Contact:

info@norsestorm.com

|

+45 22 98 06 66

Sales:

sales@norsestorm.com

|

+45 31 51 15 55

Due Diligence Procedure

Purpose

This procedure outlines how NorseStorm ApS identifies, manages, and follows up on potential
and actual risks related to human rights, labor conditions, environmental impact, anti-
corruption, and sanctions compliance.

Company Size and Context

As a small company with only two employees, NorseStorm operates with limited risk exposure.
However, we are committed to meeting our ethical and contractual obligations through a
proportionate due diligence process.

1. Risk Identification

Before engaging with new suppliers or partners, NorseStorm performs a basic risk screening
based on:

  • Country of operation

  • Industry risk level (e.g., manufacturing vs. software)

  • Prior reputation or red flags

  • Risks are documented in a simple Excel log with date, partner name, and observed risks
    (if any)

2. Risk Management

  • If risks are identified, NorseStorm contacts the supplier directly to clarify the issue.

  • The company may request documentation or policy alignment.

  • In case of unresolved concerns, partnerships are reconsidered.

3. Follow-up and Monitoring

  • Each year, NorseStorm reviews active suppliers and updates the risk log.

  • For higher-risk partners, NorseStorm follows up via email or phone to verify continued
    compliance.

4. Documentation and Review

  • All due diligence activities are recorded in a central Excel sheet.

  • This procedure is reviewed annually and adjusted as needed.

Status

As of today, no major risks have been identified in our supply chain or partnerships.

Last updated: 21 April 2025

© 2023 NorseStorm | All rights reserved