SOC 2 Criteria: CC1.1, CC1.4, CC1.5, CC2.2, CC5.2
Keywords: : Ethical Behavior, Safety, Harassment, Disciplinary Action, Law Enforcement
The StarTree Code of Conduct (“Code”) is built around our belief that everything we do will be measured against the highest possible standards of ethical business conduct. Our commitment to high standards helps us hire great people, build great products, and attract loyal customers.
Who must follow the Code?
We expect all employees to know and follow the Code. Failure to do so can result in disciplinary action, up to and including termination of employment. We also expect our contractors, consultants, and others who may be temporarily assigned to perform work or services for StarTree to follow the Code when they work with us. Failure of a StarTree contractor, consultant, or other service provider to follow the Code can result in termination of their relationship with StarTree.
Who to ask about the Code?
If you have a question or concern about the Code, be proactive and contact your manager. You can also submit a question or raise a concern regarding a suspected violation of our Code (or any other StarTree policy) to your manager.
StarTree prohibits retaliation against anyone who reports, or participates in an investigation of, a possible violation of our Code, our policies, or the law. Please contact a member of senior management if you believe that you are the subject of retaliation within StarTree.
Code of Conduct
As a StarTree employee, you’re expected to be honest, act ethically, and demonstrate integrity in all situations. You have a duty to follow policies and procedures found in this Code of Conduct, as well as those that are specific to your job. You must also comply with all laws that apply to our business. Most of the time, common sense and good judgment provide excellent guideposts. If you’re unsure about the right thing to do, ask someone on the management team.
Before you act, ask yourself:
Is this the right thing to do?
Is it legal?
Do I have the authority to act?
Does the action comply with the Code of Conduct and policies and procedures?
If this action became public, how would it look in the news media?
Would I be upset or embarrassed if other people found out about this action?
If your answer to any of these questions raises doubts, talk with your supervisor, anyone in management, or the StarTree Compliance Officer. If you’re a supervisor or a manager, you’re responsible for knowing the rules and reviewing the Code of Conduct with the people who report to you to make sure they’re familiar with its contents. You’re also responsible for preventing violations of the Code, as well as detecting violations that may occur and reporting them appropriately.
You’re expected to:
Lead with integrity.
Encourage employees to ask questions and expand their knowledge of the rules.
Demonstrate integrity by acting promptly and effectively when necessary.
Educate employees on compliance policies specific to their job responsibilities.
Quality Work Environment
We are committed to a supportive work environment, where our employees have the opportunity to reach their fullest potential. Members of our StarTree team are expected to do their utmost to create a workplace culture that is free of harassment, intimidation, bias, and unlawful discrimination.Please read the Employee Handbook for greater detail about how we should conduct ourselves at work.
1. Equal opportunity employment
Employment at StarTree is based solely upon individual merit and qualifications directly related to professional competence. We strictly prohibit unlawful discrimination or harassment on the basis of race, color, religion, veteran status, national origin, ancestry, pregnancy status, sex, gender identity or expression, age, marital status, mental or physical disability, medical condition, sexual orientation, or any other characteristics protected by law. We also make reasonable accommodations to meet our obligations under laws protecting the rights of the disabled.
1. Harassment, discrimination, and bullying
StarTree strictly prohibits discrimination, harassment, and bullying in any form – verbal, physical, or visual. If you believe that you’ve been bullied or harassed by anyone at StarTree, or anyone connected to StarTree (such as a partner or vendor), please immediately report the incident to your manager or the HR team. HR will promptly and thoroughly investigate any complaints and take appropriate action.
1. Drugs and alcohol
Substance abuse is incompatible with the health and safety of our employees, and we don’t permit it. Consumption of alcohol is allowed at our office on special occasions, but we ask everyone to use good judgment and never drink in a way that: (i) leads to impaired performance or inappropriate behavior, (ii) endangers the safety of others, or (iii) violates the law. Illegal drugs in our offices or at work-related events are strictly prohibited.
1. Safe workplace
We are committed to a violence-free work environment. We will not tolerate any level of violence or the threat of violence in the workplace. No one should bring a weapon to work under any circumstances. If you become aware of a violation of this policy, report it to a member of senior management immediately.
Avoid conflicts of interest
As StarTree employees, we should avoid conflicts of interest and circumstances that reasonably present the appearance of a conflict of interest, especially if it would create an incentive for you or present the appearance of an incentive for you, (whether directly or indirectly).
Here is list of areas where conflicts of interest often arise:
Personal investments (e.g. with competitors)
Outside employment, advisory roles, and board seats
Business opportunities found through your work at StarTree
Inventions influenced by your work at StarTree
Business opportunities involving friends and relatives
Acceptance of gifts, entertainment, and other business courtesies
If you are unsure if there is a conflict of interest, contact the Compliance or Legal teams to discuss.
Throughout its lifecycle, all nonpublic information that is processed, transmitted, and/ or stored by StarTree must be protected in a manner that is consistent with our contractual and legal requirements and reasonable and appropriate for the level of sensitivity, value, and risk associated with Nonpublic information (please see the Data Classification Policy). Information that contains data elements from multiple classifications must be protected at the highest level of information represented. For example, a document that contains Nonpublic and Public information must be treated as Nonpublic information. Nonpublic information must be secured against disclosure, modification, and access by unauthorized individuals. Therefore, the information must be:
Secured at rest; and
Secured in transit; and
Securely destroyed in accordance with record retention policies and procedures.
You’re responsible for using StarTree's computer resources properly – especially with regard to information security – and you need to be thoroughly familiar with StarTree's Information Security policies and procedures.
These steps can go a long way in preventing unauthorized access:
Never share your login information.
Lock your workstation when you step away. Log off your workstation when you leave for the day.
Clear your workstation, waste can, printers and fax machines of sensitive information, such as PII or company-sensitive information.
Protect StarTree's Assets
1. Intellectual property
StarTree's intellectual property rights (e.g. patents, trademarks, copyrights, trade secrets, and “know-how”) are valuable assets. Unauthorized use can lead to their loss or serious loss of value. You must comply with all intellectual property laws, including laws governing the fair use of copyrights and trademarks. You must never use StarTree's trademarks or other protected information or property for any business or commercial venture without pre-clearance from the Marketing team. Report any suspected misuse of trademarks or other StarTree intellectual property to the Legal or compliance team. Likewise, respect the intellectual property rights of others. Inappropriate use of others’ intellectual property may expose StarTree and you to criminal and civil fines and penalties. Seek advice from the Legal team before you solicit, accept, or use proprietary information from individuals outside the company or allow them obtain access to StarTree proprietary information. You should also check with the Legal team if developing a product feature that uses content not belonging to StarTree.
1. Company Equipment
StarTree gives us the tools and equipment that we need to do our jobs effectively, but counts on us to be responsible and not wasteful. Uncertain whether personal use of company assets is okay? Ask your manager.
1. The Network
StarTree's network, software, and computing hardware are a critical aspect of our company’s physical property and intellectual property. Follow all security policies diligently. If you have any reason to believe that our network security has been violated – for example, you lose your laptop or think that your network password may have been compromised – promptly report the incident to your manager.
1. Physical Security
Bad actors may steal company assets. Always secure your laptop, important equipment, and your personal belongings, even while on company premises. Promptly report any suspicious activity to your manager.
Ensure financial integrity and responsibility
Financial integrity and fiscal responsibility are core aspects of corporate professionalism. Each
person at StarTree has a role in making sure that money is appropriately spent, our financial records are complete and accurate, and internal controls are honored. This is applicable every time that we hire a new vendor, expense something to StarTree, or sign a new business contract.
It’s important that we also keep records for an appropriate length of time. StarTree's Data Retention Policy suggests minimum record retention periods for certain types of records. These guidelines help keep in mind applicable legal requirements, accounting rules, and other external requirements. Contractual obligations may sometimes specify longer retention periods for certain types of records. In addition, if you are asked by the Legal team to retain records relevant to a litigation, audit, or investigation, do so until Legal tells you that retention is no longer necessary. If you have any questions regarding the correct length of time to retain a record, contact the Compliance or Legal teams.
Obey the law
StarTree takes its responsibilities to comply with laws very seriously. Every employee is expected to comply with applicable legal requirements and restrictions. You should understand the laws and regulations that apply to your work. Contact the Compliance or Legal teams if you have any questions.
The Compliance team will verify compliance with this Code through various methods (e.g.
periodic manager reviews, tool reports, internal and external audits, and employee feedback).
Any exception to this Code must be approved by the Compliance team in writing.
Any employee who violates this Code may be subject to disciplinary action, up to and including
termination of employment in addition to any civil and criminal liability.
Your Annual Acknowledgment of the Code of Conduct
Once each year, as a condition of your employment, you’re required to acknowledge that you have received the Code of Conduct and understand its rules. New employees will sign an acknowledgment when they start with the company. Basically, your annual acknowledgment confirms that:
You’ve reviewed the Code of Conduct and you are required to comply with the Code of Conduct; you will comply with the compliance policies and procedures, as well as policies and procedures related to your job responsibilities;
You will report any questions or concerns about suspected or actual violations of the Code to your supervisor, anyone in management or StarTree's Compliance Officer,
To the best of your knowledge, you haven’t acted contrary to the Code of Conduct
You have reported any potential conflicts of interest to the Compliance Department.