Human Rights Policy

Purpose

Triops Technologies, together with its subsidiaries (collectively, "Triops"), has placed respect for human rights at the center of its corporate identity since the company was established. We recognize the dignity inherent in every individual and affirm that the protection of privacy, civil liberties, and other fundamental freedoms must guide the way we develop, deploy, and support our technology.

This policy governs Triops's global operations and applies to all officers, directors, employees, contractors, and consultants. It also sets expectations for our business partners, as described in the Partner Expectations section below.

Regulatory and Normative Framework

This policy is grounded in the following French and European Union instruments, which together form the legal backbone of our human rights commitments:

  • The EU Charter of Fundamental Rights, in particular the right to human dignity (Article 1), the prohibition of slavery and forced labor (Article 5), the right to liberty and security (Article 6), and the right to respect for private and family life (Article 7);
  • The European Convention on Human Rights (ECHR), notably Article 4 (prohibition of slavery and forced labor), Article 5 (right to liberty and security), and Article 8 (right to respect for private life);
  • The EU General Data Protection Regulation (GDPR, Regulation (EU) 2016/679), which enshrines the fundamental right to personal data protection and establishes obligations for data processors and controllers;
  • The EU Corporate Sustainability Due Diligence Directive (CSDDD, Directive (EU) 2024/1760), which requires companies to identify, prevent, and mitigate adverse human rights impacts across their value chains;
  • The French Duty of Vigilance Law (Loi n° 2017-399 of 27 March 2017), imposing a duty on qualifying companies to draw up and implement a vigilance plan addressing human rights risks in their operations and supply chains;
  • The EU Anti-Trafficking Directive (Directive 2011/36/EU), establishing minimum standards for preventing human trafficking and protecting victims;
  • The EU AI Act (Regulation (EU) 2024/1689), which sets out harmonized rules on artificial intelligence and includes specific provisions to safeguard fundamental rights in the design and deployment of AI systems;
  • The French Data Protection Act (Loi n° 78-17 du 6 janvier 1978, as amended), which implements and supplements the GDPR within French jurisdiction.

Our Commitment to Human Rights

Triops acknowledges its corporate responsibility to actively protect and promote human rights. As a software company that works with public-sector agencies, commercial enterprises, and civil-society organizations, we operate in environments where the responsible handling of data is directly tied to individual freedoms. The rights most relevant to our work include the right to privacy, the right to security of person, and the principle of non-discrimination.

We are equally committed to combating modern slavery and human trafficking. Although the nature of our business means that the direct risk of such practices within our operations is low, we maintain dedicated policies and procedures to keep our supply chain free from exploitation. Our Modern Slavery and Human Trafficking Statement provides a detailed account of these measures.

Triops supports the right of every individual to access an effective remedy when their human rights have been adversely affected. We strive to mitigate the risk of misuse of our products through the safeguards described in the Partner Expectations section of this policy.

Mission and Values

Triops partners with governments, public institutions, non-profit organizations, and commercial enterprises to help them address complex, data-intensive challenges. The nature of this work, combined with our obligations around customer confidentiality, may limit our ability to disclose specific details of individual engagements. We recognize that assisting customers in fields such as defense, healthcare, and public safety will naturally raise questions about how data is used to achieve positive outcomes.

We believe that meaningful respect for human rights requires active engagement, including engagement with institutions whose missions sometimes place different fundamental rights in tension with one another. Security and privacy, for example, may pull in opposite directions in certain operational contexts. Rather than treating these tensions as irreconcilable, we build our products and structure our engagements so that both values can coexist. Privacy and civil liberties protections remain embedded in everything we deliver, even in scenarios where security considerations are paramount.

Beyond preventing harm, Triops actively seeks to promote the positive role technology can play in protecting vulnerable populations and supporting the proper functioning of democratic institutions.

Embedding Human Rights in Our Operations

Human rights due diligence is woven into Triops's organizational structure. Our Privacy, Ethics, and Civil Liberties team brings together lawyers, engineers, and social scientists who work to integrate privacy, ethics, and human rights principles directly into our products and into the business opportunities we pursue. This team also fosters a culture of responsibility around the development and deployment of our technology.

In practice, this means promoting privacy by design, ensuring system accountability, and maintaining robust oversight wherever our software is deployed. Triops holds the position that decisions with a significant effect on an individual's freedom, opportunity, or well-being should never be delegated entirely to automated systems. Before any technology is applied to a given problem, we believe the threshold question must be whether that technology is appropriate and necessary in the first place.

Additionally, Triops engages with independent external advisors who specialize in privacy law, civil liberties, data ethics, and policy. Their counsel helps us navigate the complex issues that arise in the course of our work and strengthens our internal processes.

Finally, we advance the cause of human rights through partnerships with humanitarian organizations. Our software supports non-profit entities whose missions focus on combating trafficking, protecting at-risk communities, and upholding the fundamental rights enshrined in European and international law.

Partner Expectations

Triops is a software company, not a data broker or data aggregator. We build data management, analysis, and operational infrastructure for our customers. Our customers retain legal ownership and control over their data at all times. With the exception of information related to internal personnel management and other necessary corporate functions, Triops does not own, collect, store, or sell personal data.

We expect every customer and business partner to respect human rights in their use of our products, while acknowledging that many of them operate in highly complex and sensitive environments. At the same time, there are legal, ethical, and privacy-related constraints on our ability to actively monitor every action a customer takes with data they lawfully control within our platforms.

We believe the strongest safeguard against adverse outcomes is a combination of responsible product design and rigorous pre-engagement due diligence. Unless stated otherwise, the commitments in this policy do not extend to suppliers or other third parties beyond what is set out in our Supplier Code of Conduct. Given our limited role in directing customer use of our software, these commitments do not extend to customer actions, except as described below.

We manage risk in our customer relationships through four complementary measures:

Privacy by design in our products

Security and data protection are foundational considerations in every product we build. We integrate features that remind users of their obligations toward data subjects and create workflows that maximize transparency and auditability for data protection officers and compliance teams.

Pre-engagement risk assessment

Before entering into a new customer relationship, we conduct a structured evaluation of the opportunity. We maintain clear criteria regarding the industries we serve, the jurisdictions in which we will and will not operate, and the capabilities we are willing to build in certain contexts. We have declined opportunities in the past when we concluded that the engagement could not be carried out in a manner consistent with our values.

Ongoing review of product use cases

All Triops employees receive training during onboarding on privacy, security, ethical boundaries, and data minimization principles. Additional, role-specific training is provided for personnel assigned to individual customer engagements. We continuously examine the risks and potential impacts of new use cases proposed by existing customers before enabling them.

Responsive handling of misuse concerns

Triops takes its responsibility to promote the beneficial use of its technology seriously. Where we become aware of allegations that our products are being used in ways that could harm fundamental rights, we will use every available mechanism to address the situation, including contractual remedies, collaboration with oversight bodies, cooperation with judicial or regulatory authorities, and, where warranted, termination of the customer relationship.

Our internal culture actively encourages every employee to raise concerns about ethics or fundamental rights in any aspect of our work, including the conduct of our customers, without fear of retaliation.

How to Raise Concerns

Open dialog is a founding value of Triops. We want every member of our organization to feel empowered to ask questions, flag risks, and challenge decisions when human rights may be at stake. In keeping with the right to effective remedy, our internal reporting infrastructure includes several channels:

  • Direct communication with the Triops Legal, Compliance, Privacy, Data Protection, or People teams;
  • A confidential ethics hotline available to all officers, directors, employees, contractors, and consultants;
  • An anonymous whistleblower hotline operated by an independent third-party provider.

External parties who wish to report human rights concerns relating to Triops or our products may do so by contacting humanrights@3ops.io

Triops strictly prohibits retaliation against any individual who, in good faith, raises a concern or participates in an investigation into a possible violation of this policy.

Every report received through these channels will be reviewed. Where a concern is found to be substantiated, Triops commits to taking appropriate action to prevent or mitigate adverse human rights impacts.

Supporting Frameworks

In developing this policy and our due diligence processes, Triops has drawn on the following European legal instruments and standards:

  • EU Charter of Fundamental Rights;
  • European Convention on Human Rights (ECHR);
  • EU General Data Protection Regulation (GDPR, Regulation (EU) 2016/679);
  • EU Corporate Sustainability Due Diligence Directive (CSDDD, Directive (EU) 2024/1760);
  • French Duty of Vigilance Law (Loi n° 2017-399 of 27 March 2017);
  • EU Anti-Trafficking Directive (Directive 2011/36/EU);
  • EU AI Act (Regulation (EU) 2024/1689);
  • French Data Protection Act (Loi n° 78-17 of 6 January 1978, as amended).

Review and Updates

This policy is reviewed at least annually and updated to reflect changes in applicable legislation, regulatory guidance, and our own operational practices. Questions regarding this policy should be directed to the Triops Technologies Legal and Compliance team.