Contact Login

Your trusted business partner

We are committed to conducting business ethically and with integrity, and aim to build trust through responsible, transparent and secure business practices.

Techstep’s Management System is ISO certified according to the ISO 9001, ISO 14001, and ISO/IEC 27001 standards.

 

 

20211126-AdobeStock_485877782
Resource center

ESG policies and certificates

Information security and privacy management

At Techstep, we are strongly committed to privacy, security, and transparency. Our management system for information security and privacy is certified according to the internationally recognised ISO/IEC 27001 standard. This certification demonstrates that we have implemented a robust, systematic, and risk-based approach to managing information security.

Our certified management system ensures that appropriate technical, organisational, personnel, and physical security controls are in place. It also encompasses all processes related to privacy and GDPR, reinforcing our dedication to safeguarding data and maintaining trust with our stakeholders.

 

Data privacy through GDPR

We work in compliance with national laws of the countries in which we operate, as well as with the EU General Data Protection Regulation (GDPR). In addition, principles from application software security are applied to ensure Techstep designs secure products.

Want to know more about information security and privacy in Techstep?

Contact us

Responsible supply chain

AdobeStock_359196610

Third party management

Our suppliers and partners are an important part of our value chain, as they provide us with the products and services we need, to deliver our solutions to our customers. Our relationship with our third parties also brings responsibilities, such as shared concern for the environmental impact of our supply chain and potential social and compliance risks if these factors are not managed appropriately.

Our Supplier Code of Conduct sets out our expectations of suppliers, which are based on the principles of the Universal Declaration of Human Rights, the International Labour Organisation (ILO) Core Conventions and UN Global Compact’s 10 principles for sustainable development.

The Transparency Act

Techstep is subject to the Norwegian Transparency Act, which entered into force 1 July 2022. The act shall promote enterprises’ respect for fundamental human rights and decent working conditions in connection with the production of goods and the provision of services. The act will ensure the general public access to information regarding how enterprises address adverse impacts on fundamental human rights and decent working conditions, as well as secure public access to information.

Techstep have established guidelines and routines to safeguard human rights and decent working conditions in our business operations. Core governing documents for Techstep’s management and compliance of human rights and decent working conditions are:

  • Code of Conduct
  • ESG policy
  • Supplier Code of Conduct

In accordance with Section 5 of the Norwegian Transparency Act, Techstep’s annual Transparency Act Report is included as part of the Annual and Sustainability Report for 2024. You can also read our statement on the Transparancy Act for 2024 here.

Information requests can be sent to compliance@techstep.no. We will provide you with a response within three weeks.

More information on the Norwegian Transparency Act can be found here

Read our Supplier Code of Conduct

Ethical business conduct

Techstep’s commitment to business ethics and compliance with international regulations and internal policies is anchored in our code of conduct.

Our code of conduct provides the framework for employee’s involvement in ensuring the group operates in an ethical, sustainable and socially responsible manner. It specifies the main principles that apply for everyone associated with Techstep and is intended to guide daily business activities and to be integrated into critical processes, practices, activities and decision-making across the group.
Read our Code of Conduct

Reporting concerns

Reporting a Concern

At Techstep, we are committed to maintaining the highest standards of integrity, compliance, and security. If you have any concerns related to ethics, compliance, or security, we encourage you to report them through the appropriate channels.

Ethics and Compliance Concerns

If you wish to report a concern related to ethical conduct, legal compliance, or company policies, please use our established reporting mechanisms or contact compliance@techstep.io.

Report a Security Vulnerability

If you discover a potential security vulnerability in Techstep’s systems, services, or products, please report it responsibly to compliance@techstep.io.

Include:

  • A description of the vulnerability
  • Steps to reproduce
  • Potential impact

Our Commitment:

  • We will acknowledge your report within a reasonable timeframe.
  • Our security team will investigate and work to resolve the issue promptly.
  • Please do not publicly disclose the vulnerability until we have addressed it.

Safe Harbor:
If you act in good faith and follow these guidelines, Techstep will not pursue legal action against you. We ask that you:

  • Avoid exploiting the vulnerability beyond what is necessary to demonstrate it.
  • Do not access, modify, or delete data.
  • Do not disrupt services.

Scope

This applies to:

  • Techstep-owned systems and services under the techstep.io domain.
  • Our cloud-based platforms and mobile device management services.

Exclusions:

  • Physical attacks
  • Social engineering
  • Denial-of-service testing