Transparency: Open access to NetApp information

NetApp knows that trust is earned, not granted, and that building trust is essential to the willingness of our customers to confidently use NetApp products and services. Our deep commitment to transparency is designed to help earn that trust. We share clear and specific information about our values, policies, and core principles. These serve as the foundation for designing our products and services, governing our operations, and guiding our relationships with customers, partners, and our wider community.

Personal integrity, practiced on a daily basis, is the unshakeable foundation of our corporate integrity. The values that we share define who we are as a company and what we can expect from each other. NetApp’s Code of Conduct defines those values and how we implement them through our actions. It serves as the guide that helps everyone who works at NetApp put our values into practice every day. It helps us meet our obligations to our stakeholders and comply with the law and our own policies.

Based on the standards developed by the Responsible Business Alliance for the electronics industry, the NetApp Supplier Code of Conduct outlines the policies and practices that govern our suppliers. Every NetApp supplier must not only support the code, but actively implement our standards to ensure safe, ethical, and respectful work environments. The code outlines standards for labor, health and safety, the environment, and business ethics. It also specifies the elements of an acceptable system to manage conformity to our code.

Third-party requests are defined as any requests for customer data that did not originate with the party generating that data, and are generally categorized as either legal orders or nonlegal requests. Legal orders, such as law enforcement warrants or civil subpoenas, are those data requests that are required by law; nonlegal requests are all other requests. When responding to third-party requests, NetApp maintains detailed processes that are designed to protect the privacy and security of customer data.

At NetApp, we believe that having an ESG vision is far more than just a part of our value proposition, or even a competitive advantage: it is a key part of our organization’s impact on the world we live in. Our vision to help customers get the most out of their data is built on the idea that technology can deliver positive impacts for everyone – including the environment. Everything we do is to better serve our customers and the world we live in, and that requires leaning into making our operational footprint much more sustainable, fostering a diverse and inclusive workplace culture for our employees, and supporting the communities around the world that need it most. You can read more about our progress to date and our sharpened focus for the work ahead in our latest ESG report for fiscal year ending April 28, 2023.

Conflict minerals refer to minerals that are mined in the Democratic Republic of the Congo and surrounding countries using forced labor, or where money derived from mining may be financing armed groups engaged in civil war, human rights abuses, or environmental damage.

NetApp complies with global laws regulating conflict minerals, such as the EU Conflict Minerals Regulation. We maintain policies and practices grounded in our Supplier Code of Conduct to ensure that our supply chain also complies. NetApp also files a public disclosure (Form SD) to the U.S. Securities and Exchange Commission that outlines our assessment of our suppliers’ use (if any) of conflict minerals.

Laws in Australia, California, the UK, and elsewhere require certain businesses to report on their efforts to prevent or eradicate slavery and human trafficking in their supply chains.

NetApp is committed to complying with these laws and to ensuring that our employees and suppliers around the globe take appropriate steps to mitigate the risks across our supply chain. NetApp uses the Responsible Business Alliance Code as the basis for identifying the risks of noncompliance. We work with our supply chain to promote an environment in which workers freely choose employment. We implement a robust system of internal accountability supported by mandatory annual training on our Supplier Code of Conduct and specific contractual agreements with suppliers.

NetApp is committed to building technology that meets international accessibility standards. The Voluntary Product Accessibility Template (VPAT) contains a list of requirements needed for a product to meet U.S. accessibility standards, which NetApp must meet to sell our products and services to the U.S. government. The template enables vendors, such as NetApp, to state their products’ conformance with these standards.

NetApp’s compliance is detailed in Accessibility Conformance Reports for more than 100 NetApp products and software (including the operating system).

NetApp offers an overview of the current status of all NetApp services as well as a calendar view of historical uptime (over the past 90 days). When there are outages, the daily reports indicate the reason—scheduled maintenance or other outage. They then specify the start time and date of the outage and the status—whether it is under investigation (including updates), a fix is being monitored, or it has been resolved.

NetApp’s Business Continuity Program provides a framework and guidance to develop, implement, and maintain operations to support the continuation of our business and enable delivery of NetApp products and services. In the event of a disruption, the NetApp's Business Continuity Program helps ensure an organized recovery and restoration of critical business function of people, processes, and technology. This supports the resumption of NetApp operations as quickly and efficiently as possible.