Customers must respect internationally recognized human rights and ensure fair treatment of all workers. This includes prohibiting forced labor, child labor, and human trafficking; complying with laws on wages, benefits, working hours, and rest periods; ensuring non-discrimination in all employment practices; and respecting workers’ lawful rights to freedom of association and collective bargaining.

Health and Safety

Customers shall provide a safe and healthy work environment and take reasonable steps to prevent workplace injuries and illnesses. This includes identifying and mitigating hazards, providing appropriate protective equipment and training, and maintaining emergency preparedness procedures.

Environmental Responsibility

Customers are expected to manage their operations in an environmentally responsible manner and comply with all applicable environmental laws. Customers should take reasonable, practical steps to reduce environmental impacts, including minimizing waste, emissions, and resource consumption, and promoting pollution prevention wherever feasible.

Data Security and Privacy

When handling Saviynt data or customer data, Customers must comply with applicable data protection laws and maintain appropriate administrative, technical, and organizational safeguards to protect against unauthorized access, disclosure, alteration, or loss. Customers must use data only for authorized purposes and promptly report any suspected or actual data breaches in accordance with contractual requirements.

Customer Diversity

Saviynt values diversity and seeks to work with Customers that promote equitable and inclusive practices. Customers are encouraged to support diversity within their own organizations and supply chains and to provide fair opportunities for women-owned, minority-owned, LGBTQ+-owned, veteran-owned, disability-owned, and other underrepresented or diverse businesses.

Subcontractors and Supply Chain

Customers must ensure that their subcontractors and downstream Suppliers adhere to the principles outlined in this Code. Customers remain responsible for the actions and compliance of their subcontractors in connection with the goods and services provided to Saviynt.

Monitoring and Continuous Improvement

Saviynt may request information or conduct assessments to verify Customer alignment with this Code. Customers are expected to cooperate with reasonable requests, correct identified issues promptly, and demonstrate efforts toward continuous improvement in ethical, social, and environmental performance.

Acknowledgment

By providing goods or services to Saviynt, Customers acknowledge this Code and commit to integrating its principles into their operations and supply chains to the extent reasonably possible and appropriate to their size, industry, and risk profile.

Rev.01012026