BUSINESS CONDUCT AND ETHICS POLICY

It is Company policy to observe the highest standards of ethics, honesty, and integrity at all times. Employees are required to uphold these standards at all times. They must not have any personal interest that conflicts in any way with the interest of the Company, its employees, its customers, or its shareholders. They must not act to cause conflicts for others with whom the Company does business. They must obey all applicable laws.

The Company, prohibits its employees or anyone acting on behalf of the Company from offering, promising, authorizing pay or providing money, gifts, or anything else of value directly or indirectly to any non-U.S. government official, political party or official thereof, or candidate for non-U.S. political office in order to assist the Company in obtaining, retaining, or directing business or (ii) otherwise violate the U.S. Foreign Corrupt Practices Act of 1977 (15 U.S.C. § 78dd-1, et seq.) or other similar applicable laws.

Further, it is Egnyte’s policy to prohibit our employees, affiliates, or any person associated with or acting on behalf of the Company from (i) using any funds for any unlawful contribution, gift, entertainment or other unlawful expense relating to political activity, (ii) making any direct or indirect unlawful payment to any foreign or domestic government official or employee, to any employee or agent of a private entity with which the Company does or seeks to do business (a Private Sector Counterparty) or to foreign or domestic political parties or campaigns from funds of the Company or any of its Subsidiaries, (iii) violating any provision of any applicable law or regulation implementing the OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions or any applicable provision of the U.S. Foreign Corrupt Practices Act of 1977, as amended, the U.K Bribery Act 2010, or any other similar law of any other jurisdiction in which the Company operates its business, including, in each case, the rules and regulations thereunder, (iv) taking any action in furtherance of an offer, payment, gift or anything else of value, directly or indirectly, to any person while knowing that all or some portion of the money or value will be offered, given or promised to anyone to improperly influence official action, to obtain or retain business or otherwise to secure any improper advantage or (v) otherwise making any bribe, rebate, payoff, influence payment, unlawful kickback or other unlawful payment; the Company and each of its respective subsidiaries has instituted and has maintained, and will continue to maintain, policies and procedures reasonably designed to promote and achieve compliance with the laws referred to in (iii) above and with this policy.

Not every instance of a violation of this policy can be anticipated. Listed here are specific examples. When in doubt about whether a particular matter violates this policy, an individual should seek guidance from the Legal Department and/or Chief Financial Officer.

• To give or to receive gifts of substance in connection with company business relationships. Receiving gifts (including free services, free club memberships, etc.) under circumstances which may be perceived as engendering a responsive “favor” must be reported to HR or the Legal Department for evaluation. This is not intended to restrict gifts of token value or routine business meals and entertainment.
• To own, directly or indirectly, a financial interest in suppliers, customers, or competitors except for publicly traded securities where the employee’s percentage of ownership is less than 1 percent. Financial interest includes loans, stock, contracts, joint ventures, and the like.
• To derive personal gain, directly or indirectly, from purchases or sales made by the Company, other transactions to which the Company is a party, use of Company assets, use of Company facilities, use of Company confidential information, use of Company opportunities, or use of Company personnel.
• To borrow money from or lend money to a supplier, customer, Company employee, or competitor. Normal personal and mortgage loans from banks and other financial institutions are permitted.
• To be a director, officer, employee, contractor, or consultant of a supplier, customer, or competitor or to receive income from these sources. Outside directorships may be permitted in limited circumstances, but only with the written approval of the CEO of the Company.
• To indicate, directly or indirectly, that any supplier or customer must purchase anything from or give anything to the Company or any Company employee in order to remain a supplier or customer.
• To violate applicable law pursuant to the instructions or direction of anyone, including a Company employee.
• To accept outside compensation for work that is already being paid for by the Company, or to accept outside employment that interferes in any way with the employee’s position with the Company.
• To sell, utilize, or disclose confidential information of the Company except in the pursuit of the best interests of the Company.
• To compete with the Company.
• To buy stock or securities of a company with which the Company is conducting or contemplating conducting acquisition negotiations.
• To use “insider” information to trade in Company stock or the stock of any publicly traded customer or supplier.
• To violate any applicable federal or state security or stock law.

Serious problems can be caused for the Company and the employee by unauthorized disclosure of internal information about the Company. Company employees should not discuss internal matters with anyone outside the Company, except as required in the performance of regular duties.

This prohibition applies specifically (but not exclusively) to inquiries about the Company that may be made by the financial press, investment analysts, or others in the financial community. It is important that all such communications on behalf of the Company be through an appropriately designated officer under carefully controlled circumstances.

Unless the employee is expressly authorized to the contrary, if any employee receives any inquiries of this nature, every employee should decline comment and refer the inquirer to the Chief Marketing Officer.

Employees are required to observe the spirit as well as the letter of this policy and to report in writing any situation that may give rise to a violation, however minor, to the Chief Executive Officer, HR or the Legal Department of the Company, without exception. This obligation extends not only to the potential violations personal to the employee but also to all violations known or suspected by him or her. Employees are also expected to cooperate fully in any investigation of a violation of this policy. Failure to report any violations, providing false information in an investigation, or failing to cooperate fully in any investigation may lead to discipline including immediate termination. Retaliation against employees who report suspected violations is not tolerated. Employees who believe they have been retaliated against for reporting suspected violations are to notify the Legal Department or the Chief Executive Officer.

No exceptions or modifications to this policy will be made unless approved in writing by the Legal Department, HR and the Chief Executive Officer.

Whenever an employee leaves, the Company expects the employee to continue to comply with those obligations that continue, such as the duty of loyalty and the duty not to trade on “insider” information.

The Company expects the strictest compliance with these procedures by all personnel at every level. Failure to observe them may result in serious legal difficulties for the employee, as well as for the Company. A failure to follow their letter and spirit will be considered a matter of extreme seriousness and may result in immediate termination of employment.

All employees must avoid situations involving actual or potential conflict of interest. Personal or romantic involvement with a competitor, supplier, or subordinate employee of the Company, which impairs an employee's ability to exercise good judgment on behalf of the Company, creates an actual or potential conflict of interest. Supervisor-subordinate romantic or personal relationships also can lead to supervisory problems, possible claims of sexual harassment, and morale problems.

An employee involved in any of the types of relationships or situations described in this policy should immediately and fully disclose the relevant circumstances to his or her immediate supervisor, or any other appropriate supervisor, for a determination about whether a potential or actual conflict exists. If an actual or potential conflict is determined, the Company may take whatever corrective action appears appropriate according to the circumstances. Failure to disclose facts shall constitute grounds for disciplinary action.

The Company recognizes and respects the individual employee's right to engage in activities outside of his or her employment that are private in nature and do not in any way conflict with or reflect poorly on the Company. Management reserves the right, however, to determine when an employee's activities represent a conflict with the Company's interests and to take whatever action is necessary to resolve the situation—including terminating the employee.

The list below suggests some of the types of activity that would reflect in a negative way on the employee's personal integrity or that would limit his or her ability to discharge job duties and responsibilities in an ethical manner:

• Simultaneous employment by another firm, particularly if the other firm is a competitor or supplier.
• Carrying on Company business with a firm in which the employee, or a close relative of the employee, has a substantial ownership or interest.
• Holding a substantial interest in, or participating in the management of, a firm to which the Company makes sales or from which it makes purchases.
• Borrowing money from customers or firms, other than recognized loan institutions, from which our Company buys services, materials, equipment, or supplies.
• Accepting substantial gifts or excessive “perks” from an outside organization or agency, as more fully described under the Anti-Corruption/Anti-Bribery section above.
• Speculating or dealing in materials, equipment, supplies, services, or property purchased by the Company.
• Participating in civic or professional organization activities in a manner whereby confidential Company information is divulged.
• Misusing privileged information or revealing confidential data to outsiders.
• Using one's position in the Company or knowledge of its affairs for outside personal gains.
• Engaging in practices or procedures that violate anti-trust laws or other laws regulating the conduct of Company business.

Employment by the Company carries with it a responsibility to be constantly aware of the importance of ethical conduct. Employees must refrain from taking part in, or exerting influence in, any transaction in which their own interests may conflict with the best interests of the corporation.

The Company conducts its business via a Software as a Service model and, in this regard, the Company does not per se export software to countries outside of the United States (except for software residing on Company servers based in Amsterdam, which are employed typically for storage of European Union/EEA customers). Also, certain applications are available for download through the Company’s website, and those applications work in tandem with the Company’s SaaS services. While the Company does not believe that downloads of those applications by customers outside of the United States pose any export issues, nevertheless the Company is cognizant that all transactions must be in accordance in all material respects with applicable provisions of United States export control laws and regulations, including but not limited to the Export Administration Act and implementing Export Administration Regulations. In this regard: (i) the Company will, as necessary, obtain all export licenses and other approvals required for exports by the Company of products, software and technologies from the United States; (ii) the Company will act in material compliance with the terms of all such export licenses or other approvals applicable to the Company; (iii) and the Company believes that there are no actions, conditions or circumstances that would reasonably be expected to give rise to any future claims pertaining to export violations.

In addition to export (and re-export) license laws, the United States government has enacted other specific mandates preventing U.S. entities from doing business with foreign countries or persons. For example, the Office of Foreign Assets Control (OFAC) of the US Department of the Treasury administers and enforces economic and trade sanctions based on US foreign policy and national security goals against targeted foreign countries and regimes, terrorists, international narcotics traffickers, those engaged in activities related to the proliferation of weapons of mass destruction, and other threats to the national security, foreign policy or economy of the United States. If the Company’s customers or business partners are (1) in a country to which export from the United States is restricted for anti-terrorism reasons, or a national of any such country, wherever located, (2) in a country to which the United States has embargoed or restricted the export of goods or services, or a national of any such country, wherever located, or (3) a person or entity who has been prohibited from participating in United States export transactions by any agency of the United States Government, then the Company may not provide its services to such entities or persons.

As of early 2019, the Company is actively prohibiting transactions with Bureau of Industry and Security (under the Department of Commerce) sanctioned countries, which are Cuba, Iran, North Korea, Sudan, and Syria.

Each Company employee is expected honor the Company’s commitment to comply with the above U.S. measures forbidding certain transactions. Company representatives – whether in a sales/business development role or procurement role – are to engage in research into the background/history of the entity with whom such representatives are contemplating a business relationship. In the event an employee identifies a potential or actual violation of such measures, an employee is immediately to bring such issue to the attention of his/her direct supervisor, plus either the Legal Department or Chief Executive Officer.

While the Company does not transact in a regulated industry, some of its customers do and they might be bound by anti-money laundering laws and/or regulations. For example, financial industry customers are required by FINRA to have anti-money laundering compliance programs. Egnyte’s policy is to be mindful and respectful of such policies, and Company representatives involved in sales and business development activities should always be on the lookout for non-ordinary course of business proposals that could involve an attempt to money launder funds illicitly acquired by the third party making a proposal. “Money laundering” is generally defined as engaging in acts designed to conceal or disguise the nature, control, or true origin of criminally derived proceeds so that those proceeds appear to have been derived from legitimate activities or origins or otherwise constitute legitimate assets. Company representatives should contact the Chief Financial Officer and Legal Department in the event that they are approached with a non-ordinary course of business proposition that might be a guise for an attempted money laundering scheme (ordinary course of business transactions typically should not give rise to a risk of money laundering). An example of a non-ordinary course of business proposition is the offer to pay a large sum of cash as a refundable advance on payment of fees during a trial period.

The Company is continually searching for ways to supplement employee self-discipline as it promotes compliance with the above laws and mandates. Below are some of the initiatives the Company employs or seeks to adopt:

• Periodic Employee Training: The Company’s Sales Operations Department will include the above policies as part of its routine onboarding training of new sales personnel (i.e. “bootcamps,” as well as during other relevant educational training sessions.
• DNS gateway blockers: The Company utilizes its DNS service providers’ capabilities to block access from restricted countries. Their filtering algorithm essentially prevents the lookup of all egnyte.com domains as a response to requests originating from such countries.
• Billing module restrictions: The Company seeks to utilize any available tools its Billing provider offers for rejecting credit card payments emanating from restricted countries.

Company policy is that the practice of accepting or delivering gifts or gratuities of substance is unnecessary, undesirable, and contrary to the interest of the Company.

The purpose of this policy is to:

• recognize the Company's responsibility to maintain good relations with its suppliers, customers and others with whom the Company may have business dealings,
• Prevent an appearance of or actual impropriety in delivering gifts or gratuities to others, including customers, suppliers and governmental representatives;
• and to prevent gift-bearing businesses or persons from interfering with and/or influencing employees.

Except as set forth under the Anti-Corruption/Anti-Bribery Policy, no employee may accept a gift or gratuity from any customer, vendor, supplier, or other person doing business with Egnyte because doing so may give the appearance of influencing business decisions, transactions or service. Please discuss with the Company in advance expenses to be paid by such persons for employee business meals or trips.