Ósar – lífæð heilbrigðis hf. and its subsidiaries, Icepharma hf. and Parlogis ehf. (hereafter referred to as “we”, “the Group” or “the companies”) work in an environment that is subject to law, regulations, and public supervision in various ways.  The nature of the operations calls for the companies and their employees to adhere to the strictest standards, laws, and rules when it comes to the ethics and communication with stakeholders.

It is the responsibility of employees to maintain the good reputation of the Group in both words and actions.  The Code of Ethics and Conduct has been set as support for the policies and values of the companies and are meant to serve as guidelines in communication with stakeholders, such as consumers, suppliers, customers, colleagues, regulatory authorities, patients, shareholders, competitors, as well as the community as a whole. These principles apply to all employees and administrators and are presented as minimum requirements.

The purpose of the principles is to promote honesty, transparency, justice, and fairness, and improve trust and trustworthiness towards the companies that form the Group, and their employees. Employees shall familiarize themselves with the principles and the related policies and adhere to them, along with general laws and regulations that apply to their field of employment. Should stricter requirements apply according to law, regulations, or contracts, they should take precedence over the general provisions of the principles. Violations to the Code of Ethics and Conduct are dealt with in accordance with the Disciplinary Policy of the Group.

By confirming to have read these principles, an employee commits to adhering to the principles and the related policies.

We want to participate in developing the community, enjoy, respect, and participate in social discourse in responsible manner. Respect is gained by our conduct and decisions. Our goal is to provide the healthcare sector with the best possible services at any given time, increase the quality of life of individuals, and promote improved health and well-being of Icelanders. Social responsibility is in that way intertwined with the objectives, goals, and ambition of the operation, and we make sure that our decisions constantly reflect our responsibility and values.

We have formulated a policy on social responsibility and sustainable development that applies to the Group as a whole.  The policy is a long-term plan on how we can make a contribution to a better and healthier community and environment, along with good governance and profitable operations.  Every year a sustainability report and settlement is published, based on the UFS criteria that support positive effects on the environment, social factors and governance, and guidelines of Nasdaq in Iceland for companies on the publication of information on social responsibility.

We comply in all respects with applicable national laws, regulations, and the strictest standards to which our professional operations are subject to. Not only do we communicate with our local customers and collaborators but also foreign parties, which means that in certain cases we are also bound by laws and regulations of the respective countries, as well as contractual criteria.

Additionally, we adhere to policies, procedures, guidelines, and other documents that together form the quality manual of Ósar and its subsidiaries and regularly hold training sessions for this purpose. Employees who communicate with healthcare employees are also obligated to operate in accordance with the EFPIA Code of Practice, and the MedTech Europe Code of Ethical Business Practice, as well as to comply with a contract with the Icelandic Medical Association on communication with physicians.

Complete trust is the prerequisite for responsible business practices. All employees are bound by rules of confidentiality as regards any information of which they gain knowledge and which should remain confidential according to law, supervisor’s instructions, or by its nature. The professional secrecy and confidentiality obligation is activated when the employee begins their employment is reiterated in employment contracts, and preferably remains in effect even after the end of employment. 

The above obligations of the employee involve, among other things, ensuring that outside parties shall never be informed of confidential information. Confidential information includes all information, in whatever form, that is connected to the work of the employee through which they gain knowledge of or access to and due to its nature must be handled as confidential information. 

The professional secrecy and confidentiality obligation applies both within and outside of the company that the employee works at. Employees shall keep it specifically in mind that competition is present not only between companies and outside parties but also in some cases between divisions/departments within the Group. In such cases, employees of certain departments or divisions are prohibited from informing staff of other departments or divisions of information regarding the work or operations of that unit. 

Violations of the secrecy and confidentiality obligation can have serious consequences for the reputation of the Group, and employees shall therefore comply with this obligation in every respect.

We work in an environment where the expectations of stakeholders, such as consumers, suppliers, and customers, become increasingly demanding, and swift changes in the business environment present an increased risk. We, therefore, place an emphasis on excellent quality and risk management and continuous development of our quality system, documented procedures, regular employee training, and ambitious work methods in all areas. We maintain professional competence and continuous progress through alertness and continuous learning, which allows us to operate in a satisfactory manner in a professional environment. Recorded procedures and documentation serve to ensure organized and coordinated working methods and equality in processing cases, in order to comply with quality standards, applicable laws, and regulations.

The quality system of the Group guarantees that all of our products are purchased from and disposed of by certified parties.

The Quality Policy of Ósar applies to the whole Group, and the Quality Manuals of the companies are accessible to employees. The Guarantors of the Quality Manuals are the quality managers of the companies. It is for the mutual benefit of us and our customers that our products and services fulfill all quality requirements at all times and the strictest environmental standards to ensure that neither people nor the environment are harmed.

We comply with laws, regulations, good practices, policies, work procedures established to support the operations, and other criteria that apply to our work at any given time. We conduct responsible, professional, fair, and honest business where no kind of bribery or corruption is practiced or tolerated.

We are determined to practice a zero-tolerance policy against unlawful business and follow a policy that is designed to ensure that the Group has an appropriate framework and protection against corruption and bribery, that employees shall be familiar with and work according to. We neither accept nor provide facility payments that can influence our judgment in our work or in any manner that is meant to encourage activities that are illegal, immoral, a breach of trust, or inappropriate in any way.

Precision, traceability, and transparency characterize our recording and documentation, which ensures the financial integrity of the Group. Policies and work procedures on data storage guarantee that our data is stored in the correct manner in accordance with laws, regulations, and contractual criteria.

We neither practice nor accept any type of money laundering, and perform an annual audit of the Group’s annual financial statements by a certified independent party that practices in accordance with international auditing methods.

Moral conduct consists of more than just complying with laws, regulations, policies, and operating procedures that have been set in support of the operations. Morals above all include social requirements for conduct and behavior, such as in communication with other people and our environment, i.e. basic rules regarding appropriate human behavior. Certainly, there may be different ideas on what is correct or incorrect human behavior, however, employees shall avoid anything in their work or outside the workplace that could degrade their reputation the job they perform, or the profession to which they belong.

Our communication should above all be characterized by trust and integrity. We care about our stakeholders, and we treat each other with fairness and respect.

If we run into obstacles or unexpected events in our work, we deal with the situation with politeness and positivity and treat it as an opportunity for improvement. We embrace compliments and use encouragement to keep going and do even better.

A good portion of the Group’s employees interact with representatives of government institutions, such as individuals who work within the healthcare system, regulating authorities, Ministries, etc. In addition, a certain part of employees also interacts with people in positions of influence, such as politicians, interest group representatives, members of government committees, and others that, due to their positions, can make decisions or influence decision-making that is relevant to the Group’s operations or its individual companies.

It can be important for us to share our experience and insights on topics connected to our role in the community with these parties, and in order to do that we need to maintain good communication.  We must comply with the strictest code of conduct in such interactions, as well as with the applicable laws and regulations, and manage our communication in such a way as not to run the risk of damaging the reputation of the Group, its individual companies, or the respective individuals.

It is absolutely prohibited to offer any financial assistance or payments to a government official on behalf of the Group, or its individual companies unless they are payments for meetings or consultation according to a signed agreement in accordance with the appropriate criteria and internal procedures. Information on payments to healthcare professionals is published, if applicable on the Frumtök website (Disclosure Code), the Icelandic Association of the Pharma manufacturers.

If data needs to be sent to government officials or institutions, e.g. in connection with tenders or the registration of medicinal products, it needs to be thorough and meet all requirements.

In addition to the applicable laws, regulations, policies, these code of ethics and conduct, operational procedures established to support the operations, and other criteria, the employees of the Group that work with medicinal products and medical devices also need to comply with the following standards:

  • The Code of EFPIA and Frumtök on interactions with healthcare professionals, healthcare institutions, and patient associations (Updated Icelandic version from 2020).
  • Icelandic special provisions of the Code of EFPIA, cf. provisions in an Icelandic annex to the EFPIA Code. 
  • Provisions of an agreement between the Icelandic Medical Association, the Icelandic Federation of Trade, and the Federation of Trade & Services on interactions between physicians and companies that produce and import medicinal products (updated version from 2020).
  • Code of Ethical Business Practice (MedTech) on interactions with healthcare professionals regarding the promotion of medical devices.

We use our judgment for objectivity to spot and prevent possible conflicts of interest. A conflict of interest can occur, for example, when an employee places their personal, social, financial, or political interests above the interest of the company with which they are employed. 

We refrain from any act, or lack of action, that works against the interests of the Group. We do not allow personal interests to influence our work and do not abuse our position to gain benefits for ourselves or connected parties. We avoid entering into commitments, connections, or other activities that could result in conflicts of interest that could harm the interests of the Group or its companies. If this cannot be avoided, the employee in question shall make sure their immediate supervisor, quality manager, or CEO is notified at the earliest convenience. It has been our policy that employees do not hold jobs with other companies alongside their work with us. Exemptions from that rule need to be approved by the CEO or Assistant Director, as applicable.

If an employee is unsure whether there is a conflict of interest or not, they shall contact the quality manager of the company before making a decision or taking action.

We hold the opinion that diversity in the workplace promotes advantage, and this is the reason why the Group employs a dynamic group of people of various backgrounds, varied education, extensive experience, and knowledge from a number of sectors. Recruitment is in compliance with laws and regulations with respect to provisions of collective agreements, e.g. regarding the maximum number of working hours, minimum wage, etc.  During the recruitment process, possible conflicts of interest of the applicant are explored and equality is observed when making the final decision of recruitment.

We act in accordance with Equal Pay Policy that is put in place to ensure that all employees receive equal pay and the same benefits for the same or comparable jobs. We have also established an Equality Plan designed to ensure that all of our employees enjoy the same rights and benefits irrespective of gender, religion, life philosophies, origin, race, sexual orientation, disability, age and status in any other aspect.  We condemn child- and forced labor and reject doing business or working with parties that do not hold the same principles.

Our HR Policy and other supporting policies define the companies’ key priorities when it comes to building a solid and progressive workplace and have the common goal of attracting, retaining, and strengthening outstanding employees and supporting them in professional and personal growth, cf. the Educational Policy. First and foremost, our goal is to create a safe and good working environment so that work can contribute to an increased quality of life for employees.

We treat each other with respect, show compassion and follow our internal Guiding lights in communications. Behavior that causes discomfort is not tolerated in any circumstances and shall be reported to supervisors, the HR Manager, or with an anonymous report via the company’s website. We have adopted a Policy against Bullying, Harassment, and Violence stating that bullying, as well as other violence, is under no circumstances tolerated.

We guarantee a safe and healthy working environment and prevent accidents and work-related diseases by acting in accordance with the directive of government regulatory authorities on facilities, safety, and health.

We work in a competitive market and respect our competitors, both in words and actions. We participate in an open and fair competition and operate in accordance with provisions of applicable law regarding competition in Iceland and other countries where we do business at any given time. We consider it a part of good corporate culture to operate responsibly according to competition law. For this reason, we take measures to make sure that our employees know the main principles of the law, understand their scope, goals, and objectives, and can safely navigate them.

All of our discussions with the customers of the Group are on the basis of business and legal assumptions and employees are prohibited from having discussions with competitors about prices, mark-ups, markets, or anything that relates to products and services. We realize that violations of competition law is subject to fines and can have serious consequences for the Group’s reputation.

Marketing and promotional work is an important part of our operations where we practice honesty and precision above all else. We need to keep in mind that all marketing and promotional work not only creates the brand of a certain product but is also an important building block in the Group’s reputation or its individual companies. Attitudes and performance in this area can influence business relationships directly.

We comply with applicable laws in terms of marketing and our goal shall always be to enable consumers to form an independent opinion of what is being promoted or advertised. Advertisements shall therefore never be unfair towards consumers, i.e. misleading or hidden.

must be of the appropriate type and value depending on circumstances and occasion at any given time and with consideration for the reason for the present or grant. Personal gifts or grants for healthcare professionals, representatives of healthcare organizations, or patient organization representatives, whether directly or indirectly, are strictly forbidden.

If meetings are held for customers, they must have a clear objective and/or educational content and information value. Meeting cost shall be moderate and in accordance with the scope of the meeting.

Contributions and grants for patient associations are published on the companies’ websites. Contributions and grants to healthcare operators, patient associations, legal entities or healthcare organizations are published on the website of Frumtök and on the website of Icepharma for the purpose of ensuring transparency in the payment of financial valuables. All such interactions shall be in accordance with the criteria of the following procedures and agreements:

  • The Code of EFPIA and Frumtök on interactions with healthcare professionals, healthcare organizations, and patient organizations (Updated Icelandic version from 2020).
  • Icelandic special provisions of the Code of EFPIA, cf. provisions in an Icelandic annex to the EFPIA Code. Provisions of an agreement between the Icelandic Medical Association, the Icelandic Federation of Trade, the Federation of Trade & Services on interactions between physicians and companies that produce and import medicinal products (updated version from 2020).
  • Code of Ethical Business Practice (MedTech) on interactions with healthcare professionals regarding the promotion of medical devices.

The information we handle on a daily basis is one of the Group’s most important operational assets that needs active protection against various threats. Secure and reliable handling is the main principle in our operations. It is the responsibility of all employees to help protect the information assets that belong to the Group or are kept within the Group on behalf of our customers.

We work according to an internal Information Security Policy and place the main emphasis on ensuring the safety of information with organized and technical security measures to minimize the likelihood of security breaches or other incidents that can threaten the safety, confidentiality, integrity, or access to the information. It is important to follow all internal procedures that have been established to support the Information Security Policy since a simple mistake can cause disruption of the operations and have serious consequences, including harming our customers. General information security awareness among employees is activated with regular training and education.

The importance of personal data protection has increased in various aspects and everyone that works with personal information must keep in mind that the processing and handling of the data is in accordance with the requirements of the Data Protection Act. The Privacy Policy of the Group and the supporting procedures describe a responsible handling of personal information and employees are obligated to familiarize themselves with the policy that applies to their company.

The Data Protection Officer (DPO) of the Group has professional knowledge of the Data Protection Act and carries out internal controls of compliance. The role of the DPO is to act as a consultant for employees regarding the handling of personal information, as well as carrying out dissemination of information and education for employees on their own personal data protection in the employment relationship and in the workplace. Guidelines for employees on their own personal data protection have been published to support the Group’s data protection policy for employees. 

Our aim is always that our products and services are among the best on the market. To achieve this goal, we need to collaborate with various partners throughout the supply chain, such as suppliers and service providers.

The value chain of the Group is based on ethical values, and we emphasize business relationships with parties that share our vision to contribute to social responsibility. Through supplier assessments and audits, we choose to work with suppliers and service providers who work according to the same values as the Group. This way we can have a long-term social impact on our partners and our community.

In a world of constant transformation, it is impossible to list all the ethical circumstances that we may face in connection with our work. For that reason, these guidelines are essential to help us make the right decisions. You need bravery to step forward and share worries or suspicions of something that seems not right. Sometimes it is probably just easier to look the other way and wait for someone else to say something. In such cases, it is important to remind ourselves that our decisions and actions affect others and create the culture we want to maintain within the workplace. You are protecting yourself, your coworkers, and the reputation of the company you work for.

Do not hesitate to ask questions or seek guidance in difficult situations. Speak up if you suspect violations of any of the main principles included in these guidelines, or any other misconduct, whether illegal, unethical, or inappropriate. Speak up if you see or experience anything, whatever it is, that is not in accordance with our values. The slightest suspicion is enough to speak up. It is of vital importance to report worries, suspicion, or a possible offense, as soon as you notice.  You can trust that such notification, reported in good faith, will be taken seriously and immediately responded to in a fair manner. Such notification will never negatively affect the one who reports.

The report can be sent to your immediate supervisor, the Quality Manager of the company in question, the relevant Division Director, the CEO, or the Board of Directors.  An anonymous report can also be sent through the companies’ websites where specified employees, bound by confidentiality, receive the report and assess its severity and possible actions in response. This procedure ensures that the person who reports remains non-identifiable.

Irrespective of the method chosen to make the report, you can trust that the appropriate measures will be taken to protect the confidentiality of the notifier.

Code of Ethics and Conduct of Ósar and its Subsidiaries – approved 2023.10.09