15 November 2022

To our stakeholders:

I am pleased to confirm that Cyber-Duck Limited reaffirms its support of the Ten Principles of the United Nations Global Compact in the areas of Human Rights, Labour, Environment and Anti-Corruption.

In this annual Communication on Progress, we describe our actions to continually improve the integration of the Global Compact and its principles into our business strategy, culture and daily operations. We also commit to share this information with our stakeholders using our primary channels of communication.

Sincerely yours,


Daniel Bluestone

CEO

At Cyber-Duck People are our most valuable, and therefore all our efforts and policies are put in place to ensure a safe working environment is provided to them to reach their personal and professional goals. As part of this we continue to make sure that we are compliant with human rights and employment legislation in the United Kingdom and beyond.

Since 2021, Cyber-Duck has implemented a Speak Out Policy. Moreover, we have put in place policies such as Pregnancy Loss and Menopause Policies to ensure that we continue to protect and encourage the rights of our employees.

Cyber-Duck has the following written policies in place to ensure that it upholds the principles under UN Global Compact:

- Anti Slavery Policy
- Equality, Diversity and Inclusion Policy
- Gender Pay Gap Policy
- Employee Screening and Vetting Policy
- Supplier Management and Procurement Policy

Cyber-Duck is committed to ensure that these policies continue to uphold our commitment to UN Global Compact Labour Principles.

Cyber-Duck provides grievance mechanisms under People Policies (Employee Handbook). Furthermore, the Operations Team at Cyber-Duck are tasked with ensuring that written policies listed above are adhered to through checks and reviews.

Should there be incidents pertaining to Global Compact Labour principles, they are immediately raised as incidents under incident management policy to Cyber-Duck leadership. Currently, Cyber-Duck does not have a history and / or current incidents of such nature having occurred.

Cyber-Duck hold an ISO-14001 accreditation with British Standards Institution (BSI). This accreditation was obtained in April 2022. The Environmental Management System (EMS) in place at Cyber-Duck sets out clear environmental objectives and plans for achieving them and addresses environmental risks and opportunities. Through implementation of EMS, Cyber-Duck is committed to achieving environmental objectives and continual monitoring and improvement.

Through implementation of EMS, Cyber-Duck conducts training for all staff members on environmental protection and continues to raise awareness. This is done through staff inductions, training refreshers and company announcement meetings (staff meetings).

Our Environmental Management System enables us to consider, measure, assess and action where required to protect the environment during our operations, through various aspects of our business. Our Carbon Emission targets, implementation plans, and measures are published under ISO 14001 objectives and our plans for achieving them.

We intend to consider adopting ISO 14067:2018 by 2025 to continue and have an effective and progressive response and approach to the urgent threat of climate change based on the best available scientific knowledge.

We commit to beginning our offsetting initiatives by “tree planting” from February 2023. We believe that by offsetting during our reduction phase, and beyond to reduce our impact on the environment.

Current Projects and Initiatives Towards Emissions Reduction include:

• We have enrolled a Hybrid Working model, reducing commute and travel. Our smart Hybrid Working model enables us to avoid unnecessary travel and work remotely where possible.
• We have replaced our central London office with use of a co-working space.
• Our employee benefits (salary sacrifice scheme through HMRC) enables staff to purchase an electric car.
• We have reduced our recyclable waste by moving to digital records entirely across all operational departments.
• Through recycling and reducing the number of electric and IT equipment and implementing policies to ensure that equipment is repaired prior to replacement and any purchases are necessary to the business, we have reduced purchase of new equipment where possible.
• We actively donate equipment or office furniture to charity for re-use.
• We work only with cloud providers for hosting and services that are committed to sustainability and powering operations using renewable energy, such as AWS
• We implement sustainable design practices, to reduce server traffic/waste, as documented in our blog

Further information is included in our Environmental Policy. Please also refer to:
https://www.cyber-duck.co.uk/insights/cyber-duck-sustainable-future-workplace
https://www.cyber-duck.co.uk/carbon-reduction-plan
https://www.cyber-duck.co.uk/insights/how-to-drive-down-website-carbon-emissions
https://www.cyber-duck.co.uk/insights/how-sustainable-design-can-help-climate-change

Cyber-Duck has an Environmental Risk Management board and procedure and policy in place which is reviewed by management on a quarterly basis. Moreover the company's continual improvement policy and procedure ensures that we handle all incidents in a timely and effective manner and address any non conformities to our policies and processes in place in achieving our Environmental Objectives.

Cyber-Duck is audited externally by BSI annually and an internal audit is conducted once every 2 years. Our last external audit was successfully completed in April 2022 which resulted in Cyber-Duck obtaining ISO-14001 accreditation and our next external audit is to take place on 29 November 2022.

Currently, Cyber-Duck is completing its first internal audit.

Cyber-Duck adheres to an "Anti-bribery and Corruption" policy which outlines the company’s stance and guidance on ethical behaviour surrounding bribery, corruption and fraud. This policy applies to all employees at Cyber-Duck and is in effect at all times whilst working for the Company. It also extends to anyone working for or on our behalf e.g those engaged by us on a self-employed basis or and agency arrangement.

Cyber-Duck will take all precautionary actions to reduce the risk of potential opportunities for bribery and fraud. This includes (but is not limited to) the publication of appropriate policies, expenses reporting and checking, the enforcement of disciplinary action where appropriate, recruitment checks (references and previous work checks), internal financial audits and fortified internal controls.

Cyber-Duck hold a zero tolerance approach to bribery, in compliance with the anti-bribery law.

We take a zero-tolerance approach to bribery and corruption by our people and our third party representatives. Disciplinary action will be taken against any employee who is exposed as having offered or accepted a bribe, has behaved corruptly in anticipation of a bribe, committed fraud or has deliberately manipulated expenses for self-gain. Where behaviour or actions of a criminal act are evident, the issue will be escalated to a higher authority (such as the police).

Following the measures set out in the United Nations Convention against Corruption (UNCAC), Cyber-Duck will ensure that all employees shall be subject to corruption laws regardless of their position, influence or status. Corruption also relates to any illegal behaviours as covered within the Competition Act (1998) which restricts the manipulation, falsification and distortion of competition within UK markets. Information leading to highlighting any corrupt behaviour should be reported through the process outlined in the Company’s Whistleblowing Policy at the earliest opportunity, providing evidence where possible.

Ongoing monitoring, internal audits and financial transparency within Cyber-Duck will aid in exposing or relieving any potential corrupt activities. Additional information on transparency of information is included in Cyber-Duck's Corporate Social Responsibility Policy.

Cyber-Duck currently does not have any incidents to report on regarding bribery and / or corruption. Cyber-Duck reviews this policy on an annual basis.