Xoxoday maintains a formal Workplace Ethics and Code of Conduct Policy that governs anti-harassment, anti-bribery, confidentiality of information, and privacy and data protection across the entire organisation.
Xoxoday’s Commitment to Workplace Ethics
Xoxoday enforces a comprehensive Workplace Ethics and Code of Conduct Policy that applies to all employees, contractors, and representatives globally. The policy establishes clear standards of professional behaviour and legal compliance, ensuring that every person operating under the Xoxoday name understands their obligations and the consequences of non-compliance. This policy is not a set of aspirational guidelines — it is a binding framework that is reviewed, maintained, and enforced as part of Xoxoday’s broader governance programme.Anti-Harassment Policy
Xoxoday’s code of conduct explicitly prohibits harassment in all forms, including verbal, physical, and digital conduct. This covers interactions in workplace environments, on collaboration platforms such as Slack and Microsoft Teams, and during any company-related event or communication. Employees are provided with clear escalation channels and protections against retaliation for raising a concern.Anti-Bribery Policy
Xoxoday prohibits bribery and corrupt practices in all business dealings. Employees are prohibited from offering, accepting, or facilitating any form of improper payment or benefit to gain a business advantage. This aligns with internationally recognised anti-corruption frameworks and applies regardless of geography or business function.Confidentiality of Information
Xoxoday requires all employees and third parties to protect confidential business information, including product roadmaps, customer data, commercial contracts, and internal financials. Confidentiality obligations are embedded in employment agreements and extended through offboarding procedures to prevent inadvertent or intentional disclosure after a person leaves the organisation.Privacy and Data Protection
Xoxoday’s code of conduct reinforces obligations under applicable data protection laws, including GDPR and other regional privacy regulations. Employees handling personal data — whether through HRIS integrations with systems like Workday, SAP SuccessFactors, or Darwinbox, or through Xoxoday’s own platform — are required to process that data lawfully, securely, and only for its intended purpose. These conduct requirements complement Xoxoday’s technical security posture, which includes ISO 27001 certification and SOC 2 Type II attestation.How the Policy is Maintained
Xoxoday reviews the Workplace Ethics and Code of Conduct Policy on a regular basis to reflect changes in law, organisational structure, and operational risk. New employees receive the policy as part of onboarding, and it is accessible to all staff through internal documentation systems. Learn more: Xoxoday Help Centre — OverviewData Privacy and Protection at Xoxoday
How Xoxoday handles personal data, GDPR compliance, and privacy obligations across its platform and integrations.
Security Certifications and Compliance
An overview of Xoxoday’s ISO 27001 and SOC 2 Type II certifications and what they mean for enterprise customers.