Modern Slavery Statement

Last updated: January 15, 2026

Modern Slavery and Human Trafficking Statement

Document owner: General Counsel, with Chief People Officer as co-owner Version: 3.0 Effective date: January 1, 2026 Last updated: January 15, 2026 Classification: Public — Trust Center Review cadence: Annual publication (within 6 months of fiscal year end) Company: Acme Cloud, Inc. Address: 1200 Market Street, Suite 400, San Francisco, CA 94103, USA Primary contacts: trust@acmecloud.com | security@acmecloud.com | privacy@acmecloud.com

Definitions and Key Terms

Term	Definition
Modern Slavery	Encompasses slavery, servitude, forced and compulsory labor, and human trafficking as defined under the UK Modern Slavery Act 2015 and international conventions
Human Trafficking	The recruitment, transportation, transfer, harboring, or receipt of persons by improper means for the purpose of exploitation
Forced Labor	Work or service extracted from any person under threat of penalty and for which the person has not offered themselves voluntarily
Child Labor	Work that deprives children of their childhood, potential, and dignity, and that is harmful to physical and mental development
Bonded Labor	Work performed as payment for a debt, where the worker has no control over the conditions or terms of the debt
Servitude	The obligation to provide services imposed by coercion, involving denial of freedom of movement and bodily autonomy
Tier 1 Supplier	Direct suppliers with primary contractual relationships and significant spend volume or operational criticality
Tier 2 Supplier	Indirect suppliers including subcontractors of Tier 1 suppliers and lower-spend vendors
Due Diligence	Processes to identify, prevent, mitigate, and account for adverse human rights impacts
Supply Chain	All organizations and activities involved in providing goods and services to the company, including subcontractors
Remediation	Measures taken to address identified human rights violations and provide remedy to affected individuals
UN Guiding Principles	United Nations Guiding Principles on Business and Human Rights, the authoritative global standard for corporate human rights responsibility
California Transparency in Supply Chains Act	SB 657 requiring disclosure of efforts to eradicate slavery and human trafficking from direct supply chains
UK Modern Slavery Act	UK legislation requiring commercial organizations to prepare annual slavery and human trafficking statements
ILO Core Conventions	International Labour Organization fundamental conventions covering forced labor, child labor, discrimination, and freedom of association
Whistleblower	An individual who reports suspected wrongdoing within an organization through internal or external channels
Grievance Mechanism	Processes through which affected individuals can raise concerns and seek remedy for adverse impacts

Scope and Purpose

This Modern Slavery and Human Trafficking Statement is made pursuant to Section 54 of the UK Modern Slavery Act 2015, the California Transparency in Supply Chains Act of 2010 (SB 657), and Acme Cloud, Inc.'s voluntary commitment to respecting human rights throughout our operations and supply chain consistent with the UN Guiding Principles on Business and Human Rights. This statement describes the steps taken during fiscal year 2025 (January 1 through December 31, 2025) to identify modern slavery risks, prevent modern slavery occurrence, mitigate potential impacts, and respond to any identified violations in our business operations and supply chains.

The statement scope encompasses all operations under Acme Cloud direct corporate control including our Delaware parent corporation, Irish subsidiary (Acme Cloud EU Ltd., Dublin, Ireland), and all supply chain relationships supporting our B2B cloud software business. This statement applies to procurement activities, vendor relationships, employment practices, and business partner engagements across all jurisdictions where we operate or source goods and services.

Organizational Structure and Operations

Acme Cloud, Inc. is a Delaware corporation headquartered at 1200 Market Street, Suite 400, San Francisco, CA 94103, USA. We provide B2B cloud collaboration and workflow automation software (Software-as-a-Service) to enterprise customers globally across industries including technology, financial services, healthcare, professional services, and government.

Corporate Structure

Entity	Jurisdiction	Role	Employees
Acme Cloud, Inc.	Delaware, USA	Parent company; US operations	~295
Acme Cloud EU Ltd.	Dublin, Ireland	European operations; EU data residency	~45

Workforce Composition

Category	FY2025 Count	Employment Type	Geographic Distribution
Full-time employees	332	Direct employment	US (28 states), Ireland
Part-time employees	8	Direct employment	US, Ireland
Contractors	28	Contract engagement	US, Ireland, UK
Total workforce	368	—	30 jurisdictions

Our business model is exclusively software-as-a-service (SaaS). We do not manufacture physical products, operate production facilities, or engage in agriculture, mining, construction, or other industries with historically elevated modern slavery risk. Our supply chain consists predominantly of professional services, cloud infrastructure, software tooling, and office-related goods and services.

Revenue and Operations Profile

Metric	FY2025 Value	Notes
Annual revenue	$48M ARR	Enterprise SaaS contracts
Geographic revenue mix	US 72%, EU 23%, Other 5%	Enterprise customer locations
Employee count	340	See workforce table above
Office locations	2	San Francisco (HQ), Dublin
Remote workforce	95%	Remote-first operating model

Supply Chain Overview

Supply Chain Risk Categorization

Category	Description	Key Suppliers	Annual Spend	Geographic Distribution	Modern Slavery Risk Assessment
Cloud Infrastructure	IaaS computing, storage, networking	Amazon Web Services	$4.2M	Global (US, EU primary)	Low — Public company with published human rights commitments and supply chain audits
Identity & Security	Authentication, endpoint protection, WAF	Okta, Cloudflare, CrowdStrike	$890K	US	Low — Public companies with published policies
Payment Processing	Billing infrastructure, payment handling	Stripe	$420K	US, Ireland	Low — Public company with compliance programs
Communications	Email delivery, video conferencing, messaging	Twilio SendGrid, Zoom, Slack	$340K	US	Low — Public companies with established policies
Professional Services	Legal, accounting, recruiting, consulting	Various law firms, Big 4 accounting, recruiters	$1.8M	US primarily	Low-Medium — Knowledge worker services
Office & Facilities	Coworking space, catering, cleaning, security	WeWork, local vendors	$680K	San Francisco, Dublin	Medium — Service sector with subcontracted labor
Hardware	Employee computing devices, accessories	Apple, Dell, peripherals vendors	$520K	Global supply chains	Medium — Electronics manufacturing supply chains
Marketing & Events	Agencies, venues, promotional merchandise	Various agencies and suppliers	$440K	US, EU	Medium — Promotional goods manufacturing
Software & SaaS	Development tools, productivity software	Various vendors	$1.1M	US, EU	Low — Digital products

Risk Analysis by Industry Sector

Acme Cloud does not operate in industries with historically high modern slavery prevalence such as agriculture, fishing, mining, garment manufacturing, construction, or domestic work. Our primary modern slavery risk exposure is indirect through:

Risk Vector	Description	Exposure Level	Mitigation Approach
Electronics Supply Chain	Employee devices sourced from global manufacturers with complex supply chains	Medium	Prefer vendors with published supply chain audits; RBA membership verification
Promotional Merchandise	Branded goods potentially manufactured in regions with labor rights concerns	Medium	Vendor questionnaire; certification requirements; limited merchandise production
Facilities Services	Cleaning, catering, security services often using subcontracted labor	Medium	Vendor Code of Conduct; site manager oversight; worker complaint mechanisms
Event Production	Venues and staffing agencies for corporate events	Low-Medium	Event vendor vetting; venue labor practice verification
Professional Services	Limited risk but monitored for completeness	Low	Standard vendor terms; employment verification

Policies and Governance Framework

Human rights and modern slavery prevention expectations are embedded across multiple Acme Cloud policies creating an integrated governance framework.

Policy Framework

Policy	Modern Slavery Relevance	Key Provisions	Owner
Code of Conduct	Primary employee policy prohibiting forced labor and human trafficking	Prohibition of forced labor, child labor, human trafficking; reporting obligations; disciplinary consequences	General Counsel
Vendor Code of Conduct	Contractual supplier requirements for human rights standards	Compliance with applicable labor laws; forced and child labor prohibition; safe working conditions; audit rights	VP Operations
Whistleblower Policy	Reporting channel for supply chain and human rights concerns	Anonymous reporting available; non-retaliation protection; investigation procedures	General Counsel
Third-Party Risk Management	Vendor assessment framework including labor practice evaluation	Risk-based vendor assessment; ongoing monitoring; contract termination provisions	CISO
Procurement Policy	Sourcing guidelines integrating human rights considerations	Due diligence requirements; preferred supplier criteria; ethical sourcing guidance	CFO
Employee Handbook	Employment practices ensuring fair treatment	Anti-discrimination; wage and hour compliance; grievance procedures	CPO

Governance Oversight

Governance Body	Modern Slavery Responsibilities	Frequency
Board of Directors	Approve annual Modern Slavery Statement; strategic oversight of human rights program	Annual approval; periodic updates
Executive Leadership Team	Program accountability; resource allocation; remediation decisions	Quarterly review
General Counsel	Statement preparation; legal compliance; policy maintenance; training oversight	Continuous
Chief People Officer	Employment practices; worker welfare; internal grievance mechanisms	Continuous
VP Operations	Vendor management; supply chain due diligence; facilities oversight	Continuous
CISO	Third-party risk assessment integration; vendor security and labor practice review	Continuous

Due Diligence Processes

Vendor Onboarding Due Diligence

All vendors exceeding $25,000 annual spend threshold undergo human rights due diligence prior to contract execution.

Due Diligence Element	Description	Threshold	Evidence Collected
Labor Practices Questionnaire	Self-attestation covering forced labor, child labor, working conditions	All vendors >$25K	Completed questionnaire with authorized signature
Subcontractor Disclosure	Identification of material subcontractors and their geographic locations	All vendors >$25K	Subcontractor list with countries of operation
Policy Verification	Review of vendor's human rights and labor policies (if published)	Tier 1 vendors	Policy documents or attestation
Public Screening	Adverse media screening for human rights violations	All vendors >$50K	Screening report with findings
Certification Review	Industry-specific certifications (SA8000, RBA membership, etc.)	High-risk categories	Certification evidence
Geographic Risk Assessment	Evaluation based on vendor operations in high-risk countries	All vendors	Country risk mapping

Labor Practices Questionnaire Content

The Acme Cloud Labor Practices Questionnaire addresses the following areas:

Forced and Bonded Labor: Prohibition of forced, bonded, or indentured labor; voluntary employment; freedom to terminate employment; no identity document retention; no unreasonable restrictions on worker movement
Child Labor: Age verification procedures; compliance with minimum age laws; prohibition of hazardous work for young workers; educational opportunity protection
Working Hours: Compliance with legal working hour limits; overtime policies; rest day provisions; emergency overtime procedures
Wages and Benefits: Minimum wage compliance; overtime compensation; benefit provision; payroll documentation; wage deduction limitations
Freedom of Association: Worker representation rights; collective bargaining accommodation; no retaliation for organizing activities
Discrimination: Non-discrimination policies; equal opportunity employment; harassment prevention
Health and Safety: Safe working conditions; personal protective equipment; emergency procedures; hazard communication
Subcontractor Management: Flow-down of labor standards to subcontractors; subcontractor monitoring procedures

Enhanced Due Diligence for High-Risk Categories

Category	Enhanced Measures	Frequency
Electronics (hardware)	RBA membership verification; conflict minerals due diligence; supply chain audit review	Annual at contract renewal
Promotional Merchandise	Manufacturing location disclosure; factory certification (SA8000/WRAP/BSCI); order-specific attestation	Per production order
Facilities Services	Worker interview rights; wage verification; subcontractor audit rights	Annual + site inspections
Event Production	Venue labor practice attestation; staffing agency certification review	Per event

Contractual Requirements

Standard vendor agreements incorporate the Acme Cloud Vendor Code of Conduct by reference, imposing binding contractual obligations:

Contractual Requirement	Vendor Obligation	Remedy for Breach
Legal Compliance	Comply with all applicable labor and employment laws	Material breach; termination rights
Forced Labor Prohibition	Prohibit forced, bonded, or involuntary labor throughout operations	Material breach; immediate termination
Child Labor Prohibition	Prohibit child labor; verify worker ages; comply with young worker protections	Material breach; immediate termination
Working Conditions	Provide safe and healthy working conditions; reasonable working hours	Material breach; cure period
Subcontractor Flow-Down	Impose equivalent requirements on material subcontractors	Material breach; cure period
Audit Rights	Permit audits upon reasonable notice for labor practice verification	Cooperation requirement
Notification	Promptly notify Acme Cloud of material labor practice violations	Immediate notification
Cooperation	Cooperate with investigations of reported concerns	Active cooperation

Ongoing Monitoring

Monitoring Activity	Scope	Frequency	Owner
Tier 1 Vendor Reassessment	Complete due diligence refresh for critical/high-spend vendors	Annual	Procurement
Adverse Media Screening	Automated screening for human rights violations	Quarterly for Tier 1; annually for Tier 2	Legal
Vendor Code Acknowledgment	Reconfirmation of Vendor Code of Conduct acceptance	At contract renewal	Procurement
Risk-Based Audits	On-site or desk-based audits for medium-risk suppliers	As triggered by risk indicators	Operations
Industry Monitoring	Tracking of sector-specific human rights developments	Continuous	Legal
Incident Investigation	Response to reported concerns or identified red flags	As needed	Legal

Risk Assessment Results (FY2025)

Acme Cloud conducted formal modern slavery risk assessment during Q3 2025, evaluating direct operations and supply chain against likelihood and severity criteria.

Direct Operations Assessment

Risk Area	Assessment	Risk Level	Rationale	Mitigation
Employee Labor Practices	Compliant	Low	Direct employment under US/Ireland labor law; verified wage and hour compliance; no high-risk labor sourcing	HR policies; payroll audits; grievance channel
Contractor Engagement	Compliant	Low	Professional service contractors; written agreements; verified business entities	Contract requirements; payment verification
Office Operations	Compliant	Low	Professional office environments; no production activities	Facility safety policies

Supply Chain Assessment

Supplier Category	Assessed Suppliers	Risk Distribution	High Priority Concerns	Actions Taken
Cloud Infrastructure	1	100% Low	None	Annual policy verification
Identity & Security	4	100% Low	None	Standard vendor management
Payment Processing	1	100% Low	None	Standard vendor management
Professional Services	18	95% Low, 5% Medium	Recruiting subcontractors	Enhanced questionnaire
Facilities Services	6	33% Low, 67% Medium	Cleaning, catering subcontractors	Site inspections; worker access
Hardware	3	33% Low, 67% Medium	Electronics manufacturing	RBA verification; policy review
Marketing & Events	9	56% Low, 44% Medium	Merchandise manufacturing	Factory attestations required

Key Findings

Finding	Category	Action	Status
No instances of modern slavery identified	All	Continue monitoring	Ongoing
Limited visibility into hardware Tier 2+ suppliers	Hardware	Enhanced supplier disclosure requirements	Implemented Q4 2025
Cleaning contractor subcontractor documentation gaps	Facilities	Direct subcontractor attestation required	Completed Q3 2025
Merchandise supplier geographic concentration in high-risk region	Marketing	Factory certification requirement implemented	Implemented Q4 2025

Training and Awareness

Training Program Overview

Training Program	Target Audience	Content	Completion Rate FY2025	Frequency
Code of Conduct	All employees	Human rights overview; forced labor/trafficking definitions; reporting obligations	100%	Onboarding + Annual
Modern Slavery Module	All employees	Modern slavery indicators; supply chain risks; whistleblower procedures	98.2%	Annual
Vendor Due Diligence	Procurement & Finance	Risk assessment methodology; questionnaire administration; red flag identification	100%	Annual
Supply Chain Human Rights	Category Managers	Category-specific risks; enhanced due diligence procedures; remediation protocols	100%	Annual
Executive Briefing	Leadership Team	Program overview; regulatory developments; strategic implications	100%	Annual

Training Content Details

Code of Conduct Module covers: definition of forced labor, human trafficking, and modern slavery; prohibition of these practices in Acme Cloud operations; employee obligation to report concerns; non-retaliation protections; consequences of violations; case studies illustrating red flags.

Vendor Due Diligence Training covers: questionnaire administration procedures; document verification techniques; red flag indicators including unusual recruitment practices, worker housing arrangements, document retention, excessive overtime, wage irregularities; escalation procedures for concerning responses.

Supply Chain Category Training provides specialized guidance for: electronics category (conflict minerals, factory audits, RBA standards); facilities services (subcontractor mapping, worker interviews, wage verification); marketing and events (merchandise certification, venue labor practices).

Key Performance Indicators (FY2025)

Due Diligence Metrics

Metric	FY2024	FY2025	Target	Status
New vendors assessed at onboarding	38	47	All >$25K	Met
Tier 1 vendors with human rights policy verified	12/12 (100%)	15/15 (100%)	100%	Met
Tier 2 vendors with questionnaire completed	N/A	32/38 (84%)	80% (new FY2025)	Met
Vendor Code of Conduct acknowledgments	89%	94%	100%	In progress
Enhanced due diligence completed (high-risk categories)	8	14	All high-risk	Met

Monitoring Metrics

Metric	FY2024	FY2025	Notes
Vendor audits conducted	2	4	Facilities services (2), merchandise (1), hardware (1)
Adverse media alerts requiring investigation	3	2	None substantiated
Reports via whistleblower channel (supply chain)	0	0	—
Contract terminations for labor violations	0	0	—

Training Metrics

Metric	FY2024	FY2025	Target
Code of Conduct training completion	99%	100%	100%
Modern slavery module completion	96%	98.2%	98%
Procurement team specialized training	100%	100%	100%

Program Effectiveness Indicators

Indicator	FY2025 Result	Assessment
Modern slavery incidents identified	0	Effective controls; continued vigilance required
Supplier corrective actions required	2	Documentation gaps addressed; no substantive violations
Grievances received from supply chain workers	0	Mechanism available; awareness building ongoing
Regulatory enforcement actions	0	Compliance maintained

Numbered Policy Statements

Zero Tolerance: Acme Cloud, Inc. maintains zero tolerance for modern slavery, human trafficking, forced labor, bonded labor, and child labor in our operations and supply chains.
Legal Compliance: All Acme Cloud operations and supply chain activities shall comply with applicable labor laws including minimum wage, working hours, child labor protections, and worker safety requirements in each jurisdiction of operation.
Voluntary Employment: All employment and work performed for Acme Cloud or its suppliers shall be freely chosen without coercion, deception, or threat of penalty.
Document Retention Prohibition: Neither Acme Cloud nor its suppliers shall retain worker identity documents, passports, or work permits as a condition of employment.
Freedom of Movement: Workers shall have freedom of movement without unreasonable restrictions on their ability to enter or exit work premises or terminate employment with reasonable notice.
Child Labor Prohibition: Acme Cloud and its suppliers shall not employ individuals below the legal minimum working age or below 15 years of age (or 14 where permitted by ILO Convention 138), whichever is higher.
Recruitment Fee Prohibition: Workers shall not be required to pay recruitment fees, and any fees charged by labor agents or recruiters shall be borne by employers, not workers.
Due Diligence Obligation: All vendors exceeding $25,000 annual spend shall complete human rights due diligence prior to onboarding and at contract renewal.
Audit Rights: Acme Cloud reserves contractual rights to audit supplier labor practices and facilities upon reasonable notice.
Reporting Obligation: All employees, contractors, and business partners shall promptly report suspected modern slavery or human trafficking through available channels without fear of retaliation.
Non-Retaliation: Acme Cloud prohibits retaliation against any individual reporting modern slavery concerns in good faith.
Remediation Commitment: Where modern slavery is identified in our supply chain, Acme Cloud shall work with suppliers to remediate where possible, or terminate relationships where remediation is not feasible or suppliers fail to cooperate.
Annual Disclosure: Acme Cloud shall publish an annual Modern Slavery Statement within six months of fiscal year end, approved by the Board of Directors.
Continuous Improvement: The modern slavery prevention program shall be reviewed annually with improvements implemented based on emerging risks, regulatory developments, and best practices.

Grievance Mechanisms

Reporting Channels

Channel	Availability	Access	Anonymity	Response SLA
Ethics Hotline	24/7	Phone, web portal	Anonymous option	48-hour acknowledgment
Email (legal@acmecloud.com)	Business hours	Email	Confidential	48-hour acknowledgment
Manager Reporting	Business hours	In-person, email	Confidential	24-hour acknowledgment
External Legal Counsel	Business hours	Direct contact	Attorney-client privilege	48-hour acknowledgment
Regulatory Authorities	Varies	Direct reporting to labor authorities	Varies	Per authority

Process for Supply Chain Workers

Workers in Acme Cloud's supply chain may report concerns through:

Acme Cloud ethics hotline (available globally in multiple languages)
Direct email to legal@acmecloud.com
Their employer's internal grievance procedures
Local labor authorities or regulatory bodies

Acme Cloud investigates supply chain reports with equal priority to internal reports. Confirmed violations may result in vendor corrective action requirements, enhanced monitoring, or contract termination depending on severity and cooperation.

Investigation Procedures

Phase	Activities	Timeline	Owner
Receipt & Acknowledgment	Log report; acknowledge receipt; assess urgency	48 hours	Legal
Initial Assessment	Evaluate credibility; identify parties; determine scope	5 business days	Legal
Investigation	Gather evidence; interview witnesses; engage external investigators if needed	30 days (extendable)	Legal + External
Findings	Document conclusions; determine appropriate response	10 days post-investigation	Legal
Remediation	Implement corrective actions; notify stakeholders; monitor compliance	Per action plan	Operations + Legal
Closure	Document resolution; update procedures if needed	5 days post-remediation	Legal

Remediation and Improvement Plan

FY2025 Completed Actions

Action	Target	Status	Outcome
Update Vendor Code of Conduct with explicit modern slavery prohibitions	Q1 2025	Completed	Enhanced contractual protections
Add human rights screening to Tier 2 vendor onboarding	Q2 2025	Completed	84% coverage achieved
Publish internal reporting guidance for supply chain concerns	Q2 2025	Completed	Guidance distributed to all employees
Conduct enhanced due diligence for facilities services vendors	Q3 2025	Completed	4 vendors audited; gaps addressed
Implement factory certification requirement for promotional merchandise	Q4 2025	Completed	SA8000/WRAP/BSCI required
Extend adverse media screening to all Tier 1 vendors	Q4 2025	Completed	Quarterly screening implemented

FY2026 Planned Actions

Action	Target Quarter	Owner	Resources Required
Reduce due diligence threshold from $25K to $10K annual spend	Q1 2026	Procurement	System automation
Require Tier 1 vendors to provide annual modern slavery statement or equivalent	Q2 2026	Legal	Vendor communication
Conduct supplier diversity program review for labor practice alignment	Q2 2026	Operations	Third-party assessment
Map supply chain to UN Guiding Principles on Business and Human Rights framework	Q3 2026	Legal	Consultant engagement
Implement worker voice mechanism pilot for high-risk supplier workers	Q4 2026	Operations	Technology platform
Publish supplier human rights expectations guide	Q2 2026	Legal	Internal development
Conduct training refresher with updated case studies	Q1 2026	Legal + HR	Training platform

Framework Appendix

Alignment with International Standards

Standard	Description	Acme Cloud Implementation
UN Guiding Principles on Business and Human Rights	Authoritative global standard for corporate human rights responsibility	Policy framework; due diligence processes; grievance mechanisms; remediation commitment
ILO Declaration on Fundamental Principles and Rights at Work	Core labor standards including forced labor and child labor elimination	Vendor Code of Conduct requirements; supplier questionnaire coverage
UK Modern Slavery Act 2015	Disclosure requirements for commercial organizations	Annual statement publication; Board approval; continuous improvement
California Transparency in Supply Chains Act (SB 657)	Disclosure of supply chain efforts for companies doing business in California	Verification, auditing, certification, accountability, training disclosures
OECD Due Diligence Guidance for Responsible Business Conduct	Framework for identifying and addressing adverse impacts	Risk-based due diligence; stakeholder engagement; transparency
SA8000	Social accountability certification standard	Preferred supplier certification for high-risk categories
Responsible Business Alliance (RBA)	Industry coalition for supply chain responsibility in electronics	Hardware supplier RBA membership verification

Regulatory Mapping

Jurisdiction	Regulation	Requirements	Acme Cloud Compliance
United Kingdom	Modern Slavery Act 2015	Annual statement; Board approval; website publication	Annual statement published on Trust Center
California	SB 657	Disclosure of supply chain due diligence efforts	Covered in this statement
European Union	Corporate Sustainability Due Diligence Directive (draft)	Mandatory human rights due diligence (future)	Preparatory assessment underway
Australia	Modern Slavery Act 2018	Reporting requirement for entities >AUD 100M revenue	Monitoring applicability
Germany	Supply Chain Due Diligence Act	Due diligence obligations for certain companies	Monitoring applicability

Industry Collaboration

Acme Cloud participates in industry initiatives and information-sharing organizations to strengthen collective approaches to modern slavery prevention.

Initiative	Acme Cloud Participation	Activities
Business Software Alliance (BSA)	Member	Responsible supply chain working group participation
Tech Against Trafficking	Information partner	Information sharing; tool development support
Responsible Business Alliance (RBA)	Observer	Electronics supply chain standards monitoring
UN Global Compact	Aligned	Principles integration; annual Communication on Progress planned

Board Approval

This Modern Slavery and Human Trafficking Statement was reviewed and approved by the Board of Directors of Acme Cloud, Inc. on January 10, 2026.

Sarah Chen, Chief Executive Officer Acme Cloud, Inc.

Document revision history

Version	Date	Author	Summary of changes
1.0	2024-06-01	Legal & Compliance	Initial Trust Center publication
2.0	2025-03-15	GRC Program	SOC 2 Type II alignment refresh; expanded subprocessors
2.5	2025-09-01	Security Engineering	Encryption standards update; ISO 27001 mapping
3.0	2026-01-15	Trust Center Program	Full procurement-grade expansion; 34-document set

Statement Publication History

Fiscal Year	Publication Date	Key Updates	Word Count
FY2023	March 2024	Initial statement publication	2,100
FY2024	January 2025	Vendor questionnaire expansion; training metrics	2,800
FY2025	January 2026	Tier 2 vendor coverage; KPI tables; remediation tracking; framework alignment	4,500+

Contact

Acme Cloud, Inc. 1200 Market Street, Suite 400 San Francisco, CA 94103, USA

Channel	Email	Use case
Trust & procurement	trust@acmecloud.com	Security questionnaires, trust reviews
Security	security@acmecloud.com	Incidents, vulnerabilities, control questions
Privacy	privacy@acmecloud.com	DSRs, privacy assessments
Legal	legal@acmecloud.com	Contractual, DPA, legal notices

Supply Chain Concern Contacts

Contact Method	Details	Use Case
Ethics Hotline	+1-800-555-0199 (toll-free)	Anonymous reporting of concerns
Legal Department	legal@acmecloud.com	Formal reports; legal questions
Trust Team	trust@acmecloud.com	General inquiries; statement questions
People Team	people@acmecloud.com	Employment-related concerns

Reports may be submitted in English; translation services available for other languages upon request.

Continuous Improvement Commitment

Acme Cloud recognizes that modern slavery prevention requires ongoing vigilance, continuous improvement, and adaptation to evolving risks and best practices. We commit to annual program review, stakeholder engagement, and transparent reporting of progress and challenges.

FY2026 priority areas include: extending due diligence coverage to smaller vendors, implementing worker voice mechanisms for direct feedback from supply chain workers, mapping our supply chain more completely to UNGP standards, and strengthening remediation protocols for any identified concerns.

This statement will be updated annually and published on the Acme Cloud Trust Center and corporate website within six months of fiscal year end.

Next Statement Publication: January 2027 (covering FY2026)