Compliance & Ethics Statement

Our commitment to lawful, ethical, and responsible business conduct.

Effective Date: 1 January 2026

1. Our Commitment

Elka Technology Group ("Elka", "we", "us", or "our") is firmly committed to conducting all business operations in a lawful, ethical, and socially responsible manner. Integrity, transparency, and accountability are foundational principles that govern every aspect of our organisation, from the services we deliver to the relationships we maintain with clients, partners, regulators, and the communities in which we operate.

This Compliance and Ethics Statement sets forth the standards of conduct and governance principles to which Elka Technology Group and its subsidiaries, affiliated entities, software products, and platforms (collectively, "Elka Entities") adhere. It applies to all directors, officers, employees, contractors, consultants, and agents acting on behalf of or in association with any Elka Entity, across all jurisdictions and business activities.

Elka Technology Group maintains a zero-tolerance approach to unethical, unlawful, or non-compliant conduct. The organisation expects all personnel to uphold the highest standards of professional integrity and to act in accordance with both the letter and spirit of applicable laws, regulations, industry standards, and internal policies at all times.

2. Legal and Regulatory Compliance

Elka Technology Group is committed to full compliance with all applicable laws, regulations, and standards in every jurisdiction in which it operates. This includes, but is not limited to, legislation and regulatory frameworks governing corporate governance, taxation, employment, health and safety, consumer protection, competition, export controls, trade sanctions, and information technology.

The organisation actively monitors changes in the legal and regulatory landscape to ensure that its policies, procedures, and business practices remain current and fully compliant. Where differences exist between local laws and internal standards, Elka Technology Group applies the higher standard, provided that doing so does not contravene local law.

Key areas of legal and regulatory compliance include:

  • Compliance with all applicable corporate, commercial, and company law in each jurisdiction of operation
  • Adherence to taxation obligations, including timely and accurate filing of all required tax returns and payments
  • Compliance with employment and labour laws, including those relating to wages, working hours, non-discrimination, and workplace safety
  • Observance of trade controls, sanctions, and export regulations as imposed by relevant governmental authorities
  • Compliance with industry-specific regulatory requirements applicable to the provision of information and communications technology services
  • Adherence to all licensing, registration, and permitting requirements necessary for the lawful conduct of business

Elka Technology Group engages qualified legal counsel and compliance professionals to advise on regulatory matters and to support the organisation in maintaining an effective compliance programme.

3. Ethical Business Practices

Elka Technology Group conducts all business dealings with honesty, fairness, and integrity. The organisation is committed to ethical practices in all interactions with clients, suppliers, partners, competitors, and government entities.

3.1 Anti-Bribery and Anti-Corruption

Elka Technology Group maintains a strict prohibition against bribery and corruption in all forms. No director, officer, employee, contractor, or agent of Elka Technology Group shall offer, promise, give, solicit, or accept any bribe, kickback, improper payment, or other thing of value to or from any person or entity, whether in the public or private sector, for the purpose of obtaining or retaining business, securing an improper advantage, or influencing any official act or decision.

This prohibition applies regardless of local custom or practice and extends to payments or benefits made directly or through intermediaries, agents, or other third parties. Elka Technology Group complies with all applicable anti-bribery and anti-corruption legislation, including but not limited to the UK Bribery Act 2010, the United States Foreign Corrupt Practices Act (FCPA), and equivalent legislation in all jurisdictions of operation.

Facilitation payments, regardless of their nature or value, are prohibited. The organisation does not permit the making of such payments under any circumstances.

3.2 Fair Dealing and Competition

Elka Technology Group competes fairly and ethically in all markets. The organisation does not engage in anti-competitive practices, including but not limited to price-fixing, bid-rigging, market allocation, or the abuse of a dominant market position. All personnel are required to comply with applicable competition and antitrust laws and to avoid any conduct that could be construed as anti-competitive or in restraint of trade.

Business relationships with clients, suppliers, and partners are conducted on the basis of merit, quality, and value. The organisation does not seek to gain competitive advantage through unethical or unlawful means.

3.3 Conflicts of Interest

All personnel of Elka Technology Group are expected to avoid situations in which their personal interests may conflict, or appear to conflict, with the interests of the organisation. Where a potential conflict of interest arises, it must be promptly disclosed to the appropriate management authority in accordance with internal policies. Undisclosed conflicts of interest undermine trust and are not tolerated.

3.4 Gifts, Hospitality, and Entertainment

The offering or acceptance of gifts, hospitality, or entertainment in connection with business activities must be reasonable, proportionate, transparent, and in compliance with internal policies. Gifts or hospitality that could be perceived as an inducement, reward, or attempt to improperly influence a business decision are prohibited.

4. Data Protection and Privacy

Elka Technology Group recognises the fundamental importance of data protection and privacy. The organisation is committed to processing all personal data in a lawful, fair, and transparent manner, and in strict compliance with applicable data protection legislation in every jurisdiction in which it operates.

Key commitments in the area of data protection and privacy include:

  • Compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the UK General Data Protection Regulation, and all other applicable data protection and privacy laws
  • Collection and processing of personal data only for specified, explicit, and legitimate purposes, and not in any manner incompatible with those purposes
  • Application of data minimisation principles, ensuring that only personal data that is adequate, relevant, and limited to what is necessary is collected and processed
  • Implementation of appropriate technical and organisational measures to ensure the security, confidentiality, and integrity of personal data
  • Provision of clear and transparent information to data subjects regarding the processing of their personal data
  • Respect for the rights of data subjects, including the rights of access, rectification, erasure, restriction of processing, data portability, and objection
  • Maintenance of records of processing activities as required by applicable law
  • Prompt notification of data breaches to relevant supervisory authorities and affected data subjects where required by law
  • Engagement of data processors only where adequate contractual safeguards and assurances of compliance are in place

Full details of how Elka Technology Group collects, uses, and protects personal data are set forth in our Privacy Policy.

5. Platform Compliance

Elka Technology Group operates in an ecosystem that involves the use of numerous third-party platforms, tools, and services. The organisation is explicitly committed to full compliance with the terms of service, acceptable use policies, and guidelines of all third-party platforms and service providers with which it engages.

This commitment encompasses, but is not limited to, the following:

  • Payment Processors: Elka Technology Group complies with the terms of service, acceptable use policies, and compliance requirements of all payment processing platforms, including Stripe, and any other payment service providers utilised in the course of business. The organisation does not engage in any activity that would constitute a violation of these platforms' policies.
  • Cloud Infrastructure and Hosting Providers: The organisation adheres to the acceptable use policies and terms of service of all cloud computing, hosting, and infrastructure providers upon which its services and operations depend.
  • Software-as-a-Service (SaaS) Platforms: Elka Technology Group complies with the licensing terms, acceptable use policies, and end-user agreements of all SaaS products and platforms used in the delivery of its services or the management of its operations.
  • Application Programming Interface (API) Providers: Where the organisation integrates with or utilises third-party APIs, it does so in strict accordance with the API terms of use, rate limits, data handling requirements, and all other applicable policies.
  • Marketplace and Distribution Platforms: Where Elka Technology Group distributes software, services, or content through third-party marketplaces or distribution platforms, it fully complies with the submission guidelines, content policies, and terms governing those platforms.
  • Domain Registrars and DNS Providers: The organisation adheres to the terms of service and acceptable use policies of all domain registration and DNS service providers, as well as the policies of the Internet Corporation for Assigned Names and Numbers (ICANN) where applicable.

Elka Technology Group monitors platform policy updates on an ongoing basis and adjusts its practices as necessary to maintain continued compliance. Any personnel who become aware of a potential violation of third-party platform terms are required to report the matter immediately through the appropriate internal channels.

6. Anti-Money Laundering

Elka Technology Group is committed to the prevention of money laundering, terrorist financing, and the facilitation of any form of financial crime. The organisation complies with all applicable anti-money laundering (AML) and counter-terrorist financing (CTF) legislation and regulations in every jurisdiction in which it operates.

Key commitments in this area include:

  • Implementation of appropriate customer due diligence (CDD) and know-your-customer (KYC) procedures, proportionate to the nature and risk profile of the business relationship
  • Monitoring of transactions and business relationships for signs of suspicious activity
  • Prompt reporting of suspicious transactions or activities to the relevant authorities in accordance with applicable law
  • Maintenance of adequate records of customer identification, due diligence, and transaction information for the periods prescribed by law
  • Prohibition of any business relationship or transaction where the organisation has reasonable grounds to suspect that funds or assets are derived from criminal activity or are intended to be used for the financing of terrorism
  • Ongoing training of relevant personnel in the identification and reporting of potential money laundering and terrorist financing activities

Elka Technology Group does not knowingly facilitate, assist, or participate in any activity that constitutes or may constitute money laundering or terrorist financing.

7. Anti-Spam and Communications Compliance

Elka Technology Group maintains a strict prohibition against spam, unsolicited communications, and any form of electronic messaging that does not comply with applicable law. The organisation is committed to responsible and lawful communications practices in all of its business activities.

Specific commitments include:

  • Prohibition of the sending of unsolicited commercial electronic messages, including emails, text messages, and other forms of electronic communication, except where expressly permitted by applicable law and where prior consent has been obtained from the recipient
  • Compliance with all applicable anti-spam legislation, including but not limited to the CAN-SPAM Act (United States), the Privacy and Electronic Communications Regulations (United Kingdom and European Union), the Spam Act 2003 (Australia), and Canada's Anti-Spam Legislation (CASL)
  • Inclusion of clear and accurate sender identification, valid physical address, and a functional unsubscribe mechanism in all commercial electronic communications
  • Prompt processing of unsubscribe and opt-out requests within the timeframes required by applicable law
  • Prohibition of the harvesting, scraping, or purchasing of email addresses or other contact information for the purpose of sending unsolicited communications
  • Prohibition of the use of deceptive subject lines, false headers, or misleading sender information in any electronic communication
  • Compliance with telecommunications regulations and do-not-call registries in all jurisdictions where applicable

All personnel are required to adhere to these standards in their business communications. Any communication sent on behalf of or in association with Elka Technology Group must comply with applicable communications laws and the organisation's internal communications policies.

8. Intellectual Property

Elka Technology Group respects the intellectual property rights of others and expects the same respect for its own intellectual property. The organisation is committed to the lawful use, protection, and management of intellectual property in all of its business activities.

Key principles governing intellectual property include:

  • All personnel are required to respect the copyrights, trademarks, patents, trade secrets, and other intellectual property rights of third parties, and to refrain from any unauthorised use, reproduction, distribution, or modification of such property
  • Software, content, and other materials used in the course of business must be properly licensed, and all licensing terms and conditions must be observed
  • Open-source software is used only in accordance with the applicable open-source licence terms, and appropriate records of open-source usage are maintained
  • The organisation takes reasonable steps to protect its own intellectual property, including proprietary software, documentation, methodologies, trade secrets, and confidential business information
  • Client intellectual property and confidential information are treated with the highest standard of care and are used only for the purposes authorised by the client in accordance with the governing agreement
  • Employees, contractors, and agents are required to assign to Elka Technology Group all intellectual property rights in works created in the course of their engagement with the organisation, except as otherwise agreed in writing

Any known or suspected infringement of intellectual property rights, whether involving the organisation's property or that of a third party, must be reported immediately to the appropriate internal authority.

9. Information Security

Elka Technology Group recognises the critical importance of information security to the protection of client data, corporate assets, and the trust placed in the organisation by its stakeholders. The organisation maintains a comprehensive information security programme designed to safeguard information assets against unauthorised access, disclosure, alteration, destruction, and other threats.

The organisation's information security commitments include:

  • Implementation and maintenance of technical and organisational security measures that are appropriate to the nature, scope, and sensitivity of the information being protected
  • Application of the principles of least privilege and need-to-know in the management of access to information systems, data, and facilities
  • Encryption of sensitive data in transit and at rest, in accordance with industry best practices and applicable regulatory requirements
  • Regular risk assessments, vulnerability assessments, and penetration testing to identify and remediate security weaknesses
  • Maintenance of incident response and business continuity plans to ensure the timely detection, containment, and resolution of security incidents
  • Logging, monitoring, and auditing of access to information systems and data to detect and investigate unauthorised or anomalous activity
  • Secure development practices, including code review, security testing, and vulnerability management, in the design and delivery of technology solutions
  • Contractual requirements for third-party service providers and subcontractors to maintain appropriate security measures commensurate with the data and systems to which they have access
  • Regular review and updating of information security policies, procedures, and controls to address emerging threats and evolving best practices

Elka Technology Group aligns its information security practices with recognised international standards and frameworks, including ISO/IEC 27001 and the NIST Cybersecurity Framework, as appropriate to its operations and risk profile.

10. Environmental and Social Responsibility

Elka Technology Group acknowledges its responsibility to contribute positively to the environment and to the communities in which it operates. The organisation is committed to integrating environmental and social considerations into its business operations and decision-making processes.

10.1 Environmental Responsibility

Elka Technology Group endeavours to minimise the environmental impact of its operations through the following measures:

  • Responsible use of energy and natural resources in the operation of offices, data centres, and other facilities
  • Preference for energy-efficient equipment and cloud infrastructure providers that demonstrate a commitment to sustainability and renewable energy
  • Reduction of waste through responsible procurement, recycling, and the promotion of digital-first practices that minimise paper usage
  • Compliance with all applicable environmental laws and regulations in every jurisdiction of operation
  • Promotion of remote and flexible working arrangements where feasible, thereby reducing the environmental impact of employee commuting and business travel

10.2 Social Responsibility

Elka Technology Group is committed to conducting its business in a socially responsible manner, which includes:

  • Promotion of diversity, equity, and inclusion within the workforce and in all business relationships
  • Maintenance of a respectful, safe, and harassment-free work environment for all personnel
  • Fair treatment of all employees, contractors, and business partners, including fair compensation, reasonable working conditions, and respect for labour rights
  • Support for ethical sourcing and supply chain practices, including the avoidance of suppliers known to engage in exploitative labour practices, modern slavery, or human trafficking
  • Compliance with the UK Modern Slavery Act 2015 and equivalent legislation in other jurisdictions, including the maintenance of appropriate policies and due diligence processes

11. Employee Conduct and Training

Elka Technology Group expects all personnel to conduct themselves with professionalism, integrity, and respect in all business interactions. The organisation maintains a comprehensive code of conduct that sets forth the behavioural standards expected of all directors, officers, employees, contractors, and agents.

Key elements of employee conduct and training include:

  • All personnel are required to read, understand, and comply with the organisation's code of conduct, compliance policies, and relevant legal and regulatory requirements applicable to their role
  • Regular compliance and ethics training is provided to all personnel, covering topics including but not limited to anti-bribery and anti-corruption, data protection, information security, anti-money laundering, workplace health and safety, and anti-discrimination
  • Specialised training is provided to personnel in roles that carry heightened compliance risk, such as those involved in finance, procurement, sales, client-facing services, and data processing
  • Training programmes are reviewed and updated regularly to reflect changes in applicable law, regulation, industry standards, and organisational policies
  • Completion of mandatory training is tracked and documented, and non-compliance with training requirements may result in disciplinary action
  • All personnel are expected to raise questions or concerns about compliance or ethical matters without fear of retaliation, and to seek guidance from management or the compliance function where uncertainty exists

Violations of the organisation's compliance and ethics policies, code of conduct, or applicable law may result in disciplinary action, up to and including termination of employment or engagement, and referral to the appropriate legal or regulatory authorities where warranted.

12. Whistleblowing and Reporting

Elka Technology Group encourages the reporting of any conduct that is believed to be unlawful, unethical, or in violation of the organisation's policies. The organisation is committed to providing safe, confidential, and accessible channels through which concerns may be raised without fear of retaliation.

Key principles governing whistleblowing and reporting include:

  • All personnel, clients, partners, suppliers, and other stakeholders are encouraged to report any known or suspected violations of law, regulation, organisational policy, or ethical standards
  • Reports may be made to the reporter's direct manager, senior management, the compliance function, or through the dedicated compliance reporting channel
  • Elka Technology Group maintains a strict non-retaliation policy. No individual who makes a report in good faith shall be subject to retaliation, discrimination, harassment, or any other adverse consequence as a result of making that report
  • All reports are taken seriously and are investigated promptly, thoroughly, and impartially. The organisation takes appropriate corrective and preventive action in response to substantiated findings
  • Confidentiality is maintained to the greatest extent possible during the investigation and resolution of reported concerns, consistent with the need to conduct a thorough investigation and comply with applicable law
  • The organisation complies with all applicable whistleblower protection legislation, including the EU Whistleblower Directive (Directive (EU) 2019/1937), the UK Public Interest Disclosure Act 1998, and equivalent legislation in other jurisdictions

To report a compliance or ethics concern, please contact:

Compliance and Ethics
Elka Technology Group
Email: compliance@elkatechnology.com

All reports submitted to this address will be reviewed by the compliance function and handled in accordance with the organisation's investigation and whistleblowing procedures.

13. Continuous Improvement

Elka Technology Group is committed to the continuous improvement of its compliance and ethics programme. The organisation recognises that the legal, regulatory, and business environment is subject to ongoing change, and that an effective compliance programme must be regularly reviewed, tested, and enhanced to remain fit for purpose.

Measures undertaken to support continuous improvement include:

  • Regular internal reviews and audits of compliance policies, procedures, and controls to assess their effectiveness and identify areas for improvement
  • Periodic risk assessments to identify new or evolving compliance risks and to ensure that the organisation's risk management framework remains adequate
  • Benchmarking of compliance practices against industry standards, recognised frameworks, and regulatory guidance
  • Monitoring of regulatory developments, enforcement actions, and industry trends to inform proactive adjustments to the compliance programme
  • Solicitation of feedback from personnel, clients, and other stakeholders on the effectiveness of compliance policies and training
  • Engagement of external advisers, auditors, or consultants where appropriate to provide independent assessment and guidance on compliance matters
  • Reporting to senior management and the board on the status, findings, and effectiveness of the compliance programme at regular intervals

This Compliance and Ethics Statement is reviewed at least annually and is updated as necessary to reflect changes in applicable law, regulation, organisational policy, or business operations. The "Effective Date" at the top of this document indicates the date of the most recent revision.

14. Contact Information

If you have any questions, concerns, or feedback regarding this Compliance and Ethics Statement or the compliance practices of Elka Technology Group, please contact us using the following details:

Elka Technology Group
Compliance and Ethics
Email: compliance@elkatechnology.com

For matters relating to data protection and privacy, please refer to our Privacy Policy or contact us at privacy@elkatechnology.com.

For general enquiries, please visit our Contact page.

Elka Technology Group is committed to responding to all legitimate enquiries in a timely and professional manner.

This website uses essential cookies to ensure proper functionality. By continuing to use this site, you consent to our use of cookies. Learn more.