Policies

Policies

Human Rights Policy

We are committed to conducting business in an ethical manner that respects human rights. It is Ecovyst’s policy that our company and our vendors, suppliers, contractors, consultants, and agents must comply with all applicable human rights laws and not utilize any form of forced labor, human trafficking, or modern-day slavery. Any allegations of violations of this policy will be thoroughly investigated, and if appropriate, corrective actions will be taken.

We adhere to UK Modern Slavery Act 2015 and California Transparency in Supply Chains Act 2010 and other representative regulations and encourage our supply chain to take active measures to do the same.

Code of Conduct

We maintain a robust Code of Conduct that sets forth the guiding ethics and compliance principles that all of Ecovyst’s employees must adhere to.

Labor Policy (EEO)

Ecovyst is an Equal Opportunity Employer, and we are committed to our long-standing values of inclusiveness and anti-discrimination practices. Ecovyst does not discriminate based on race, color, religion, sex, sexual orientation, pregnancy, gender identity and expression, national origin, disability, age (40 and above), ancestry, veteran status, genetic information, marital status, or any other classification prohibited by applicable law. These values run true throughout our organization, subsidiaries, and affiliates, underpinning our Equal Employment Opportunity Policy Statement.

Training

We believe in the ongoing training and development of our people across all facets of the organization. We have regular training across health, safety, environment, and security (HSES); ethics; Code of Conduct; and cybersecurity. We also have a robust leadership training program and training for all HR policies on an ongoing basis to promote excellence across the organization and provide opportunities to our team members. All employees must take Code of Conduct training within a few weeks of hire.

Additionally, Ecovyst conducts HSES training using several different formats ranging from face-to-face and on-the-job training to the use of customized digital technology. We use multiple digital and video training systems for our remote employees and in situations where we are unable to hold larger in-person meetings, to extend compliance throughout Ecovyst.

Sarbanes Oxley Compliance (SOX)

Ecovyst management is responsible for establishing and maintaining adequate internal control over financial reporting as defined in Rules 13a-15(f) and 15d-15(f) under the Exchange Act. Applying the criteria for effective internal control over financial reporting described in the “Internal Control Framework” (2013) set forth by the Committee of Sponsoring Organizations of the Treadway Commission (COSO), management continuously assesses the Company’s internal controls and reports the results of those assessments in our periodic filings with the SEC.

In 2022, we evaluated our SOX controls and improved our processes. Our effectiveness assessments are audited by PricewaterhouseCoopers LLP, an independent registered public accounting firm. Their opinion is also included in our periodic filings with the SEC.

Whistleblower Policy

Ecovyst has set up a comprehensive policy for employees to report perceived ethics violations or other allegations of wrongdoing at the company. Employees are trained, via the Ecovyst Code of Conduct, in-person training and other communications, that they must report violations: to the Chief Administrative Officer; the Chief Compliance Officer; or anonymously through the Ecovyst Concern Line, a dedicated hotline operated by an independent third-party organization. We do not tolerate retaliation against employees who report concerns of wrongdoing. All cases reported either directly to company management or through the Ecovyst Concern Line are thoroughly investigated, and when necessary, corrective actions are instituted in a timely fashion.

Complaint Investigation Process

We have had our whistleblower hotline, the Ecovyst Concern Line, in place since 2004. It is comprised of dedicated phone lines, both domestic and international, and a web site that allows employees to have a risk free and anonymous way to express concerns or identify activities that may be a violation of company policies, local laws, or the company’s Code of Conduct. We believe our complaint investigation process supports our express interest in providing a safe and fair environment for all employees, no matter where they work within our organization.

Data Privacy and Cybersecurity

Our data privacy policies are kept up-to-date and are shared with all employees. Additionally, we have detailed cybersecurity measures in place, along with distinct reporting requirements, to protect company intellectual property during employee travel to regions considered a higher risk for loss of intellectual property. The policies apply to all electronic media and devices hosting company data and to all employees, contractors, consultants, temporary workers, and agents operating on behalf of the company.

Our employees are also required to maintain the secrecy of third-party confidential information that may be provided to the Company and protect the personally identifiable information of individuals in accordance with the EU’s General Data Protection Regulation and other applicable laws.

We also have a Cybersecurity Incident Response Policy in place that establishes standards for responding to any kind of cybersecurity incident. We are dedicated to protecting personal identifiable information and the company’s daily operations. And finally, we have internal policies in place to provide timely responses to any form of cybersecurity incident/ breach to protect the company’s intellectual property, as well as abide by all relevant local laws.