Supplier Code
of Conduct

At DIGITAL PROTOTYPE LTD, our operational integrity is mathematically linked to the reliability of our supply chain. We engineer bespoke, high-availability architectures that demand absolute security and deterministic performance.

Consequently, we expect our vendors, sub-contractors, infrastructure providers, and freelance architects ("Suppliers") to adhere to the exact same uncompromising ethical, security, and operational standards that we mandate internally. This Supplier Code of Conduct outlines the non-negotiable baseline for doing business with our Agency.

Suppliers who interact with our internal networks or client infrastructure must comply with our strict Sovereign Perimeter Control protocols:

• Zero-Trust Adherence: Suppliers must implement rigorous Identity and Access Management (IAM), utilizing multi-factor authentication (MFA) and least-privilege role-based access control (RBAC) for their own staff.
• Data Encryption: All data transmitted to or from the Agency must be encrypted in transit via TLS 1.3. Any persistent data stored on behalf of the Agency must be encrypted at rest utilizing AES-256 minimum standards.
• Incident Reporting: Suppliers are contractually obligated to report any verified security anomaly, data breach, or cryptographic failure affecting the Agency's assets within exactly 24 hours of detection.

We operate within strict European legal frameworks and maintain a zero-tolerance policy towards corruption, bribery, and financial obfuscation:

• Anti-Bribery: Suppliers must never offer, promise, give, or accept any bribes, kickbacks, or illicit financial advantages to influence deterministic business decisions.
• KYC / AML Parity: Suppliers must maintain their own Know Your Customer (KYC) and Anti-Money Laundering (AML) controls to ensure no illicit funds or sanctioned entities enter our collective supply chain.
• Conflict of Interest: Suppliers must transparently declare any potential conflicts of interest, including overlapping equity or board memberships that could compromise objective engineering decisions.

In direct alignment with our Modern Slavery Statement, we require all Suppliers to aggressively protect human rights across their own operations:

• No Forced Labor: Suppliers must categorically prohibit human trafficking, forced labor, debt bondage, and child labor.
• Fair Remuneration: Suppliers must provide their engineers and staff with fair compensation that meets or exceeds local legal minimums, ensuring standard working hours in accordance with the International Labour Organization (ILO).
• Non-Discrimination: We mandate a meritocratic, engineering-first culture. Suppliers must not discriminate based on race, gender, religion, sexual orientation, or physical ability.

If a Supplier acts as a Sub-Processor of personal or corporate data on behalf of DIGITAL PROTOTYPE LTD, they are bound by strict European data residency laws:

The Supplier must process data exclusively within the European Economic Area (EEA) unless explicitly authorized via Standard Contractual Clauses (SCCs). The Supplier must not monetize, broker, or deploy aggressive tracking telemetry on any data associated with our Agency or our Enterprise Clients.

Trust is verified, not assumed. DIGITAL PROTOTYPE LTD reserves the right to conduct deterministic security and compliance audits of our Suppliers' infrastructure and operational records, either directly or via an authorized third-party cryptographic auditor.

Any material breach of this Supplier Code of Conduct will result in the immediate, non-negotiable termination of the Master Services Agreement (MSA) and the systematic revocation of all network access credentials, without financial penalty to the Agency.

Last Compiled and Verified: October 2024 (Version 1.0.0)