Code of Business Conduct | Cohesity

Code of Business Conduct

(2018)

1. Introduction

This Code of Business Conduct (the “Code”) covers a wide range of business practices and procedures. It does not cover every issue that may arise, but it sets out basic principles to guide all directors, officers and employees of Cohesity, Inc. and its subsidiaries (collectively, “Cohesity”). All directors, officers and employees of Cohesity must conduct themselves accordingly and seek to avoid even the appearance of improper behavior. The Code should also be provided to and followed by Cohesity’s agents and representatives, including consultants.

If you violate the standards in the Code, you may be subject to disciplinary action, up to and including immediate termination of employment. If you are in a situation that you believe may violate or lead to a violation of the Code, contact your manager or Human Resources.

You may also always contact any member of Cohesity’s legal department for advice or questions. You may ask any of Cohesity’s attorneys to keep a conversation confidential and the attorneys will advise you on the rules of engagement for such a conversation to remain so.

If a law conflicts with a policy in the Code, you must comply with the law. If you have any questions about these conflicts, ask your manager or Human Resources how to handle the situation. The Code supersedes all other codes of conduct, policies, procedures, instructions, practices, rules or written or verbal representations to the extent that they are inconsistent with the Code. We are committed to continuously reviewing and updating our policies and procedures. The Code, therefore, is subject to modification.

Nothing in this Code modifies Cohesity’s at-will employment relationship with its employees, which may only be modified in an express written agreement signed by the employee and Cohesity’s Chief Executive Officer.

2. Purpose

The Code seeks to deter wrongdoing and to promote:

  • Honest and ethical conduct, including the ethical handling of actual or apparent conflicts of interest between personal and professional relationships;
  • Full, fair, accurate, timely and understandable disclosure in reports and documents that Cohesity may file with, or may submit to, the Securities and Exchange Commission (the “SEC”) and in other public communications made by Cohesity;
  • Compliance with applicable governmental laws, rules and regulations;
  • The prompt internal reporting to an appropriate person or persons of violations of the Code; and
    Accountability for adherence to the Code.

3. Compliance With Applicable Laws, Rules and Regulations

Obeying the law is the foundation on which Cohesity’s ethical standards are built. You must comply with applicable laws, rules and regulations. Although you are not expected to know the details of these laws, it is important to know enough to determine when to seek advice from managers or other appropriate personnel.

4. Conflicts of Interest

Conflicts of interest are prohibited as a matter of Cohesity policy, except in with the informed written consent of the Board of Directors of Cohesity (the “Board”) or with the informed written consent of Cohesity’s Chief Executive Officer or Chief Financial Officer.

A “conflict of interest” exists when a person’s private interests interfere or conflict in any way with the interests of Cohesity. Examples of when a conflict of interest may arise include, but are not limited to:

The Code seeks to deter wrongdoing and to promote:

  • When a director, officer or employee takes actions or has interests that may make it difficult to perform his or her work objectively and effectively.
  • When a director, officer or employee, or a member of his or her family, receives improper personal benefits as a result of his or her position with Cohesity.
  • Almost always, when an employee works simultaneously for a competitor or, except on our behalf, a customer or supplier. You are not allowed to work for a competitor in any capacity.
  • When a director, officer or employee serves as a director of any company that competes with Cohesity.
  • When a director, officer or employee has a business or financial interest in a customer, supplier, developer or competitor of Cohesity.
  • When a director, officer or employee conducts Cohesity business with a relative or significant other, or with a business with which a relative or significant other is associated in any significant role.

Conflicts of interest may not always be clear-cut, so if you have a question, you should consult with higher levels of management or Cohesity’s Chief Executive Officer or Chief Financial Officer. If you become aware of a conflict or potential conflict, you should bring it to the attention of a manager, Human Resources or other appropriate personnel or consult the procedures described in Section 16 of the Code.

5. Corporate Opportunities

You are prohibited from taking for yourself opportunities that are discovered through the use of corporate property, information or position without the informed prior consent of the Board. You may not use corporate property or information obtained through your position with Cohesity for improper personal gain, and you may not compete with Cohesity directly or indirectly. Furthermore, you owe a duty to Cohesity to advance its legitimate interests when such an opportunity arises.

6. Competition and Fair Dealing

Cohesity seeks to outperform its competition fairly and honestly. Using or disclosing, or encouraging others to use or disclose, other companies’ proprietary, confidential or trade secret information without the owner’s prior consent and any theft or misappropriation of such information is strictly prohibited. You should endeavor to respect the rights of and deal fairly with Cohesity’s customers, suppliers, competitors and employees.

7. Gifts

The purpose of business entertainment and gifts in a commercial setting is to create good will and sound working relationships, not to gain unfair advantage with customers. No gift or entertainment should ever be offered, given, provided or accepted by you unless it:

The Code seeks to deter wrongdoing and to promote:

  • is not a cash gift (including gift cards),
  • is consistent with customary business practices,
  • is not “excessive in value” (see below for guidance),
  • cannot be construed as a bribe or payoff, and
  • does not violate any laws or regulations.

The factors above are understandably complex and can be difficult to navigate because circumstances are not always black and white. Here are some guidelines to help you:

  1. Anything with a value of $100 or greater should receive extra scrutiny.
    • It is, however, possible to violate the Code with a value under $100 (or no monetary value at all) based on the facts and circumstances.
    • It is also possible to be compliant with gifts over $100, such as distributing Cohesity branded backpacks for marketing purposes; or taking a customer or prospect to a reasonable dinner for a business discussion.
  2. The rule of thumb is this: When in doubt, ask. In any non-obvious situation, you should make certain that another Cohesity employee is aware of your determination. (Your manager, or a senior member of finance, legal or HR)

8. Gifts & Payments to Government Personnel

In addition to Section 7, you must take extra precautions when dealing with foreign or U.S. government officials, including employees of enterprises that are owned (in whole or in part) by foreign governments.

The U.S. Foreign Corrupt Practices Act and the UK Bribery Act prohibit giving anything of value, directly or indirectly, to officials of foreign governments or foreign political candidates in order to obtain or retain business. It is strictly prohibited to make illegal payments to government officials of any country.

In addition, the U.S. government has a number of laws and regulations regarding business gratuities that may be accepted by U.S. government personnel. The promise, offer or delivery to an official or employee of the U.S. government of a gift, favor or other gratuity in violation of these rules would not only violate Cohesity policy, but could also be a criminal offense. State and local governments, as well as foreign governments, may have similar rules. Cohesity’s Chief Financial Officer can provide guidance to you in this area.

9. Training

It is your responsibility to complete all training that Cohesity makes available to you related to this Code of Conduct. Training is not optional.

10. Public Disclosure of Information

The federal securities laws require Cohesity to disclose certain information. In addition, from time to time, Cohesity makes other public communications, such as issuing press releases.

Cohesity expects all directors, officers and employees who are involved in the preparation of public documents to ensure that the information disclosed in those documents is full, fair, accurate, timely and understandable.

To the extent that you reasonably believe that questionable accounting or auditing conduct or practices have occurred or are occurring, report those concerns to Cohesity’s Chief Executive Officer or Chief Financial Officer or in accordance with Company’s Whistleblower policy.

11. Discrimination, Harassment and Retaliation

The diversity of Cohesity’s employees is a tremendous asset. Cohesity is firmly committed to providing equal opportunity in all aspects of employment and will not tolerate any illegal discrimination, harassment or retaliation of any kind. Examples of such behavior include derogatory comments based on racial or ethnic characteristics and unwelcome sexual advances. Please consult the Company’s employee handbook for more information on the Company’s policy against such conduct.

12. Health and Safety

Cohesity strives to provide its employees with a safe and healthy work environment. You are responsible for helping to maintain a safe and healthy workplace for all employees by following safety and health rules and reporting accidents, injuries and unsafe equipment, practices or conditions. Violence and threatening behavior are not permitted. Employees should report to work in condition to perform their duties, free from the influence of illegal drugs or alcohol. The abuse of alcohol or illegal drugs in the workplace will not be tolerated.

13. Record-Keeping

Many employees regularly use business expense accounts, which must be documented and recorded accurately in accordance with the Company’s policies. If you are not sure whether you may seek reimbursement for a certain expense, ask your manager or the Chief Financial Officer.

All of Cohesity’s books, records, accounts and financial statements must be maintained in reasonable detail, must appropriately reflect Cohesity’s transactions and must conform both to applicable legal requirements and to Cohesity’s system of internal controls. Unrecorded or “off the books” funds or assets should not be maintained unless permitted by applicable law or regulation.

14. Waivers of the Code

Waivers of the Code may only be granted by Cohesity’s Chief Financial Officer; provided, however, that any waiver of the Code for executive officers or directors may be granted only by the Board or a Board committee. Any such waiver of the Code for executive officers or directors, and the reasons for such waiver, will be disclosed as required by law.

15. Reporting Illegal or Unethical Behavior

You are encouraged to talk to managers or other appropriate personnel about observed illegal or unethical behavior or when in doubt about the best course of action in a particular situation. It is the policy of Cohesity not to allow retaliation for reports of misconduct by others made in good faith by employees. You are expected to cooperate in internal investigations of misconduct.

You may, on an anonymous basis, submit a good-faith concern regarding observed illegal or unethical behavior or questionable accounting or auditing matters without fear of dismissal or retaliation of any kind by calling or emailing Cohesity’s General Counsel.

16. Compliance Procedures

We must all work to ensure prompt and consistent action against violations of the Code. However, in some situations it is difficult to know if a violation has occurred. Since we cannot anticipate every situation that will arise, it is important that we have a way to approach a new question or problem. These are the steps to keep in mind:

  • Make sure you have all the facts. In order to reach the right solutions, we must be as fully informed as possible.
  • Ask yourself: What specifically am I being asked to do? Does it seem unethical or improper? These questions will enable you to focus on the specific question you are faced with and the alternatives you have. Use your judgment and common sense; if something seems unethical or improper, it probably is.
  • Clarify your responsibility and role. In most situations, there is shared responsibility. Are your colleagues informed? It may help to get others involved and discuss the problem.
  • Discuss the problem with your manager. This is the basic guidance for all situations. In many cases, your manager will be more knowledgeable about the question and will appreciate being brought into the decision-making process. Remember that it is your manager’s responsibility to help solve problems.
  • Seek help from Cohesity resources. In the rare case where it may not be appropriate to discuss an issue with your manager or where you do not feel comfortable approaching your manager with your question, discuss it with Cohesity’s Chief Financial Officer, General Counsel or Head of Human Resources.
  • You may report ethical violations in confidence and without fear of retaliation. If your situation requires that your identity be kept secret, your anonymity will be protected to the greatest extent possible. Cohesity does not permit retaliation of any kind against employees for good-faith reports of ethical violations.
  • Always ask first, act later. If you are unsure of what to do in any situation, seek guidance.