NetApp Slavery and Human Trafficking Statement

December 2015

The California Transparency in Supply Chains Act of 2010 and United Kingdom Modern Slavery Act of 2015 require certain businesses to disclose efforts to prevent or otherwise eradicate slavery and human trafficking from their supply chains. NetApp is committed to complying with these laws and ensuring that its employees and suppliers across the globe take appropriate steps to mitigate the risk of human trafficking and slavery in our supply chain.

Our commitment to human rights which covers topics such as forced labor, slavery, child labor and human trafficking is outlined in our own Human Trafficking Policy and NetApp’s Supplier Code of Conduct PDF. As an active member of the Electronic Industry Citizenship Coalition (EICC), NetApp has adopted the EICC Code of Conduct which prohibits the use of forced labor, including bonded, indentured labor or involuntary prison labor, human trafficking and child labor. Fundamental to adopting the Code is the understanding that a business, in all of its activities, must operate in full compliance with the laws, rules, and regulations of the countries in which it operates. The EICC Code contains specific requirements covering slavery and human trafficking and encompasses a broader vision than simply the elimination of human trafficking, to include compliance with global labor standards and applicable laws; worker health and safety; the environment; business ethics; and the management of internal systems and controls to ensure effective compliance. In addition to adopting the EICC Code, NetApp actively collaborates with our industry partners in the EICC to help identify best practices and to make recommendations on available tools and training.

NetApp’s internal policies and practices implement the EICC Code and are consistent with international labor and human rights standards. NetApp is committed to complying with the changes to the U.S. Government’s Federal Acquisition Regulation with regards to Combating Trafficking in Persons and expects our suppliers to comply (see our Trafficking in Persons Purchasing Policy PDF). We work with our supply chain to create an environment where workers may freely choose employment. This focus on labor and worker rights is part of a larger effort around supply chain transparency and accountability.

Verification, Certification and Supplier Audits

NetApp has taken actions to ensure transparency and the prevention of abuses in our supply chain, including:

NetApp Supplier Code of Conduct. First-tier suppliers are required to adopt and abide by NetApp’s Supplier Code of Conduct and to flow this requirement down their supply chains. Our Supplier Code of Conduct is aligned with the EICC Code of Conduct and implements its key sections, including workers’ rights, the eradication of forced labor, working conditions, and supplier accountability and reporting of non-conformance. Suppliers are required to demonstrate their compliance with the Code, including a management system that includes self-assessments and audits. NetApp regularly notifies our suppliers of their obligation to comply with our Supplier Code of Conduct and the EICC Code of Conduct.

NetApp Supplier and Partner Agreements. NetApp has master purchasing agreements or purchase order terms and conditions in place with our supply chain suppliers, requiring them to certify to their compliance with our policies, international standards and applicable laws governing human trafficking and forced labor. Where NetApp participates in a U.S. Government contract or subcontract, it flows down applicable clauses to its suppliers, such as FAR Clause 52.222-50, Combating Trafficking in Persons (MAR 2015).

Supplier Risk Assessments and Audits. NetApp conducts initial assessments of its top suppliers to identify the risks of non-compliance with NetApp’s Supplier Code of Conduct and EICC Code of Conduct, including the actual or potential risks of slavery and human trafficking occurrences. As a part of NetApp’s overall participation in the EICC's collaborative audit effort, we expect our suppliers to assess their conformance with the tenets of the Supplier Code of Conduct and EICC Code of Conduct with the completion of the EICC Self- Assessment Questionnaire. In addition, NetApp performs assessments, including risk screenings, of potential suppliers. NetApp also conducts internal audits and onsite supplier audits, via a third party, if deemed necessary to verify our supply chain’s conformance to the Supplier Code of Conduct and related standards and policies. If non-conformance is identified, we work closely with our suppliers to develop corrective action plans and close audit findings.

Internal Accountability

NetApp’s Code of Conduct PDF, which contains specific provisions on procurement from suppliers, vendors, and contractors and supply chain relationships, provides guidance to enable employees to put our company’s values into practice. It is available in 9 languages on NetApp’s intranet and in English on our company’s external website.

The principles embodied in our Code of Conduct reflect NetApp’s policies on, among other topics, compliance hotline, speaking up, investigations, anti-retaliation, diversity and discrimination, conflict minerals, antitrust, anti-bribery and anti-corruption and protecting our company’s assets and reputation. To ensure compliance with our Code and policies, NetApp conducts annual Code of Conduct training for all employees. Courses are administered and tracked through our NetApp University, an internal program that serves the technical and sales learning needs for NetApp employees, partners and customers. Employees who are new to NetApp are also required to take an interactive Code of Conduct course. Additionally, every employee is required to read the Code and certify that he or she has done so prior to joining NetApp.

NetApp’s Ethic and Compliance Program includes an Integrity & Compliance Office (“ICO”) and Global Business Conduct Councils. ICO oversees and administers NetApp’s Code of Conduct and is NetApp’s primary resource for developing and implementing programs and tools to ensure compliance with global laws and NetApp’s policies. Our Business Conduct Councils (“BCC”) are cross-functional governance bodies, comprised of senior leaders from Business, Human Resources, Finance, Internal Audit, Legal and Integrity and Compliance Office that identify and address compliance issues. They review company investigations, drive control improvements and identify and prioritize areas for global compliance focus. NetApp maintains a robust process for reporting slavery and human trafficking, including online channels, and our Code of Conduct contains a non-retaliation policy. Processes for informing senior management about allegations of slavery and human trafficking include periodic internal reports on the supply chain and details about key investigations that are in progress or completed.

Training and Awareness

NetApp offers specific training through forums and workshops to our employees who are responsible for supply chain management and our suppliers on slavery and human trafficking, specifically regarding how to identify and respond to supply chain issues in accordance with the EICC Code and applicable laws.