Export Controls Policy

Effective: June 11, 2025

Last updated: March 11, 2026

1. Introduction

Genuinelink B.V. ("Company," "we," "us," or "our") is committed to compliance with all applicable export control laws and sanctions regulations. This Export Controls and Sanctions Policy ("Policy") outlines our compliance framework and procedures for international trade and technology transfers.

2. Scope and Applicability

2.1 Global Compliance

This Policy applies to all Company operations worldwide and covers:

  • Export Controls: All exports, re-exports, and transfers of goods, software, and technology
  • Sanctions: Compliance with all applicable sanctions and embargo programs
  • Trade Regulations: Adherence to international trade laws and regulations
  • Technology Transfers: All transfers of technology, technical data, and software

2.2 Jurisdictional Coverage

We comply with export control laws in:

  • European Union: EU Dual-Use Regulation (Regulation (EC) No 428/2009)
  • United States: Export Administration Regulations (EAR) and International Traffic in Arms Regulations (ITAR)
  • United Kingdom: UK Export Control Order 2008
  • Netherlands: Dutch export control laws and regulations
  • Other Jurisdictions: All other applicable national and international export control laws

3. Prohibited Activities

3.1 Sanctioned Countries

We do not provide services to or conduct business with:

  • Comprehensively Sanctioned Countries: Countries subject to comprehensive sanctions
  • Embargoed Countries: Countries under trade embargoes
  • Restricted Territories: Territories with restricted trade relationships
  • Prohibited Destinations: Any destination prohibited by applicable law

3.2 Denied Parties

We do not provide services to:

  • Denied Persons: Individuals or entities on denied party lists
  • Specially Designated Nationals (SDNs): SDNs under US sanctions programs
  • Entity List: Entities on the US Entity List
  • Other Restricted Lists: Any other restricted party lists

3.3 Prohibited End Uses

We do not provide services for:

  • Military Applications: Military, defense, or weapons-related applications
  • Weapons of Mass Destruction: Nuclear, chemical, or biological weapons development
  • Terrorism: Any terrorist activities or organizations
  • Human Rights Violations: Activities that violate human rights
  • Illegal Activities: Any illegal or prohibited activities

4. Export Control Classifications

4.1 Software Classification

Our software and technology are classified as follows:

  • ECCN: [ECCN_CODE] - Software for information security
  • Export License: [LICENSE_STATUS] - [LICENSE_DETAILS]
  • Country of Origin: Netherlands
  • Technical Specifications: [TECHNICAL_DETAILS]

4.2 Dual-Use Items

Our technology may be subject to dual-use controls:

  • EU Classification: Category 5 - Part 2 (Information Security)
  • US Classification: ECCN 5D002 - Information Security Software
  • UK Classification: Category 5 - Part 2 (Information Security)
  • License Requirements: Export license may be required for certain destinations

4.3 Technology Transfer

We control technology transfers through:

  • Technical Data: Controlled technical data and specifications
  • Software: Controlled software and source code
  • Know-How: Controlled technical know-how and expertise
  • Training: Controlled training and technical assistance

5. Compliance Procedures

5.1 Customer Screening

We screen all customers against:

  • Denied Party Lists: All applicable denied party lists
  • Sanctions Lists: All applicable sanctions lists
  • Watch Lists: All applicable watch lists
  • Restricted Party Lists: All other restricted party lists

5.2 End-Use Verification

We verify end-use through:

  • End-Use Statements: Written end-use statements from customers
  • End-User Certificates: Official end-user certificates when required
  • Site Visits: On-site visits for high-risk transactions
  • Third-Party Verification: Third-party verification of end-use

5.3 License Determination

We determine export license requirements through:

  • Commodity Classification: Proper classification of goods and technology
  • Destination Analysis: Analysis of destination country restrictions
  • End-Use Review: Review of intended end-use and end-users
  • License Application: Application for export licenses when required

6. Record Keeping and Documentation

6.1 Export Records

We maintain detailed records of:

  • Export Transactions: All export transactions and shipments
  • License Applications: All export license applications and approvals
  • Customer Information: Customer screening and verification records
  • End-Use Documentation: End-use statements and certificates

6.2 Record Retention

We retain export control records for:

  • Minimum Period: 5 years from the date of export
  • Longer Period: Longer periods as required by applicable law
  • Audit Trail: Complete audit trail for all export transactions
  • Accessibility: Easy access for regulatory inspections

6.3 Documentation Requirements

We maintain documentation including:

  • Commercial Invoices: Detailed commercial invoices
  • Packing Lists: Complete packing lists
  • Export Licenses: Copies of all export licenses
  • End-Use Certificates: End-use certificates and statements

7. Training and Awareness

7.1 Staff Training

We provide comprehensive training on:

  • Export Control Laws: All applicable export control laws and regulations
  • Sanctions Programs: All applicable sanctions and embargo programs
  • Compliance Procedures: Internal compliance procedures and processes
  • Red Flags: Identification of red flags and suspicious activities

7.2 Regular Updates

We provide regular updates on:

  • Regulatory Changes: Changes to export control laws and regulations
  • Sanctions Updates: Updates to sanctions and embargo programs
  • Best Practices: Industry best practices and compliance guidance
  • Case Studies: Real-world case studies and lessons learned

7.3 Certification Programs

We maintain certification programs for:

  • Export Control Officers: Certified export control officers
  • Compliance Managers: Certified compliance managers
  • Sales Personnel: Certified sales personnel
  • Technical Staff: Certified technical staff

8. Risk Assessment and Management

8.1 Risk Assessment

We conduct regular risk assessments of:

  • Customer Base: Risk assessment of our customer base
  • Product Portfolio: Risk assessment of our product portfolio
  • Geographic Markets: Risk assessment of geographic markets
  • Business Partners: Risk assessment of business partners

8.2 Risk Mitigation

We implement risk mitigation measures including:

  • Enhanced Due Diligence: Enhanced due diligence for high-risk customers
  • Additional Screening: Additional screening for high-risk transactions
  • Monitoring: Continuous monitoring of customer activities
  • Reporting: Regular reporting of risk assessment results

8.3 Risk Monitoring

We monitor risks through:

  • Regular Reviews: Regular reviews of risk assessments
  • Trend Analysis: Analysis of risk trends and patterns
  • Incident Tracking: Tracking of compliance incidents
  • Performance Metrics: Monitoring of compliance performance metrics

9. Compliance Monitoring and Auditing

9.1 Internal Audits

We conduct regular internal audits of:

  • Export Transactions: Audit of export transactions and documentation
  • Customer Screening: Audit of customer screening processes
  • License Compliance: Audit of export license compliance
  • Record Keeping: Audit of record keeping and documentation

9.2 External Audits

We engage external auditors for:

  • Independent Reviews: Independent reviews of compliance programs
  • Regulatory Audits: Preparation for regulatory audits
  • Best Practice Assessments: Assessment against industry best practices
  • Gap Analysis: Identification of compliance gaps and weaknesses

9.3 Corrective Actions

We implement corrective actions for:

  • Compliance Violations: Violations of export control laws
  • Process Deficiencies: Deficiencies in compliance processes
  • Training Needs: Training needs identified through audits
  • System Improvements: Improvements to compliance systems

10. Incident Response

10.1 Incident Reporting

We have procedures for reporting:

  • Compliance Violations: Violations of export control laws
  • Suspicious Activities: Suspicious activities or transactions
  • Regulatory Inquiries: Regulatory inquiries or investigations
  • Internal Violations: Internal violations of compliance policies

10.2 Investigation Procedures

We investigate incidents through:

  • Immediate Response: Immediate response to reported incidents
  • Thorough Investigation: Thorough investigation of all incidents
  • Documentation: Complete documentation of investigations
  • Corrective Actions: Implementation of appropriate corrective actions

10.3 Regulatory Reporting

We report incidents to:

  • Relevant Authorities: Relevant regulatory authorities
  • Internal Management: Internal management and compliance officers
  • Legal Counsel: Legal counsel when appropriate
  • External Auditors: External auditors when required

11. Technology and Software Controls

11.1 Software Export Controls

We control software exports through:

  • Source Code Controls: Controls on source code access and distribution
  • Object Code Controls: Controls on object code distribution
  • Documentation Controls: Controls on technical documentation
  • Training Controls: Controls on technical training and support

11.2 Cloud Services

We control cloud services through:

  • Geographic Restrictions: Restrictions on data processing locations
  • Access Controls: Controls on who can access cloud services
  • Data Residency: Requirements for data residency and localization
  • Compliance Monitoring: Monitoring of cloud service compliance

11.3 API and Integration Controls

We control API and integration access through:

  • Authentication: Strong authentication requirements
  • Authorization: Role-based authorization controls
  • Monitoring: Continuous monitoring of API usage
  • Rate Limiting: Rate limiting and usage controls

12. International Cooperation

12.1 Government Cooperation

We cooperate with government agencies including:

  • Export Control Authorities: National export control authorities
  • Customs Authorities: Customs and border protection agencies
  • Law Enforcement: Law enforcement agencies
  • Intelligence Agencies: Intelligence and security agencies

12.2 Industry Cooperation

We cooperate with industry partners through:

  • Industry Associations: Participation in industry associations
  • Best Practice Sharing: Sharing of best practices and lessons learned
  • Joint Initiatives: Joint initiatives for compliance improvement
  • Information Sharing: Sharing of compliance information and intelligence

13. Contact Information

For questions about this Export Controls and Sanctions Policy, contact us at [email protected].

14. Updates to This Policy

We may update this Policy periodically to reflect:

  • Changes in export control laws and regulations
  • Updates to sanctions and embargo programs
  • Improvements to our compliance procedures
  • Feedback from regulatory authorities

We will notify relevant parties of material changes through:

  • Email notifications
  • Internal communications
  • Training updates
  • Policy acknowledgments

This Export Controls and Sanctions Policy is effective as of June 11, 2025 and was last updated on March 11, 2026.