IT SOLUTIONS

Integrated Digital Ecosystem for Smarter Hospital Operations

Our Solutions

…..

DisasterMs

An advanced ecosystem to keep your facility safe with early warning, disaster prediction, and a full closed‑loop response system.

Specialized Chatbot

A secure chatbot trained on your own data to give accurate, source-based answers with minimal AI hallucination.

Predictive Models

Statistical models that help predict climate-related changes and natural disasters for better preparedness.

Triage

A digital system to recognize and identify mass-casualty victims, fully integrated with your HIS system.

EM:CC – Emergency Medicine Cluster Coverage

Connects hospitals in the same region to manage patient journeys safely and ensure timely intervention.

Tele-Intubation (Coming soon)

Remote expert support for critical airway management.

Tele Code Blue Kit (Coming soon)

Virtual tools to activate and coordinate code blue events.

Medical IoT (Coming soon)

Real-time connection of medical devices for better situational awareness.

Mission-Specific Protocol Designer (AI SaaS) (Coming soon)

An AI platform to design and manage custom disaster and emergency protocols.

Key Benefits

Stronger safety and readiness
Smarter, faster clinical decisions
Better regional coordination and patient flow
Clear visibility for hospital, IT, and operations leaders
Modular platform you can grow over time

Ready to explore the ecosystem?

Request a Live Demo

Book Consultation

Our consultants are ready to help you navigate your healthcare goals

Privacy Notice

Last updated: 9 Feb 2026

We, ARETION & Company (the brand used on aretion.co.uk), understand that your privacy is important to you. We are committed to respecting your privacy and protecting your personal data. This Privacy Notice explains how we handle and protect personal data when we collect it through our website and through our externally facing activities, such as service enquiries, consultations, and communications.

Depending on the nature of your relationship with ARETION, additional or different privacy information may apply to you (for example, if you receive services under separate terms, or where a client organisation controls personal data we process on its behalf).

Data controller

When ARETION & Company collects and processes personal data in accordance with this Privacy Notice, we do so as a data controller (or joint controller where applicable). This means we determine how and why your personal data is collected, used, protected, disclosed, and disposed of.

Company details:

Legal name: ARETION & Company
Registered office: 71-75 SHELTON STREET COVENT GARDEN, LONDON, WC2H 9JQ

Contact email: post@aretion.co.uk
Data Protection Officer (if appointed): dpo@aretion.co.uk

Who this notice applies to

This Privacy Notice applies to individuals who interact with us, including:

website visitors;
people who contact us with general enquiries, service enquiries, or partnership enquiries;
representatives of clients, partners, suppliers, and collaborators;
individuals who request or receive psychotherapy services (where offered);
job applicants (where we receive application materials directly).

How we collect personal data

We collect personal data:

directly from you(for example, when you email us or submit an enquiry);
automatically when you use our website(for example, through log files and similar technical records);
from your organisation(for example, where you are a representative of a client, partner, or supplier);
from third partieswhere appropriate (for example, professional advisers, or referees in recruitment), and only where permitted by law.

You are not required to provide personal data to us, but if you do not provide certain information, we may be unable to respond to your request or provide services.

Categories of personal data

Depending on how you interact with us, we may collect the following categories of personal data.

4.1 Enquiries and communications

name, email address, telephone number;
organisation and role (where relevant);
the content of your message and our correspondence with you, including attachments.

4.2 Service-related data

information needed to provide consulting services and manage engagements;
where you request or receive psychotherapy services, information you provide about your health and wellbeing.

4.3 Website technical and usage data

IP address;
date and time of access;
pages requested and referrer (where provided);
browser and operating system information (where provided).

4.4 Recruitment data (if applicable)

CV, cover letter, work and education history;
interview notes and assessment information;
right-to-work information (where required and provided).

Why we use personal data and our legal bases

We process personal data for the purposes below and using the legal bases set out here.

5.1 Providing and securing the website

Purpose:operate, maintain, troubleshoot, and secure the website; prevent and investigate misuse.
Legal basis:legitimate interests.

5.2 Enquiries and relationship management

Purpose:respond to enquiries; manage communications; progress and manage client, partner, and supplier relationships.
Legal basis:legitimate interests and/or steps prior to entering a contract or performance of a contract.

5.3 Service delivery

Purpose:provide consulting and related services; manage service delivery, administration, and quality assurance.
Legal basis:performance of a contract and/or legitimate interests.

5.4 Recruitment (where applicable)

Purpose:assess applications and manage recruitment; comply with applicable employment and legal requirements.
Legal basis:legitimate interests; steps prior to entering a contract; legal obligation (where applicable).

5.5 Legal compliance and protection of rights

Purpose:comply with legal requirements; establish, exercise, or defend legal claims; protect our rights and property.
Legal basis:legal obligation and/or legitimate interests.

Where we rely on legitimate interests, we consider necessity and proportionality and balance our interests against your rights.

Special category data

Where you request or receive psychotherapy services, we may process information that constitutes special category data (for example, health-related information).

We will process special category data only where a specific condition under UK GDPR applies, typically:

explicit consent; and/or
another applicable condition depending on the service model and safeguarding framework.

Where we rely on consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal, but it may affect our ability to provide services.

Who we share personal data with

Personal data may be disclosed on a need-to-know basis to:

service providers supporting our IT, hosting, communications, security, and (where used) analytics, acting under contractual and confidentiality obligations;
professional advisers (including legal, audit, and insurance);
partners and collaborators where necessary for a specific engagement (subject to appropriate contractual protections);
public authorities and law enforcement where required by law, or where necessary for legal claims or investigations;
a successor entity in the event of a reorganisation, merger, sale, or transfer of assets (subject to appropriate protections).

We do not disclose personal data to third parties for unrelated purposes without a lawful basis.

International data transfers

ARETION may operate internationally and may use service providers located outside the UK. If personal data is transferred outside the UK and UK GDPR applies, we will implement appropriate safeguards, such as:

transfers to locations recognised as providing an adequate level of protection; and/or
approved contractual protections (for example, the UK International Data Transfer Agreementor the UK Addendum), together with transfer risk assessment and supplementary measures where required.

Security

We use appropriate technical and organisational measures designed to protect personal data against accidental or unlawful loss, misuse, alteration, and unauthorised access. Access to personal data is limited to authorised personnel and trusted service providers on a need-to-know basis.

No system is completely secure. You should take care when sending information by email or over the internet.

Retention

We keep personal data only as long as necessary for the purposes described in this notice, to meet legal or contractual obligations, and in accordance with our retention practices. We securely delete or anonymise personal data when it is no longer needed.

Indicative retention periods (to be finalised to match ARETION’s operations):

website log data: kept for a short period for security and troubleshooting, then deleted or anonymised;
enquiries and correspondence: typically up to 12 months after closure, unless required longer for an ongoing relationship or dispute;
client/partner records: typically for the life of the relationship plus a further period appropriate for contractual, accounting, and legal purposes (often 6–7 years);
recruitment records: typically 6–12 months for unsuccessful candidates, unless longer retention is agreed or required by law;
psychotherapy-related information: retained only as necessary for service delivery and applicable legal/professional requirements.

Your rights and how to exercise them

Subject to conditions and exceptions under UK GDPR, you may have the right to:

request access to personal data we hold about you;
request rectification;
request erasure;
request restriction of processing;
object to processing (including where based on legitimate interests, and for direct marketing where applicable);
request data portability (where applicable);
withdraw consent where processing is based on consent.

How to exercise your rights: contact us using the details in Section 15. We may take reasonable steps to verify your identity before acting on certain requests.

Cookies and similar technologies

Our website may use cookies and similar technologies to support core functionality and improve user experience.

Where non-essential cookies or similar technologies are used (for example, analytics), we will seek consent where required under UK law and provide appropriate cookie information and choices.

You can also manage cookies through your browser settings. If you disable cookies, parts of the website may not function as intended.

Note: ARETION should confirm the cookies and tracking technologies actually used on aretion.org and ensure cookie controls and notices reflect those technologies.

Children

Our website and services are not intended to be used to knowingly collect personal data from children. If you believe a child has provided personal data to us, please contact us so we can take appropriate steps.

Updates to this notice

We may update this Privacy Notice from time to time. The latest version will be made available on our website and will be identified by the “Last updated” date.

Contact and complaints

Contact: post@aretion.co.uk. (please include “Privacy” in the subject line).

Complaints: You have the right to lodge a complaint with the UK supervisory authority, the Information Commissioner’s Office (ICO). We encourage you to contact us first so we can try to resolve your concern.

Terms of Use

Last updated: 7 Feb 2026

These Terms of Use apply to your access to and use of the ARETION & Company website at aretion.org (the Site). By using the Site, you agree to these Terms. If you do not agree, you must not use the Site.

About these Terms

These Terms apply to your use of the Site and all content and functionality made available through the Site (together, Site Content). Separate terms may apply to any services we provide to you (for example, consulting engagements or psychotherapy services).

We may update these Terms from time to time without prior notice. Please check this page periodically for changes.

About us and contact details

The Site is operated by ARETION & Company (the brand used on aretion.org).

Contact: Post@aretion.co.uk

Company registered office: 71-75 SHELTON STREET COVENT GARDEN, LONDON, WC2H 9JQ

Copyright and other intellectual property

All Site Content, including text, graphics, logos, icons, images, videos, and the selection and arrangement of the foregoing, together with any concepts, know-how, tools, frameworks, software, applications or other technology, algorithms, models, processes, and perspectives underlying or embedded in the foregoing, is owned by or licensed to ARETION and is protected by applicable intellectual property laws.

Except as expressly permitted by these Terms, you may not copy, reproduce, modify, reverse engineer, alter, publish, upload, post, transmit, distribute, or otherwise exploit any Site Content without our prior written permission. All rights not expressly granted are reserved.

Trademarks

The trademarks, service marks, designs, and logos displayed on the Site are the property of ARETION or its licensors. You must not use or reproduce any trademarks in any manner that is likely to cause confusion, take unfair advantage, cause detriment, or imply endorsement by or association with ARETION, except as expressly permitted by us.

Use of Site Content; restrictions

5.1 Limited licence

We grant you a limited, non-exclusive, non-transferable, revocable licence to access and use the Site and to download, display, and print one copy of Site Content solely for your internal, non-commercial use, provided that you:

do not modify Site Content, including by creating derivative works;
retain all copyright and other proprietary notices; and
otherwise comply with these Terms.

5.2 Restrictions

You may not, without our express written permission:

access, search, collect, mine, or extract data from the Site or Site Content by any means (automated or otherwise), including crawling or scraping;
“mirror” the Site Content or any portion of it;
use the Site or Site Content to develop any software program, model, algorithm, or other generative AI tool, including training, fine-tuning, grounding, or using Site Content as part of retrieval-augmented generation or the operation of any machine learning or artificial intelligence system;
use the Site in violation of applicable laws, including export controls and sanctions where applicable, or in violation of our or any third party’s intellectual property, confidentiality, or other legal rights.

5.3 Enforcement

The licence granted under these Terms terminates automatically and immediately if you do not comply with these Terms. If you do not comply, or if we have reasonable grounds to suspect non-compliance, we may take legal action, suspend or terminate your access to the Site, or take any other steps we consider appropriate.

User submissions

If the Site allows you to submit materials to us (including by email or through enquiry channels), you acknowledge and agree that:

you are responsible for your submissions and for ensuring they are lawful and do not infringe the rights of any third party;
you grant to ARETION a worldwide, non-exclusive, transferable, sublicensable, fully paid-up, royalty-free, perpetual, irrevocable licence to use, reproduce, publish, distribute, modify, and otherwise exploit your submission for purposes connected with operating the Site, responding to you, and managing our relationship and services, to the extent permitted by law; and
you will not submit materials that are threatening, libellous, defamatory, obscene, misleading, unlawful, or harmful, that encourage criminal conduct, that infringe intellectual property or privacy rights, that contain viruses or destructive elements, or that constitute advertising or unsolicited promotions.

We do not represent or endorse the accuracy or reliability of information posted by users, where applicable. We reserve the right to refuse, remove, or disable access to any submissions, in whole or in part, for any reason.

Notices of infringement; takedown

ARETION prohibits the posting of content that infringes copyright or other intellectual property rights, including rights of privacy and publicity.

If you believe that content on the Site infringes your rights, please contact us at compliance@aretion.co.uk and provide:

identification of the work or right claimed to have been infringed;
identification of the allegedly infringing material and where it appears on the Site;
your name, address, telephone number, and email address;
a statement of your good faith belief that the use is not authorised by the rights owner, its agent, or the law; and
a statement that the information you provide is accurate and that you are authorised to act on behalf of the rights owner.

We will review notices and, where appropriate, take steps to remove or disable access to infringing material.

Third-party websites and resources

The Site may contain links to third-party websites or resources. We have no responsibility for third-party websites, which are governed by their own terms of use and privacy policies. Accessing third-party sites is at your own risk.

Privacy

For information about how we collect and use personal data, please read our Privacy Notice.

Disclaimers

The Site and Site Content are provided with the understanding that ARETION is not engaged in rendering professional advice or services to you through the Site. Site Content is provided for general information only and should not be relied upon as professional advice (including medical, legal, tax, or other regulated advice). You remain solely responsible for how you use Site Content, and any reliance is at your own risk.

To the extent permitted by applicable law, all Site Content and functionality are provided “as is” and “as available”, without warranty of any kind, whether express or implied, including implied warranties of satisfactory quality, fitness for a particular purpose, non-infringement, accuracy, or availability.

Limitation of liability

Nothing in these Terms excludes or limits liability that cannot be excluded under applicable law, including liability for death or personal injury caused by negligence, or fraud or fraudulent misrepresentation.

Subject to the above, and to the extent permitted by law, ARETION will not be liable for any loss or damage arising out of or in connection with your use of, or inability to use, the Site, including indirect, incidental, consequential, or punitive losses, loss of profits, loss of revenue, loss of business, or loss of data.

Nothing in these Terms is intended to affect any mandatory statutory rights you may have as a consumer under UK law.

Indemnity

You agree to indemnify, defend, and hold harmless ARETION and its officers, directors, employees, and agents from and against any claims, liabilities, damages, losses, and expenses (including reasonable legal fees) arising out of or in connection with your use of the Site, your breach of these Terms, and/or your infringement of any rights of any third party.

Changes and termination

We may modify, suspend, or withdraw the Site, in whole or in part, at any time. We may also update these Terms as described above. We may terminate or suspend your access to the Site if we believe you have breached these Terms or where necessary to protect the Site, ARETION, or others.

Governing law and jurisdiction

These Terms (and any non-contractual disputes or claims) are governed by the laws of England and Wales, and the courts of England and Wales shall have exclusive jurisdiction, except where mandatory rules require otherwise.

Contact

Questions about these Terms should be sent to: compliance@aretion.co.uk.

CODE OF CONDUCT

ARETION & Company and its Subsidiaries

OPENING MESSAGE: OUR COMMITMENT TO INTEGRITY

ARETION & Company and its subsidiaries—ARETION Informatics Solutions, ARETION Publishing Group, and ARETION Healthcare Consulting—are committed to the highest standards of ethical conduct, professional integrity, and legal compliance.

This Code of Conduct reflects our promise to our clients, patients, partners, employees, and the public that we will:

– Act with honesty and transparency in all dealings;

– Prioritise patient safety and wellbeing in all advice and recommendations;

– Provide independent, objective, evidence-based guidance free from conflicts of interest;

– Comply strictly with applicable laws and regulations;

– Respect human rights, dignity, and equality;

– Operate sustainably and responsibly;

– Speak up about misconduct without fear of retaliation.

This Code applies to everyone who works for or represents ARETION & Company and its subsidiaries—employees, officers, contractors, partners, and agents. We believe that ethical business conduct and strong governance are essential to earning trust and delivering value.

We are accountable to our stakeholders, regulators, and the public. We welcome scrutiny of our conduct and are committed to continuous improvement.

TABLE OF CONTENTS

Purpose, Scope, and Applicability
Core Values and Ethical Principles
Compliance with Laws, Regulations, and Professional Standards
Anti-Bribery and Anti-Corruption
Conflicts of Interest
Confidentiality, Data Protection, and Information Security
Professional Conduct with Clients and Protection of Patients’ Interests
Fair Treatment, Diversity, Equity, Inclusion, and Anti-Harassment
Human Rights, Modern Slavery, and Responsible Supply Chain
Health, Safety, and Wellbeing at Work
Use of Company Assets, Technology, Intellectual Property, and Acceptable Use
Insider Information, Market Abuse, and Handling Sensitive Commercial Information
Research Ethics, Data Analytics, and AI/Algorithmic Fairness
Environmental and Social Responsibility
Record-Keeping, Documentation, and Reporting Accuracy
Speaking Up, Whistleblowing, and Non-Retaliation
Responsibilities of Managers and Leaders
Monitoring, Accountability, and Consequences of Breaches
Acknowledgement and Annual Reaffirmation

PURPOSE, SCOPE, AND APPLICABILITY

1.1 Purpose

This Code of Conduct sets out the standards of ethical behaviour, professional integrity, and legal compliance that ARETION & Company and its subsidiaries are committed to upholding. It serves as a public statement of our values and expectations, and provides guidance to our employees, contractors, partners, clients, and stakeholders about how we conduct our business.

1.2 Who This Code Applies To

This Code applies to:

– All employees of ARETION & Company and its subsidiaries (full-time, part-time, fixed-term, and temporary);

– Officers, directors, and members of boards;

– Partners, joint venture participants, and affiliates;

– Contractors, consultants, secondees, and agency workers;

– Anyone representing ARETION & Company or its subsidiaries in any capacity.

Non-compliance by any individual is a serious matter and will result in appropriate action, including disciplinary measures and, where necessary, referral to law enforcement or regulators.

1.3 Our Group Structure

ARETION & Company operates through three principal subsidiaries:

– ARETION Informatics Solutions – providing health information technology, digital solutions, data platforms, data analytics, and technology-enabled consulting to healthcare organisations;

– ARETION Publishing Group – producing healthcare publications, research, evidence synthesis, policy analysis, and knowledge dissemination to advance healthcare practice and policy;

– ARETION Healthcare Consulting – delivering strategy consulting, operational improvement, workforce development, clinical pathway redesign, digital health implementation, and advisory services to healthcare providers, commissioners, and systems.

This Code applies uniformly across all subsidiaries. All employees and contractors, regardless of which subsidiary employs them, must comply with this Code in full.

1.4 International Applicability

ARETION & Company operates internationally and works across multiple jurisdictions. This Code sets a consistent baseline of ethical standards across our global operations. We also comply strictly with:

– The laws and regulations of the United Kingdom (where we are headquartered);

– The laws, regulations, and professional standards of each country where we operate or where our employees work;

– Client-specific and sectoral compliance requirements.

Where local law is stricter than this Code, we comply with local law. Our commitment to ethical conduct does not change based on geography or local custom.

1.5 Supporting Policies

This Code is supported by detailed policies available to employees on our internal systems. For clients, partners, and external stakeholders with questions about our policies, please contact compliance@aretion.co.uk or see Section 16 (Speaking Up and Whistleblowing) for contact details.

Key supporting areas include:

– Anti-Bribery and Corruption

– Data Protection and Privacy

– Conflicts of Interest Management

– Information Security

– Health and Safety

– Whistleblowing and Concerns Reporting

– Modern Slavery and Responsible Sourcing

– Environmental Responsibility

– Research Ethics and Data Analytics

CORE VALUES AND ETHICAL PRINCIPLES

2.1 Our Core Values

ARETION & Company and its subsidiaries operate according to seven core values:

Integrity

We act with honesty, fairness, and transparency in all our dealings. We keep our commitments, acknowledge mistakes, and are accountable for our actions. We refuse to compromise on ethical standards regardless of commercial pressure, client preferences, or financial incentive. Our reputation is built on doing the right thing, even when it is difficult or costly.

Patient-Centred Impact

Healthcare is our business. Everything we do—whether we advise on digital systems, publish research, or redesign clinical pathways—must ultimately benefit patients and improve health outcomes. We prioritise patient safety, dignity, equity, and access to care in all recommendations. We challenge any proposal that could harm patients or communities without clear ethical justification and proper safeguards.

Independence and Objectivity

We provide impartial, evidence-based advice. We do not allow conflicts of interest, personal relationships, financial ties, or client preferences to compromise our professional judgment. We conduct research and analysis based on evidence and rigorous methodology, not ideology or commercial interest. We will give uncomfortable advice, challenge assumptions, and recommend unpopular actions when evidence and ethics demand it. Our value to clients lies in our independence.

Respect

We value the dignity, rights, autonomy, and wellbeing of everyone we work with—colleagues, clients, patients, and communities. We treat all people fairly, regardless of background, role, gender identity, disability, ethnicity, religion, sexual orientation, or any other characteristic. We listen, collaborate, and create an inclusive environment where diverse perspectives are welcomed and valued.

Accountability

We take responsibility for the quality and integrity of our work, the accuracy of our analysis, and the impact of our projects. We are transparent about what we can deliver, what we cannot, and the limitations of our expertise. We meet our commitments, explain our decisions clearly, and welcome scrutiny. We report on our performance and take action to address shortfalls.

Sustainability

We consider the long-term environmental and social impact of our work. We support clients in building resilient, sustainable health systems that serve future generations responsibly. We operate our own business sustainably, minimising environmental impact, and contribute positively to the communities where we work.

Transparency

We communicate openly and honestly with clients, regulators, employees, and the public. We disclose our interests, explain our methods and limitations, acknowledge our conflicts, and provide accurate information. We do not hide or conceal material facts.

2.2 Ethical Principles

In addition to our core values, we follow these ethical principles:

– Legality: We comply with all applicable laws and regulations. This is non-negotiable.

– Honesty: We do not deceive, mislead, or conceal material facts. We provide accurate information and correct errors promptly.

– Respect for persons: We respect human rights, dignity, autonomy, and privacy. We recognise the right of individuals to make informed decisions about their care and their data.

– Fairness and equity: We treat people equitably and actively work to address discrimination and health inequalities. We recognise that healthcare is not equally accessible to all and consider equity in our work.

– Responsibility: We consider the impact of our actions on patients, colleagues, clients, communities, and society. We do not pursue commercial gain at the expense of ethics or public welfare.

COMPLIANCE WITH LAWS, REGULATIONS, AND PROFESSIONAL STANDARDS

3.1 Legal Compliance Commitment

ARETION & Company and its subsidiaries are committed to strict compliance with all applicable laws and regulations. These include, but are not limited to:

– Anti-corruption: Bribery Act 2010

– Data protection and privacy: UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018

– Human rights: Modern Slavery Act 2015, Human Rights Act 1998

– Equality and discrimination: Equality Act 2010

– Health and safety: Health and Safety at Work etc. Act 1974 and related regulations

– Healthcare regulation: Applicable healthcare laws and regulations in each jurisdiction where we operate

– Employment law: Employment Rights Act 1996 and related employment legislation

– Environmental law: Environmental Protection Act 1990 and climate/sustainability regulations

– Intellectual property: Copyright, Designs and Patents Act 1988

– Company law: Companies Act 2006

– Competition law: Competition Act 1998, Enterprise Act 2002

– Client-specific regulations: Financial services, public sector, regulated industry requirements

3.2 Professional Standards

Many of our employees hold professional qualifications or registrations (doctors, nurses, health professionals, researchers, chartered managers, engineers, etc.). We expect all professionals to comply with the codes of practice and standards of their professional bodies and to maintain their registrations and credentials.

If your professional registration is under investigation, suspended, or subject to conditions, you must inform your manager and HR immediately.

3.3 Breach of Law

Breaches of law are serious and may result in:

– Criminal prosecution and imprisonment of individuals;

– Civil liability and financial penalties;

– Disciplinary action by ARETION & Company, including dismissal;

– Referral to professional regulators or law enforcement;

– Exclusion from future contracts and debarment from public sector work;

– Reputational damage to you and to ARETION & Company.

We will fully cooperate with law enforcement, regulatory investigations, and judicial proceedings.

3.4 If You Are Unsure

If you are uncertain about whether something is lawful or complies with this Code, do not proceed. Instead:

– Ask your manager or team leader;

– Contact our Compliance and Ethics team: compliance@aretion.co.uk;

– Consult the relevant internal team (HR, Finance, Legal, Information Security);

– Seek independent legal advice if necessary.

We will not penalise anyone for raising a good-faith question about legal compliance. We expect and welcome such questions.

ANTI-BRIBERY AND ANTI-CORRUPTION

4.1 Zero-Tolerance Policy

ARETION & Company and its subsidiaries have a zero-tolerance policy on bribery and corruption. The UK Bribery Act 2010 makes bribery a serious crime. Non-compliance could result in criminal prosecution of individuals, corporate criminal liability, substantial fines, and loss of business.

We do not tolerate bribery in any form, whether offered by us, to us, or by anyone acting on our behalf.

4.2 What Is Bribery?

Bribery is the offer, promise, or giving of an advantage (financial or non-financial) with the intention of:

– Inducing someone to perform an improper function; or

– Rewarding them for having done so.

The advantage can be anything of value: money, gifts, hospitality, services, contracts, donations, opportunities, or preferential treatment.

The recipient can be a client, government official, healthcare regulator, procurement officer, supplier, or anyone else.

It does not matter whether:

– The advantage was actually given or accepted;

– The intended function was actually performed;

– You personally benefited or acted for ARETION;

– There was a formal agreement.

If the intention is to influence improperly, it is bribery.

4.3 Examples

Clearly prohibited:

– Offering cash or a cheque to a government health official to secure a contract.

– Promising a hospital board member a consulting contract in return for awarding us a tender.

– Donating to a hospital charity specifically to secure work from that hospital.

– Giving expensive gifts or hospitality to a procurement officer who influences contract decisions.

– Arranging a lucrative consulting job for a client official’s family member to secure business.

Acceptable:

– A modest gift (under £50) to a long-standing contact on a personal occasion (retirement), provided it is not linked to a pending business decision.

– Paying for a client representative’s conference attendance where multiple professionals are invited.

– A working business lunch to discuss a proposal, with reasonable costs and transparent billing.

– Providing educational materials or training to healthcare professionals (if offered transparently to all relevant professionals, not targeted at specific decision-makers).

If you are unsure, do not do it. Ask the Compliance and Ethics team: compliance@aretion.co.uk

4.4 Gifts and Hospitality

We may provide modest gifts or reasonable business hospitality, provided:

– The value is modest (typically under £50 per gift);

– It is not cash or a bank transfer;

– It is not connected to a pending business decision or contract;

– It is not given with expectation of obtaining a business benefit;

– It is transparent and recorded;

– It is not given to government officials without prior written approval;

– It is reasonable and proportionate (not lavish or unusual);

– It does not create a perception of impropriety.

All gifts given by ARETION & Company representatives are recorded in a Gifts Register maintained by local managers.

4.5 Dealings with Government Officials and Public Bodies

Government officials, healthcare regulators, commissioners, and public sector procurement officers are subject to heightened restrictions. We are particularly careful in dealing with public officials because:

– Public funds must be used responsibly;

– Public officials must be seen to be impartial;

– Bribery of public officials is taken especially seriously by law enforcement.

We do not offer gifts, hospitality, or favours to government officials unless:

– Prior written approval has been obtained from the Compliance and Ethics team;

– The gift or hospitality is genuinely modest and complies with this Code;

– It is transparent and recorded.

4.6 Facilitation Payments

A “facilitation payment” is a small payment offered to a government official to speed up a routine administrative action (e.g. to expedite a visa, permit, or application). Facilitation payments are prohibited under UK law and our policy. If anyone requests a facilitation payment, refuse and report it to us immediately at compliance@aretion.co.uk.

4.7 Third-Party Intermediaries

We work with agents, partners, suppliers, and subcontractors. We are responsible for their conduct. We ensure that:

– Intermediaries are properly vetted before engagement;

– Anti-bribery and corruption clauses are included in all contracts;

– Intermediaries are required to comply with this Code;

– We do not use intermediaries to conduct activities that would be unlawful if we performed them directly;

– We investigate and take action if we become aware of improper conduct.

4.8 If You Suspect Bribery or Corruption

If you suspect bribery, corruption, or an improper offer:

– Do not engage with the offer or make any payment;

– Do not discuss it unnecessarily with colleagues;

– Report immediately to your manager, HR, or the Compliance and Ethics team;

– Contact our external Whistleblowing Hotline (see Section 16);

– Keep records of what happened (dates, names, communications).

Reporting suspected bribery will not result in retaliation or disciplinary action against you, provided you report in good faith.

CONFLICTS OF INTEREST

5.1 Our Commitment

ARETION & Company is committed to identifying, disclosing, and managing conflicts of interest fairly and transparently. A conflict of interest arises where your personal or financial interests, relationships, or commitments could, or could be perceived to, influence your professional judgment or create a breach of duty to ARETION & Company or our clients.

Conflicts are common in professional life and are not necessarily prohibited. However, they must be disclosed and properly managed.

5.2 Types of Conflicts

Financial conflicts:

– Ownership of shares or financial interest in a client, competitor, or supplier;

– Receipt of personal payment, commission, or financial benefit from a third party connected to our work;

– Significant personal debt or financial distress;

– Financial interest in a company or technology that we recommend to clients;

– Investment portfolios that could be affected by advice we give;

– Loans or financial arrangements with colleagues or clients.

Relational conflicts:

– Family relationships (spouse, partner, parent, child, sibling) with clients, competitors, suppliers, or colleagues in senior positions;

– Close personal friendships or relationships that could influence professional judgment;

– Previous close working relationships with clients or their representatives;

– Mentoring or sponsorship relationships that could create bias.

Professional conflicts:

– Outside employment, consultancy, or business interests with clients or competitors;

– Board positions, trustee roles, or advisory positions with organisations that could conflict with ARETION’s interests;

– Simultaneous advice to competing clients on related matters;

– Research or publication interests that could be influenced by commercial relationships.

Reputational conflicts:

– Association with controversial organisations, individuals, or causes;

– Previous employment or relationships that could create a perception of bias;

– Public statements or affiliations that could undermine perceived objectivity.

5.3 Your Obligation to Disclose

You must disclose any actual or potential conflict of interest:

– At recruitment: During the hiring process, you will be asked about potential conflicts.

– Before joining a project: If you have or become aware of a conflict relevant to a new project or client, disclose it immediately.

– As soon as you become aware: If circumstances change and a new conflict arises during your employment, disclose it without delay.

– Upon request: If asked by your manager or Compliance team about potential conflicts, answer honestly and completely.

Disclosure is not admission of wrongdoing. Failure to disclose is a serious breach.

5.4 How We Manage Conflicts

Once a conflict is disclosed, we will assess it and take one or more of the following steps:

No action required: If the conflict is minimal or can be quickly resolved (e.g. a minor family connection with no influence on work), we may approve it with no further steps.

Managed arrangement: We may approve the conflict with agreed management steps, such as:

– Removing you from involvement in the matter or decision;

– Implementing information barriers (you do not see confidential information from competing clients);

– Obtaining informed written consent from affected clients;

– Having an independent colleague review or oversee your work;

– Regular monitoring and reassessment.

Divest or step down: We may ask you to:

– Sell a financial holding or investment;

– Resign from an outside board or advisory role;

– Terminate an outside business interest.

Unable to manage: In cases of serious, irreconcilable conflict, we may decide that the conflict cannot be appropriately managed and may:

– Reassign you to different work;

– Decline to take on work due to the conflict;

– In cases of serious misconduct (concealment of conflict), take disciplinary action.

5.5 Client and Commercial Conflicts

Healthcare consulting often involves situations where we advise multiple organisations in the same sector or with competing interests. This is acceptable provided we:

– Identify conflicts early;

– Obtain informed written consent from affected clients;

– Implement information barriers to protect confidential information;

– Are transparent about any financial interests in recommended solutions or technologies;

– Do not use confidential information from one client to benefit another.

5.6 Outside Employment and Activities

Before undertaking any outside employment, paid consultancy, business venture, board position, trustee role, or significant voluntary commitment, you must obtain written permission from your manager. Permission will normally be refused if the outside activity:

– Conflicts with your duties to ARETION;

– Involves a client, competitor, or supplier;

– Involves a government agency or regulator that we work with;

– Takes significant time or affects your performance at ARETION;

– Creates a reputational risk to ARETION;

– Involves advice or services similar to what ARETION provides.

5.7 Failure to Disclose

Failure to disclose a known or suspected conflict of interest is a serious breach of this Code and will result in disciplinary action, which may include dismissal.

5.8 Seeking Guidance

If you are unsure whether something is a conflict of interest:

– Ask your manager;

– Contact the Compliance and Ethics team: compliance@aretion.co.uk;

– Err on the side of disclosure (it is better to disclose and be told no action is needed than to conceal a conflict).

We will not penalise you for disclosing a conflict in good faith.

CONFIDENTIALITY, DATA PROTECTION, AND INFORMATION SECURITY

6.1 Why This Matters

ARETION & Company handles sensitive and confidential information:

– Patient data and health records;

– Client strategic and commercial information;

– Financial and operational data;

– Proprietary research and analysis;

– Employee personal information;

– Digital systems and security credentials.

We are committed to protecting this information. Breach of confidentiality, data protection, or information security could:

– Harm patients and individuals;

– Violate legal obligations (UK GDPR, Data Protection Act 2018);

– Result in regulatory enforcement action and fines;

– Damage client relationships and business;

– Undermine trust in our organisation;

– Expose individuals to identity theft or fraud.

Everyone is responsible for protecting confidential and personal information.

6.2 Patient Data and Health Records

Patient data is highly sensitive and is protected by data protection law. We handle patient data only:

– With appropriate lawful basis (typically consent, legal obligation, or legitimate interest);

– For defined, legitimate purposes;

– With proper security measures;

– For only as long as necessary.

We do not:

– Share patient data without consent unless legally required;

– Use patient data for purposes beyond those disclosed to the patient;

– Retain patient data longer than necessary;

– Sell or commercialise patient information;

– Share patient data with third parties without appropriate agreements.

If you have questions about patient data handling, contact the Compliance and Ethics team or our Data Protection Officer: dpo@aretion.co.uk

6.3 Client Confidential Information

Clients share strategic plans, financial information, operational data, and business strategies with us. This information is confidential and proprietary. We:

– Protect it from unauthorised access and disclosure;

– Use it only for the purpose for which it was shared;

– Do not disclose it to third parties without client permission;

– Return or securely destroy it when the engagement ends;

– Implement information barriers to prevent misuse between competing clients.

6.4 Information Security

We maintain information security measures to protect all information from:

– Unauthorised access;

– Theft or loss;

– Accidental or malicious damage;

– Cyber attack.

You must:

– Use strong passwords and multi-factor authentication;

– Not share your login credentials with anyone;

– Lock your computer when you leave your desk;

– Not access systems or data beyond what is necessary for your role;

– Report security incidents immediately;

– Follow guidance from our Information Security team;

– Not connect personal devices to ARETION systems without approval;

– Not download confidential information to personal devices without encryption and approval.

6.5 Data Protection and Privacy

ARETION & Company complies with UK GDPR and the Data Protection Act 2018. We have appointed a Data Protection Officer who oversees our compliance: dpo@aretion.co.uk

Your personal data rights:

– You have the right to access your personal data;

– You have the right to request correction of inaccurate data;

– You have the right to request deletion in certain circumstances;

– You have rights to restrict processing and object to certain uses;

– You have the right to data portability;

– You have the right not to be subject to automated decision-making.

To exercise these rights or to understand how your data is processed, contact our Data Protection Officer: dpo@aretion.co.uk

6.6 Social Media and Public Disclosure

You must not disclose confidential information on social media, in public forums, or in any public context without explicit permission. This includes:

– Patient information (even anonymised if identifiable);

– Client information;

– Internal discussions or debates;

– Unpublished research or analysis;

– Commercial strategies or relationships.

If you wish to publish or publicly discuss work you have done for ARETION, obtain permission from your manager and the Compliance team.

6.7 Whistleblowing and Public Interest Disclosure

While we prioritise confidentiality, we recognise that sometimes confidentiality must yield to public interest—particularly where there is evidence of illegal conduct, breaches of professional ethics, or serious harm to patients or the public.

If you have evidence of serious wrongdoing, you can report it through our Whistleblowing Procedure (see Section 16) even if it involves disclosure of confidential information. Public interest disclosures are protected by law, and we will not retaliate against you for making such a disclosure in good faith.

PROFESSIONAL CONDUCT WITH CLIENTS AND PROTECTION OF PATIENTS’ INTERESTS

7.1 Our Professional Duty

ARETION & Company and its subsidiaries exist to improve healthcare. Healthcare is a matter of life and death. Our professional conduct and the advice we give have real consequences for patients and communities.

We are committed to:

– Providing honest, competent, evidence-based advice;

– Prioritising patient safety and wellbeing;

– Being transparent about the limits of our expertise;

– Challenging advice or decisions that could harm patients;

– Respecting patient autonomy and informed consent;

– Operating with integrity even when it costs us business.

7.2 Competence and Scope of Practice

We only undertake work we are competent to deliver. We:

– Clearly describe our qualifications and experience;

– Do not accept work beyond our expertise without appropriate support or training;

– Acknowledge the limits of our knowledge and experience;

– Refer clients to other specialists when appropriate;

– Invest in continuous professional development;

– Maintain professional registration and credentials where required.

We do not:

– Overstate our experience or capabilities;

– Accept work we cannot complete competently;

– Present ourselves as having expertise we do not possess;

– Claim credentials we do not hold.

7.3 Honest and Objective Advice

Our value to clients lies in our objectivity and independence. We provide advice based on evidence and professional judgment, not on what clients want to hear or what is commercially convenient.

We:

– Conduct rigorous analysis and research;

– Base recommendations on evidence and methodology;

– Challenge client assumptions when evidence contradicts them;

– Explain the reasoning behind our recommendations;

– Disclose material limitations or uncertainties;

– Do not allow conflicts of interest or financial incentives to bias our advice.

We do not:

– Tell clients what they want to hear;

– Adjust findings to match client preferences;

– Conceal contrary evidence;

– Allow financial arrangements to compromise objectivity;

– Recommend solutions that are not in client or patient interests.

7.4 Patient Safety and Wellbeing

In all healthcare advice and recommendations, patient safety and wellbeing are paramount. We:

– Evaluate recommendations against patient safety criteria;

– Do not recommend changes that could harm patients without clear clinical justification;

– Challenge proposals that would compromise patient access to care, equity, or dignity;

– Consider the needs of vulnerable populations;

– Raise concerns if we believe a client’s proposal could harm patients;

– Document our reasoning and concerns.

We will not recommend actions we believe could harm patients, regardless of client pressure or financial incentive.

7.5 Informed Consent and Transparency

We work transparently with clients. We:

– Clearly explain what we will do and what deliverables will be provided;

– Disclose conflicts of interest;

– Explain our methodology and limitations;

– Obtain written consent before using client information in publications or case studies;

– Explain fees and costs upfront;

– Report progress and any issues that arise.

We do not:

– Conceal fees or unexpected costs;

– Use client information in publications without permission;

– Mislead clients about what will be delivered;

– Hide methodological limitations or conflicts.

7.6 Handling Client Disputes and Complaints

If a client has a concern or complaint about our work:

– We will take it seriously;

– We will respond promptly and transparently;

– We will investigate the concern fairly;

– We will take appropriate action to address legitimate concerns;

– We will not retaliate against clients who raise concerns.

Clients who wish to make a complaint can contact: complaints@aretion.co.uk

FAIR TREATMENT, DIVERSITY, EQUITY, INCLUSION, AND ANTI-HARASSMENT

8.1 Our Commitment

ARETION & Company is committed to creating a workplace and providing services that are fair, respectful, inclusive, and free from discrimination and harassment. We value diversity and believe that diverse teams deliver better outcomes.

We are committed to:

– Equal opportunity in recruitment, promotion, and career development;

– Fair pay and reward;

– Respectful treatment of all people regardless of background;

– Creating an environment where everyone can thrive;

– Addressing discrimination, harassment, and bullying;

– Supporting flexible working and work-life balance;

– Reasonable adjustments for people with disabilities.

8.2 Equality and Non-Discrimination

We comply with the Equality Act 2010 and do not discriminate on the basis of:

– Age;

– Disability;

– Gender reassignment;

– Marriage or civil partnership status;

– Pregnancy or maternity;

– Race or ethnicity;

– Religion or belief;

– Sex or gender;

– Sexual orientation;

– Trade union membership.

Discrimination includes:

– Direct discrimination (treating someone less favourably because of a protected characteristic);

– Indirect discrimination (applying a provision, criterion, or practice that disadvantages people with a protected characteristic);

– Harassment (unwanted conduct that violates dignity or creates an intimidating, hostile, offensive environment);

– Victimisation (treating someone unfairly because they have made a complaint or supported someone else’s complaint);

– Failure to make reasonable adjustments for people with disabilities.

We do not tolerate discrimination or harassment in any form.

8.3 Harassment and Bullying

Harassment is unwanted conduct related to a protected characteristic that violates dignity or creates an intimidating, hostile, offensive, or degrading environment. Bullying is persistent, offensive, abusive, intimidating, or insulting behaviour.

We do not tolerate:

– Sexual harassment or unwanted sexual conduct;

– Harassment based on race, ethnicity, religion, disability, or any protected characteristic;

– Bullying or aggressive behaviour;

– Intimidation or threats;

– Exclusion or isolation;

– Spreading rumours or gossip;

– Unwanted physical contact.

If you experience or witness harassment or bullying, report it immediately.

8.4 Inclusive Workplace

We strive to create an inclusive workplace where everyone feels valued and can contribute. We:

– Use inclusive language that respects gender identity, disability, and cultural differences;

– Provide reasonable adjustments for people with disabilities;

– Offer flexible working arrangements where possible;

– Support career development for all employees;

– Ensure decision-making processes are fair and transparent;

– Listen to employee feedback and act on concerns;

– Celebrate diversity in our team and client base.

8.5 Diversity and Health Equity

Healthcare is not equally accessible or outcomes equally good for all populations. We recognise health inequalities based on ethnicity, socioeconomic status, geography, disability, and other factors. We are committed to:

– Understanding and addressing health inequalities in our work;

– Considering equity implications of our advice and recommendations;

– Ensuring our teams have diverse perspectives to identify blind spots;

– Working with communities affected by health inequalities;

– Advocating for equitable healthcare access and outcomes;

– Monitoring and reporting on diversity within our organisation.

8.6 Reporting Discrimination or Harassment

If you experience or witness discrimination or harassment:

– Report it to your manager or HR department;

– Use our Whistleblowing Procedure (see Section 16) if you are uncomfortable reporting to your manager;

– Contact our external Whistleblowing Hotline;

– Document what happened (dates, names, witnesses, communications).

We will investigate all reports confidentially and will not tolerate retaliation against anyone who reports concerns in good faith.

HUMAN RIGHTS, MODERN SLAVERY, AND RESPONSIBLE SUPPLY CHAIN

9.1 Our Commitment

ARETION & Company respects human rights and is committed to operating ethically and responsibly throughout our supply chain. We comply with the Modern Slavery Act 2015 and all applicable human rights laws.

We are committed to:

– Ensuring our operations respect human rights;

– Preventing forced labour, child labour, and exploitation;

– Ensuring fair wages and working conditions;

– Respecting freedom of association and collective bargaining;

– Responsibly sourcing goods and services;

– Working with suppliers who share our values.

9.2 Modern Slavery

Modern slavery includes:

– Forced labour (work performed under threat, coercion, or debt bondage);

– Human trafficking (movement of people for exploitation);

– Child labour (employing children below legal minimum age or in dangerous work);

– Servitude (being held in a state of servitude or forced service);

– Debt bondage (obligation to work to pay off a debt);

– Exploitation of migrant workers.

ARETION & Company has a zero-tolerance policy on modern slavery. We do not:

– Employ or contract with anyone involved in forced labour, trafficking, or child labour;

– Knowingly work with suppliers who engage in these practices;

– Use recruitment practices that are exploitative or involve deception;

– Withhold wages or documents to control workers.

9.3 Our Supply Chain

We work with suppliers for services including:

– IT and technology services;

– Facilities and office management;

– Professional services and consultancy;

– Publications and printing;

– Recruitment and staffing;

– Travel and logistics.

We ensure that:

– Suppliers are vetted for human rights and labour practice concerns;

– Modern slavery clauses are included in all supplier contracts;

– Suppliers are required to comply with applicable labour laws;

– We conduct due diligence on higher-risk suppliers;

– We investigate and take action if we become aware of concerning practices.

9.4 Working Conditions and Fair Wages

We are committed to fair working conditions across our supply chain:

– Fair wages that meet or exceed local legal minimums;

– Safe and healthy working conditions;

– Reasonable working hours and rest periods;

– Freedom from harassment and discrimination;

– Right to join unions or worker organisations;

– No requirement to work in dangerous conditions without proper protection.

9.5 Reporting Concerns

If you suspect modern slavery, exploitation, or unfair labour practices in our supply chain or operations:

– Report to your manager or HR;

– Contact the Compliance and Ethics team: compliance@aretion.co.uk;

– Use our Whistleblowing Procedure (see Section 16);

– Contact our external Whistleblowing Hotline.

We will investigate all reports confidentially and will not tolerate retaliation.

9.6 Transparency and Accountability

We report annually on our modern slavery and human rights compliance. Our Modern Slavery Statement is available publicly and describes:

– Our operations and supply chain;

– Risks we have identified;

– Steps we have taken to address risks;

– Effectiveness of our measures;

– Future commitments.

HEALTH, SAFETY, AND WELLBEING AT WORK

10.1 Our Commitment

ARETION & Company is committed to providing a safe, healthy, and supportive workplace. We comply with the Health and Safety at Work etc. Act 1974 and all relevant health and safety regulations.

We are committed to:

– Identifying and controlling workplace hazards;

– Preventing accidents and work-related ill health;

– Providing safe equipment, systems, and processes;

– Supporting mental health and wellbeing;

– Creating a culture where safety is everyone’s responsibility;

– Involving employees in health and safety decisions.

10.2 Individual Responsibilities

Every employee is responsible for health and safety:

– Take care of your own health and safety;

– Take care not to harm others;

– Report hazards, incidents, and near-misses immediately;

– Use safety equipment and follow procedures;

– Participate in training and risk assessments;

– Raise concerns if you believe something is unsafe;

– Do not work under the influence of drugs or alcohol;

– Report injuries and illnesses promptly.

10.3 Workplace Hazards

We identify and control hazards including:

– Physical hazards (equipment, facilities, manual handling);

– Chemical hazards (cleaning materials, office chemicals);

– Biological hazards (bloodborne pathogens where relevant);

– Psychological hazards (stress, bullying, overwork);

– Ergonomic hazards (poor workstation setup, repetitive strain);

– Infection control (particularly relevant post-COVID).

10.4 Mental Health and Wellbeing

We recognise that mental health is as important as physical health. We are committed to:

– Recognising signs of stress, anxiety, depression, and burnout;

– Supporting employees experiencing mental health challenges;

– Creating a culture where mental health can be discussed openly;

– Providing access to counselling and mental health support;

– Managing workload to prevent excessive stress;

– Supporting flexible working and time off when needed;

– Training managers to recognise and respond to mental health concerns.

If you are struggling with mental health, please reach out to:

– Your manager;

– HR department;

– Employee Assistance Programme (details provided upon joining);

– External support services (your GP, NHS services, charities).

10.5 Substance Abuse

ARETION & Company is committed to supporting employees with substance abuse issues while maintaining a safe workplace.

We:

– Do not tolerate working under the influence of drugs or alcohol;

– Offer confidential support and treatment for employees with substance abuse problems;

– Will not penalise employees who come forward seeking help;

– May take disciplinary action if substance abuse affects work performance or safety;

– Comply with drug and alcohol testing policies where required.

If you or a colleague are struggling with substance abuse, contact HR or the Employee Assistance Programme for confidential support.

10.6 Incident Reporting

All accidents, injuries, near-misses, and health and safety concerns must be reported immediately:

– Report to your manager;

– Report to the Health and Safety team;

– Seek medical attention if injured;

– Complete an incident report form;

– Cooperate with any investigation.

Do not be afraid to report near-misses or concerns—reporting helps us prevent future incidents.

10.7 Remote and Flexible Working

ARETION & Company supports flexible working where possible. Employees working remotely or flexibly are responsible for:

– Setting up a safe workstation (desk, chair, lighting);

– Taking regular breaks and managing workload;

– Maintaining security of company information and devices;

– Following video call etiquette and respecting others’ time;

– Staying connected with the team.

Managers are responsible for supporting remote workers and monitoring wellbeing.

USE OF COMPANY ASSETS, TECHNOLOGY, INTELLECTUAL PROPERTY, AND ACCEPTABLE USE

11.1 Company Assets

ARETION & Company provides employees with assets including:

– Computers, laptops, tablets, and mobile devices;

– Software licenses and digital tools;

– Office space and facilities;

– Research databases and information resources;

– Company vehicles (where applicable);

– Professional development budgets.

You must:

– Use company assets only for work purposes (or personal use as explicitly permitted);

– Look after equipment and report damage or loss;

– Return all assets when you leave employment;

– Not remove company property without permission;

– Not lend company equipment to others without approval.

11.2 Technology and Devices

Company-provided devices (computers, phones, tablets) are company property. We may:

– Monitor device security and compliance;

– Track location of devices (for security purposes);

– Access company files and communications on devices;

– Monitor internet use and email for compliance and security;

– Wipe devices remotely if lost or stolen.

You should have no expectation of privacy in company devices or accounts. If you have personal matters you want to keep private, use your personal devices and personal email.

You must:

– Use strong passwords and multi-factor authentication;

– Lock devices when you leave your desk;

– Not share login credentials;

– Not download unauthorised software;

– Not bypass security measures;

– Report lost or stolen devices immediately;

– Follow guidance from the IT and Information Security teams.

11.3 Email and Communications

Company email accounts and communication systems are for work purposes. We:

– Monitor email and messages for security, compliance, and legal reasons;

– Retain records of business communications;

– May access your email if you are unavailable or upon investigation of misconduct;

– Do not tolerate use of company email for harassment, discrimination, or illegal activity.

You should have no expectation of privacy in your work email account.

You must not:

– Send abusive, harassing, or discriminatory messages;

– Send defamatory or false information;

– Share confidential information inappropriately;

– Use email for personal business beyond reasonable use;

– Forward company information to personal email accounts without approval.

11.4 Internet Use

Company internet and networks are for work purposes. Incidental personal use (checking personal email, reading news) is permitted during breaks, provided it:

– Does not interfere with work;

– Is not excessive;

– Does not access illegal or inappropriate content.

We monitor internet use for security, compliance, and legal purposes. You should have no expectation of privacy.

You must not access:

– Pornographic or sexually explicit material;

– Illegal content;

– Gambling websites;

– Extremist or hate speech content;

– Sites that could compromise security or introduce malware.

11.5 Social Media

You are free to maintain personal social media accounts and to express personal views on social media. However:

– Do not disclose confidential company or client information;

– Do not represent yourself as speaking for ARETION unless authorised;

– Be aware that your posts could affect ARETION’s reputation;

– Do not engage in harassment, discrimination, or abusive behaviour;

– Follow applicable laws regarding data protection, defamation, and harassment.

If you are authorised to represent ARETION on social media, you must:

– Follow our social media guidelines;

– Disclose that you are speaking on behalf of ARETION;

– Comply with this Code and all applicable laws;

– Report concerns or complaints to your manager.

11.6 Intellectual Property

Work created for ARETION belongs to ARETION. This includes:

– Documents, reports, analysis, and recommendations created for clients;

– Research, data analysis, and methodology developed during employment;

– Software, code, and digital tools created for ARETION;

– Publications, articles, and educational materials created in your role;

– Inventions and patents developed using ARETION resources.

When you join ARETION, you will sign an intellectual property agreement confirming this.

Your personal intellectual property remains yours. Work created on your own time, with your own resources, and not related to ARETION’s business belongs to you.

11.7 External Publications and Speaking Engagements

If you wish to publish work or speak publicly about work you have done for ARETION:

– Obtain written permission from your manager;

– Obtain written permission from the Compliance team if the work involves client information;

– Do not disclose confidential information or client names without permission;

– Clearly attribute ideas and contributions;

– Disclose any conflicts of interest (e.g. financial interest in a product you are discussing).

We support publication and speaking to advance knowledge, but these must be done transparently and with proper permissions.

11.8 Personal Use of Company Resources

Limited personal use of company resources is permitted:

– Using office facilities for genuine emergencies;

– Making occasional personal phone calls;

– Sending occasional personal emails during breaks;

– Using the internet for reasonable personal purposes during breaks.

Excessive personal use is not permitted and may result in disciplinary action.

INSIDER INFORMATION, MARKET ABUSE, AND HANDLING SENSITIVE COMMERCIAL INFORMATION

12.1 Insider Information

Insider information is non-public information that, if disclosed to the public, would likely affect the price or value of securities (shares or bonds) of a company. If you have access to insider information about any listed company:

– Do not trade in that company’s securities;

– Do not disclose the information to others;

– Do not encourage others to trade on the basis of the information;

– Report any concerns to the Compliance team.

This applies even if ARETION is not the subject of the insider information.

12.2 Market Abuse

Market abuse includes:

– Insider trading (trading on the basis of inside information);

– Market manipulation (spreading false information to manipulate prices);

– Misuse of confidential information for personal gain.

Market abuse is illegal and can result in criminal prosecution, civil penalties, and imprisonment.

We do not tolerate market abuse.

12.3 Sensitive Commercial Information

ARETION and our clients hold sensitive commercial information including:

– Business plans and strategies;

– Financial data and performance;

– Pricing and cost information;

– Client lists and relationships;

– Technology platforms and methodologies;

– Tender bids and proposals;

– Merger and acquisition activity.

You must:

– Treat this information as confidential;

– Restrict access to those who need to know;

– Not disclose it to competitors or external parties without permission;

– Not use it for personal gain;

– Return or destroy it when you leave employment;

– Report unauthorised access or disclosure.

12.4 Tender and Procurement Process

When ARETION bids for work:

– All bids must be genuine and accurate;

– Do not disclose confidential pricing information to competitors;

– Do not share tender details with clients in ways that could disadvantage them or advantage competitors;

– Do not engage in bid-rigging or collusion;

– Follow all procurement process rules and timelines.

Breaches of tender integrity are serious and may result in disqualification from future contracts and legal liability.

RESEARCH ETHICS, DATA ANALYTICS, AND AI/ALGORITHMIC FAIRNESS

13.1 Research Ethics

ARETION & Company respects research ethics principles. All research involving human participants, patient data, or sensitive information must:

– Obtain ethical approval from a recognised ethics committee (where required);

– Obtain informed consent from participants (where required);

– Respect participant autonomy and right to withdraw;

– Minimise harm and maximise benefit;

– Respect confidentiality and privacy;

– Be transparent about funding and conflicts of interest;

– Comply with relevant research regulations (e.g. Research Governance Framework, MRC Guidance);

– Be registered on a public trial register (for clinical trials).

Research must not:

– Exploit vulnerable populations;

– Involve deception (except where ethically justified and approved);

– Put participants at unreasonable risk;

– Violate privacy or confidentiality.

13.2 Data Analytics and Analysis

When we analyse data for clients or research:

– Analysis must be rigorous, transparent, and reproducible;

– Methodology must be clearly described;

– Limitations must be disclosed;

– We do not manipulate data or findings to reach predetermined conclusions;

– We disclose uncertainties and confidence intervals;

– We do not present preliminary findings as definitive;

– We do not conceal results that contradict our hypothesis or client preferences.

13.3 Artificial Intelligence and Algorithmic Fairness

ARETION & Company recognises that artificial intelligence (AI) and algorithmic systems can embed bias and cause harm. We are committed to responsible AI.

When developing or recommending AI systems, we:

– Assess fairness implications across different population groups;

– Test for bias in training data and algorithmic outputs;

– Do not recommend AI systems that discriminate against protected groups;

– Ensure systems are transparent and explainable (where possible);

– Consider privacy implications and data protection requirements;

– Obtain informed consent for use of personal data in AI systems;

– Monitor performance over time and adjust if bias emerges;

– Disclose limitations and uncertainties;

– Do not make irreversible decisions based solely on algorithmic recommendations without human review.

13.4 Data Minimisation and Purpose Limitation

When collecting or using data:

– Collect only data necessary for the stated purpose;

– Do not retain data longer than necessary;

– Do not use data for purposes beyond those disclosed to the data subject;

– Implement data protection by design;

– Minimise the collection of sensitive data (race, ethnicity, sexuality, health);

– Ensure technical and organisational security measures.

13.5 Transparency and Explainability

We are committed to transparency in our analysis and recommendations:

– Explain how we reached conclusions;

– Disclose methodological choices and limitations;

– Make data and code available for scrutiny (where possible and permitted);

– Disclose conflicts of interest that could affect analysis;

– Explain the limitations of what can be concluded from data.

ENVIRONMENTAL AND SOCIAL RESPONSIBILITY

14.1 Environmental Commitment

ARETION & Company is committed to minimising environmental impact and supporting the transition to a sustainable economy. Healthcare systems must operate sustainably to serve future generations.

We are committed to:

– Reducing carbon emissions from our operations;

– Minimising waste and promoting recycling;

– Using sustainable procurement practices;

– Supporting clients in building environmentally sustainable health systems;

– Complying with environmental laws and regulations;

– Measuring and reporting on environmental performance;

– Investing in renewable energy and low-carbon technologies.

14.2 Carbon and Emissions

– Switching off equipment when not in use;

– Printing only when necessary and double-sided;

– Recycling paper, plastics, and other materials;

– Using reusable cups and containers;

– Reporting energy waste or equipment problems.

14.3 Sustainable Procurement

When ARETION & Company procures goods and services, we:

– Consider environmental impact (carbon footprint, waste, resource use);

– Prefer suppliers with strong environmental credentials;

– Source materials sustainably (e.g. recycled, certified sustainable);

– Minimise packaging and single-use plastics;

– Support local suppliers where possible to reduce transport emissions;

– Include environmental clauses in supplier contracts;

– Monitor supplier compliance with environmental standards.

14.4 Sustainable Healthcare

Healthcare systems consume significant resources and generate emissions. We support clients in:

– Reducing carbon emissions from healthcare facilities;

– Minimising waste and promoting circular economy principles;

– Optimising energy and resource use;

– Reducing unnecessary procedures and medication;

– Building resilience to climate change impacts;

– Addressing health inequalities related to environmental degradation;

– Supporting sustainable workforce planning and development.

14.5 Social Responsibility

ARETION & Company operates responsibly within society. We:

– Comply with all applicable laws and regulations;

– Pay fair taxes in all jurisdictions where we operate;

– Contribute to communities where we work;

– Support charitable and community initiatives;

– Promote public health and wellbeing;

– Advocate for evidence-based healthcare policy;

– Challenge health inequalities and injustice;

– Support local employment and skills development.

14.6 Community Engagement

We engage with communities affected by our work and recommendations. We:

– Listen to community perspectives and concerns;

– Involve communities in decisions that affect them;

– Make information accessible and transparent;

– Support community health initiatives;

– Work with community organisations and representatives;

– Consider impact on vulnerable and disadvantaged groups;

– Report back on outcomes of our work.

14.7 Charitable Giving and Sponsorship

ARETION & Company supports charitable causes aligned with our values. Our charitable giving:

– Supports health improvement, healthcare access, and health equity;

– Supports medical research and education;

– Supports vulnerable populations and communities;

– Is transparent and publicly reported;

– Does not create conflicts of interest or influence our professional judgment.

Employees are encouraged to volunteer and support charitable causes on their own time.

RECORD-KEEPING, DOCUMENTATION, AND REPORTING ACCURACY

15.1 Accurate Records

ARETION & Company relies on accurate records for:

– Legal compliance and regulatory reporting;

– Client billing and financial management;

– Financial reporting and audit;

– Project management and delivery;

– Incident reporting and investigation;

– Personnel and employment records.

You must ensure that:

– All records you create or maintain are accurate and complete;

– Records are created promptly (not retrospectively);

– Records are legible and well-organised;

– Any errors are corrected promptly with clear audit trails;

– Records are retained according to our retention policy;

– Confidential records are securely stored and accessed;

– Records are not falsified, altered, or destroyed inappropriately.

15.2 Financial Records and Reporting

All financial records must be accurate and comply with accounting standards. This includes:

– Timesheets and expense claims;

– Invoicing and billing records;

– Project costs and budgets;

– Financial statements and reports;

– Tax records and compliance.

You must:

– Record time accurately on timesheets;

– Submit only legitimate business expenses;

– Provide receipts and documentation;

– Declare any conflicts of interest affecting financial decisions;

– Report financial irregularities or concerns.

15.3 Client Delivery and Project Records

Records of client work must:

– Accurately document what was agreed and what was delivered;

– Record decisions, recommendations, and reasoning;

– Maintain audit trails of changes and approvals;

– Document communications with clients;

– Record any issues, delays, or deviations from scope;

– Be organised and accessible.

Poor record-keeping can result in:

– Disputes with clients;

– Inability to demonstrate work was done correctly;

– Regulatory or legal problems;

– Disciplinary action.

15.4 Medical and Health Records

Where ARETION & Company handles medical or health records:

– Records must be accurate and timely;

– Records must be clearly documented and legible;

– Patient information must be clearly identifiable;

– Any corrections must be clearly marked;

– Confidentiality and security must be maintained;

– Records must be retained according to legal requirements (typically 10 years for adult records, longer for children).

15.5 Incident and Complaint Records

All incidents, complaints, and concerns must be documented:

– Record what happened, when, where, and who was involved;

– Record what actions were taken;

– Record outcomes and follow-up;

– Keep records confidential and secure;

– Do not alter or destroy records.

Good documentation of incidents protects both ARETION and individuals if disputes arise later.

15.6 Data Retention and Destruction

ARETION & Company has a data retention and destruction policy. We:

– Retain records only as long as necessary;

– Securely destroy records when no longer needed;

– Comply with legal retention requirements;

– Do not destroy records if involved in legal proceedings or investigation;

– Use secure methods of destruction (shredding, secure digital erasure).

Do not destroy records without authorisation or if you suspect they may be needed for legal or investigation purposes.

15.7 Record Access and Audit

ARETION & Company may:

– Audit records to ensure accuracy and compliance;

– Access records as part of investigations;

– Release records to regulators or law enforcement (with appropriate authority);

– Request records for quality assurance or improvement purposes.

Employees must cooperate with requests for records and audits.

SPEAKING UP, WHISTLEBLOWING, AND NON-RETALIATION

16.1 Our Commitment to Whistleblowing

ARETION & Company is committed to maintaining the highest ethical standards. We encourage and support employees, contractors, and partners to speak up about concerns without fear of retaliation.

We welcome concerns about:

– Illegal conduct (fraud, bribery, tax evasion, etc.);

– Breaches of this Code of Conduct;

– Breaches of professional ethics or standards;

– Health and safety risks or violations;

– Environmental violations;

– Discrimination, harassment, or bullying;

– Modern slavery or exploitation;

– Misuse of company assets or fraud;

– Data protection or privacy violations;

– Conflict of interest violations;

– Falsification of records or reporting;

– Any other conduct that violates law or ethics.

Speaking up is not disloyalty—it is essential to our integrity.

16.2 How to Raise a Concern

Internal channels (recommended first step):

Your manager: If you are comfortable doing so, raise the concern with your direct manager. They will listen and take appropriate action.

HR department: Contact HR if you prefer not to speak to your manager or if your manager is involved in the concern.

Compliance and Ethics team: Email compliance@aretion.co.uk with details of your concern. This team investigates concerns confidentially.

Senior leadership: Contact the Chief Executive or Chief Operating Officer if the concern involves senior management.

External channels:

External Whistleblowing Hotline: ARETION & Company has contracted with an independent external whistleblowing service. You can report concerns anonymously:

– Telephone: +44 20 3985 0907

The external hotline is staffed by independent professionals, not ARETION employees. Reports are confidential and can be anonymous.

Public Interest Disclosure: In some cases, you may disclose concerns to external bodies:

– Regulator: For healthcare, regulation, or patient safety concerns, contact the relevant regulator (e.g. NHS England, Care Quality Commission, Professional regulators).

– Law enforcement: For concerns about criminal conduct, contact the police or relevant authority.

– Legal advice: You may seek legal advice about whistleblowing protections.

16.3 What Information to Provide

When raising a concern, provide:

– Clear description of what you are concerned about;

– When and where it occurred (or is occurring);

– Who was involved (if known);

– Why you believe it is a concern (what law, policy, or ethic it breaches);

– Any evidence or documentation;

– Names of potential witnesses (if applicable).

You do not need to have definitive proof—a reasonable concern is sufficient.

16.4 Confidentiality and Anonymity

– We will treat your concern confidentially;

– We will not disclose your identity without your permission (except where required by law or for investigation purposes);

– You may report anonymously if you wish, though it may limit our ability to ask clarifying questions;

– Investigation findings will be shared with you (unless you report anonymously);

– Your cooperation in an investigation will be handled sensitively and confidentially.

16.5 Protection Against Retaliation

ARETION & Company prohibits retaliation against anyone who raises a concern in good faith.

Retaliation includes:

– Dismissal or disciplinary action;

– Demotion or loss of promotion;

– Harassment or bullying;

– Exclusion from meetings or information;

– Negative performance reviews;

– Removal from projects;

– Any adverse action taken because of the concern.

If you experience retaliation after reporting a concern, report it immediately as a separate concern.

We will investigate retaliation allegations seriously and take action against anyone who retaliates.

16.6 Legal Protections

Depending on the nature of your concern and how you report it, you may have legal protections under:

– Public Interest Disclosure Act 1998: Protects workers who disclose information about legal breaches, health and safety risks, or other serious concerns. You must have reasonable belief the concern is true, be acting in the public interest, and follow reasonable procedures.

– Professional regulators: Healthcare professionals can report concerns to their professional bodies (GMC, NMC, etc.) with legal protections.

– Specific legislation: Other sectors have specific whistleblowing protections (financial services, tax, etc.).

Seek independent legal advice if you are unsure about your protections.

16.7 Investigation Process

When you raise a concern, ARETION & Company will:

Acknowledge receipt: We will acknowledge your concern promptly (within 5 working days).

Assess the concern: We will determine if the concern requires investigation and what action is appropriate.

Investigate: We will conduct a fair, impartial investigation. This may involve:

– Interviewing relevant people;

– Reviewing documents and evidence;

– Consulting with specialists or external parties;

– Taking interim measures to protect people or assets if necessary.

Report findings: We will report findings to relevant people (the person about whom the concern was raised, relevant managers, HR, etc.) and to you (unless you requested anonymity).

Take action: If the concern is substantiated, we will take appropriate action:

– Disciplinary action against individuals;

– Changes to policies or procedures;

– Referral to external authorities (regulators, police);

– Remedial measures to address the harm.

Follow-up: We will follow up to ensure the concern has been properly addressed and there is no retaliation.

Investigations are confidential, but we may need to disclose information to those directly involved or to external authorities.

16.8 Vexatious or False Reports

While we welcome genuine concerns, false or vexatious reports (made maliciously or without reasonable belief) may result in disciplinary action.

However, we do not penalise good-faith reports even if they are ultimately found to be incorrect.

RESPONSIBILITIES OF MANAGERS AND LEADERS

17.1 Leadership Accountability

Managers and leaders at ARETION & Company are responsible for:

– Upholding and modeling the values in this Code;

– Creating a culture of ethical conduct;

– Ensuring their teams understand and comply with this Code;

– Identifying and managing conflicts of interest;

– Monitoring work quality and ethical standards;

– Supporting employee wellbeing and mental health;

– Responding to concerns and complaints fairly and promptly;

– Taking action against misconduct;

– Protecting whistleblowers from retaliation;

– Being transparent and accountable;

– Promoting diversity, inclusion, and fair treatment.

17.2 Setting the Tone

Leaders set the tone for ethical conduct. We expect leaders to:

– Demonstrate integrity in their own conduct;

– Make ethical decisions even when costly or difficult;

– Challenge unethical conduct by colleagues or clients;

– Be transparent about conflicts of interest;

– Listen to and act on employee concerns;

– Support people who raise concerns;

– Communicate the importance of compliance and ethics;

– Celebrate ethical conduct and good decision-making.

17.3 Managing Conflicts of Interest

Managers must:

– Ask team members about potential conflicts of interest;

– Disclose their own conflicts of interest;

– Implement appropriate management strategies for conflicts;

– Review conflicts regularly and adjust management as needed;

– Ensure conflicted individuals are not involved in inappropriate decisions;

– Document conflict of interest management.

17.4 Promoting Wellbeing

Managers are responsible for supporting the wellbeing of their teams:

– Monitor workload and stress levels;

– Encourage work-life balance and time off;

– Support flexible working where possible;

– Be alert to signs of mental health difficulties;

– Create a supportive environment where people feel safe raising concerns;

– Know how to signpost people to support services;

– Take action to address bullying or harassment;

– Promote diversity and inclusion.

17.5 Quality and Professional Standards

Managers must ensure that:

– Work is of high quality and completed competently;

– Staff are appropriately trained and developed;

– Professional standards are met;

– Client requirements are clearly understood and met;

– Issues and risks are identified and escalated appropriately;

– Records are accurate and complete;

– Ethical standards are maintained.

17.6 Responding to Concerns and Complaints

When a team member raises a concern or complaint, managers must:

– Take it seriously and listen respectfully;

– Not dismiss or minimise the concern;

– Explain what will happen next;

– Maintain confidentiality;

– Not retaliate or allow retaliation;

– Investigate fairly and promptly;

– Report findings and actions taken;

– Follow up to ensure the concern is resolved.

17.7 Disciplinary Responsibility

Managers are responsible for addressing misconduct by team members:

– Take prompt action if misconduct is suspected;

– Investigate fairly;

– Follow ARETION’s disciplinary procedures;

– Ensure proportionate action based on the seriousness of the misconduct;

– Document decisions and reasoning;

– Comply with employment law.

Failure to address known misconduct is itself a serious breach of responsibility.

MONITORING, ACCOUNTABILITY, AND CONSEQUENCES OF BREACHES

18.1 Monitoring and Compliance

ARETION & Company monitors compliance with this Code through:

– Regular audits and reviews;

– Training and awareness programs;

– Incident reporting and investigation;

– Anonymous surveys and feedback;

– Whistleblowing hotline;

– Performance management and appraisals;

– Audit trails and record review;

– Risk assessments;

– Regulatory inspections and audits.

All employees and contractors are subject to monitoring to ensure compliance.

18.2 Training and Awareness

We ensure all employees understand their obligations:

– New employees receive Code of Conduct training within their first month;

– All employees receive annual refresher training;

– Specific training is provided on high-risk areas (anti-bribery, data protection, conflicts of interest);

– Managers receive additional training on their compliance responsibilities;

– Specialist teams receive targeted training (healthcare professionals, researchers, etc.);

– Induction materials include this Code.

Completion of training is mandatory.

18.3 Consequences of Breaches

Breaches of this Code are taken seriously. Consequences depend on the nature, severity, and intent of the breach but may include:

Minor breaches:

– Verbal warning or counseling;

– Written warning;

– Training or education;

– Temporary suspension of privileges;

– Requirement to remediate or correct the breach.

Serious breaches:

– Formal written warning;

– Disciplinary suspension (with or without pay);

– Demotion or reallocation to different work;

– Requirement to divest financial interests or resign external positions;

– Dismissal without notice (in cases of gross misconduct);

– Referral to professional regulators;

– Referral to law enforcement;

– Civil liability or compensation claims.

18.4 Gross Misconduct

– Theft or fraud;

– Deliberate falsification of records or reports;

– Bribery or corruption;

– Serious breach of confidentiality or data protection;

– Gross negligence that causes serious harm;

– Serious misconduct involving violence, aggression, or threats;

– Sexual harassment or assault;

– Serious discrimination or bullying;

– Working under the influence of drugs or alcohol;

– Serious breach of health and safety;

– Deliberate concealment of a serious conflict of interest;

– Serious breach of professional ethics;

– Modern slavery or exploitation;

– Retaliation against a whistleblower;

– Serious dishonesty or deception;

– Any conduct that seriously breaches trust or brings ARETION into serious disrepute.

Gross misconduct may also result in referral to professional regulators, law enforcement, or other authorities.

18.5 Disciplinary Procedure

ARETION & Company follows fair disciplinary procedures:

Investigation: We investigate allegations promptly and thoroughly before taking action.

Notice: We provide written notice of the allegation and the evidence against you.

Right to respond: You have the right to respond to allegations and provide your account.

Right to representation: You have the right to be accompanied by a companion (colleague or union representative) at disciplinary meetings.

Impartiality: Disciplinary decisions are made by someone not involved in the investigation or incident.

Proportionality: Disciplinary action is proportionate to the seriousness of the breach.

Right to appeal: You have the right to appeal a disciplinary decision.

We follow employment law and best practice in all disciplinary matters.

18.6 Referral to External Authorities

ARETION & Company will refer matters to external authorities (regulators, law enforcement, professional bodies) where:

– A criminal offence is suspected;

– Regulatory breaches are identified;

– Professional standards are seriously breached;

– The public or patients are at risk;

– It is a legal requirement;

– We are required to do so by court order or authority.

We do not shield employees from legal consequences for misconduct.

18.7 Remediation and Recovery

Where a breach causes harm, ARETION & Company will:

– Take steps to remedy the harm;

– Compensate affected individuals where appropriate;

– Restore confidential information that has been breached;

– Implement measures to prevent recurrence;

– Review and improve policies and procedures;

– Provide support to affected individuals.

18.8 Accountability of Leadership

Senior leaders and managers are held to the highest standards of accountability. Breaches by leaders may result in:

– More serious disciplinary action than would apply to junior staff;

– Loss of position or responsibility;

– Requirement to step down from leadership role;

– Dismissal;

– Referral to professional regulators or law enforcement.

Leaders who fail to address known misconduct by their teams are themselves in breach of this Code.

CHANGES TO THIS CODE AND QUESTIONS

19.1 Regular Review

ARETION & Company reviews this Code regularly to ensure it remains current and relevant. We may update this Code:

– To reflect changes in law or regulation;

– To address emerging risks or ethical issues;

– To respond to feedback from employees and stakeholders;

– To reflect changes to ARETION’s business or values;

– To improve clarity and guidance.

All employees will be notified of significant changes, and new versions will be provided.

19.2 Questions and Guidance

If you have questions about this Code or are unsure how it applies to a specific situation:

– Ask your manager;

– Contact HR;

– Contact the Compliance and Ethics team: compliance@aretion.co.uk;

– Call the whistleblowing hotline for anonymous guidance.

We are happy to provide guidance and will not penalise you for asking questions in good faith.

19.3 Acknowledgment

All employees are required to:

– Read and understand this Code;

– Acknowledge receipt and agreement to comply;

– Complete training on the Code;

– Comply with the Code in their work and conduct.

Failure to comply with this Code is a breach of your employment contract and may result in disciplinary action.

This Code of Conduct sets out the ethical principles and standards expected of everyone who works for or represents ARETION & Company. It is not an exhaustive statement of all policies and procedures—other policies and procedures apply to specific areas. In case of conflict between this Code and other policies, the most specific policy applies. In case of ambiguity, seek clarification from the Compliance and Ethics team.

Last updated: 10 Feb 2026

Next review date: 10 Feb 2027

Anti-Bribery and Anti-Corruption Policy

ARETION & Company and its Subsidiaries

Last updated: 14 Feb 2026

Policy Statement

ARETION & Company and its subsidiaries have zero tolerance for bribery and corruption in any form. We are committed to conducting business ethically, transparently, and in full compliance with all applicable anti-bribery and anti-corruption laws, including:

United Kingdom:

Bribery Act 2010
Proceeds of Crime Act 2002

Gulf Countries:

Saudi Arabia: Anti-Bribery Law (Royal Decree No. M/36 of 1412H), Penal Code for Crimes of Discretion
United Arab Emirates: Federal Decree-Law No. 20 of 2016 on Anti-Money Laundering and Combating the Financing of Terrorism and Illegal Organisations, Federal Penal Code
Qatar: Law No. 11 of 2004 (Anti-Corruption and Illicit Gain Law)
Kuwait: Law No. 1 of 1993 (Protection of Public Funds), Penal Code

This policy applies to all employees, officers, directors, contractors, consultants, agents, partners, and anyone acting on behalf of ARETION & Company in all jurisdictions where we operate.

What is Bribery and Corruption?

2.1 Bribery

Bribery is the offer, promise, giving, requesting, or acceptance of any advantage (financial or non-financial) with the intention of:

Inducing someone to perform an improper function or activity; or
Rewarding them for having done so; or
Influencing them to act improperly in their position of trust.

2.2 Forms of Advantage

An advantage can include:

Cash payments or loans
Gifts (tangible items of value)
Hospitality, entertainment, or travel
Employment opportunities or contracts
Donations or sponsorships
Preferential treatment or services
Sexual or other favours
Any other benefit or consideration

2.3 Corruption

Corruption includes the misuse of entrusted power or position for private gain, including bribery, embezzlement, fraud, extortion, abuse of discretion, and nepotism.

2.4 It Does Not Matter If:

The advantage was actually given or accepted
The intended function was actually performed
You personally benefited or acted for ARETION
There was a formal agreement
The bribe was successful
The conduct occurred in a country where such practices are considered “normal”

If the intention is to influence improperly, it is bribery.

Prohibited Conduct

ARETION & Company strictly prohibits:

3.1 Offering or Giving Bribes

Offering, promising, or giving anything of value to improperly influence a business decision
Making payments to secure contracts, licenses, permits, or favourable treatment
Providing gifts or hospitality to influence decision-makers

3.2 Receiving or Soliciting Bribes

Requesting, accepting, or agreeing to accept anything of value in exchange for improper performance of duties
Using position or influence for personal gain or to benefit third parties improperly

3.3 Using Third Parties for Bribery

Using agents, intermediaries, consultants, partners, or subcontractors to offer or pay bribes on our behalf
Turning a blind eye to suspicious conduct by third parties

3.4 Facilitation Payments

Facilitation payments (small payments to government officials to expedite routine administrative actions such as visas, permits, or licenses) are strictly prohibited under UK law and this policy.

If anyone requests a facilitation payment, you must:

Politely refuse
Report the request immediately to compliance@aretion.co.uk
Document the incident

Gifts and Hospitality

4.1 General Principles

Modest, reasonable gifts and hospitality may be appropriate in certain business contexts, provided they:

Are of modest value (typically under £50 GBP or equivalent)
Are not cash, cash equivalents, or loans
Are not connected to a pending business decision or contract
Are not given with expectation of obtaining a business advantage
Are transparent and properly recorded
Are reasonable and proportionate (not lavish or unusual)
Do not create a perception of impropriety
Comply with the recipient’s organization’s policies

4.2 Recording Requirements

All gifts and hospitality given or received with a value exceeding [£250] must be recorded in the Gifts and Hospitality Register maintained by local managers, including:

Date and description
Estimated value
Recipient or provider details
Business purpose and context
Approval (where required)

4.3 Unacceptable Gifts and Hospitality

The following are never acceptable:

Cash or cash equivalents (gift cards, vouchers)
Gifts or hospitality to influence a specific decision
Lavish or extravagant gifts or entertainment
Gifts or hospitality that violate the recipient’s policies
Anything that could reasonably be perceived as a bribe

Dealings with Government Officials and Public Bodies

Interactions with government officials, public sector employees, and representatives of state-owned enterprises require heightened care due to strict legal restrictions in the UK and Gulf countries.

5.1 Who is a Government Official?

Government officials include:

Employees of government departments, ministries, and agencies
Healthcare regulators and public health authorities
Public hospital and health system employees
Elected officials and political candidates
Employees of state-owned or state-controlled enterprises
Royal family members and their representatives (in Gulf countries)
Public procurement officers
Members of the judiciary and law enforcement

5.2 Requirements for Dealings with Government Officials

Before providing any gift, hospitality, donation, or other benefit to a government official, you must:

Obtain prior written approvalfrom the Compliance and Ethics team (compliance@aretion.co.uk)
Ensure the benefit is modest, transparent, and complies with this policy
Record the interaction in the Gifts and Hospitality Register
Ensure compliance with the official’s organization’s policies and local law

5.3 Additional Considerations for Gulf Countries

In Saudi Arabia, UAE, Qatar, and Kuwait:

Bribery of public officials carries severe criminal penalties, including imprisonment and substantial fines
Gifts to government officials may be prohibited entirely or subject to very low value thresholds
Cultural norms around hospitality differ, but legal compliance always takes precedence
Transparency and documentation are critical

Charitable Donations and Sponsorships

6.1 Legitimate Support

ARETION supports legitimate charitable causes and community initiatives that align with our values, particularly in healthcare, education, and community development.

6.2 Prohibited Use

Donations and sponsorships must never be used to:

Improperly influence a business decision
Secure or retain contracts
Gain preferential treatment
Circumvent anti-bribery rules

6.3 Due Diligence and Approval

All charitable donations and sponsorships must:

Be to legitimate, verified charitable organizations
Have a clear charitable or community purpose
Be transparent and properly documented
Receive prior approval from senior management (donations above £250])
Be publicly disclosed where appropriate

Third-Party Intermediaries

7.1 Our Responsibility

We are responsible for the conduct of agents, consultants, distributors, subcontractors, joint venture partners, and other intermediaries acting on our behalf.

7.2 Due Diligence Requirements

Before engaging any third party that will interact with clients, government officials, or represent ARETION, we must:

Conduct proportionate due diligence on their background, reputation, and ownership
Assess corruption risk factors
Verify their qualifications and track record
Ensure they understand and agree to comply with this policy
Include anti-bribery and anti-corruption contractual clauses
Monitor their conduct throughout the relationship

7.3 Red Flags

We will not engage, or will terminate, third parties where:

They request unusual payment arrangements (cash, offshore accounts, third-party beneficiaries)
They have a reputation for improper conduct
They refuse to commit to anti-bribery compliance
They lack clear qualifications or business rationale for the engagement
They are closely connected to government officials without disclosure
Their fees are excessive or unexplained

Political Contributions and Activities

8.1 Corporate Political Contributions

ARETION does not make corporate political contributions (donations to political parties, candidates, or campaigns) without prior approval from the Board of Directors.

8.2 Personal Political Activities

Employees are free to participate in political activities in their personal capacity, provided:

They do so on their own time and at their own expense
They do not represent themselves as speaking for ARETION
They do not use company resources
Their activities do not create conflicts of interest or reputational risk for ARETION

Due Diligence, Risk Assessment, and Controls

9.1 Risk-Based Approach

We assess and manage bribery and corruption risks on a risk-based approach, considering:

Geographic risk (countries with higher corruption perception)
Sector risk (government contracting, healthcare, regulated industries)
Transaction risk (high-value contracts, use of intermediaries)
Partner risk (third-party relationships)

9.2 Enhanced Due Diligence

Higher-risk activities require enhanced due diligence, approval, and monitoring, including:

Use of agents or intermediaries in high-risk jurisdictions
Dealings with government officials and state-owned enterprises
Entry into new markets or partnerships
High-value contracts or complex transactions

Books, Records, and Financial Controls

10.1 Accurate Record-Keeping

All financial transactions, gifts, hospitality, donations, and dealings with third parties must be accurately and completely recorded in our books and records.

10.2 Prohibited Practices

We prohibit:

Falsifying or misrepresenting transactions
Creating “off-the-books” accounts or funds
Inadequate or misleading documentation
Payments without proper supporting documentation
Use of personal accounts for business transactions

10.3 Internal Controls

We maintain financial controls including:

Segregation of duties
Authorization and approval requirements
Regular audits and reviews
Expense and payment verification

Training and Awareness

All employees and relevant third parties receive:

Induction training on this policy upon joining ARETION
Annual refresher training on anti-bribery and anti-corruption
Targeted training for higher-risk roles (business development, procurement, government relations)
Updates on changes to policy or legal requirements

Training completion is mandatory and monitored.

Reporting Suspected Bribery or Corruption

12.1 Duty to Report

If you suspect, become aware of, or are offered a bribe, you must report it immediately.

12.2 How to Report

Report concerns to:

Your manager
Compliance and Ethics team: compliance@aretion.co.uk
HR department
External Whistleblowing Hotline (anonymous options available):

Telephone:+44 20 3985 0907

12.3 What to Report

Offers or requests for bribes or improper payments
Suspicious payments or financial arrangements
Pressure to act improperly
Concerns about third-party conduct
Facilitation payment requests
Gifts or hospitality that appear inappropriate
Any conduct that may violate this policy

12.4 Protection Against Retaliation

ARETION prohibits retaliation against anyone who reports concerns in good faith. Retaliation is a serious breach and will result in disciplinary action, including dismissal.

Investigation and Disciplinary Action

13.1 Investigation

All reports of suspected bribery or corruption will be investigated promptly, thoroughly, and confidentially.

13.2 Consequences of Breaches

Breaches of this policy are serious and may result in:

Disciplinary action, up to and including dismissal
Referral to law enforcement authorities
Criminal prosecution (imprisonment, fines)
Civil liability and damages
Debarment from public sector contracts
Reputational harm
Regulatory sanctions against ARETION

13.3 Cooperation with Authorities

ARETION will fully cooperate with law enforcement and regulatory investigations.

Governance and Oversight

14.1 Responsibilities

Board of Directors:Oversees anti-bribery and anti-corruption compliance and risk management
Senior Management:Ensures implementation, resourcing, and embedding of this policy
Compliance and Ethics Team:Provides guidance, training, monitoring, and investigation
All Employees:Comply with this policy and report concerns

14.2 Monitoring and Review

This policy is reviewed annually and updated as needed to reflect legal changes, emerging risks, and best practices.

Contact and Questions

For questions, guidance, or to report concerns:

Compliance and Ethics Team:
Email: compliance@aretion.co.uk

External Whistleblowing Hotline:
Telephone: +44 20 3985 0907

This Anti-Bribery and Anti-Corruption Policy reflects ARETION & Company’s commitment to conducting business with integrity, transparency, and in full compliance with UK and Gulf countries’ laws. Non-compliance will not be tolerated.

Privacy Notice

Last updated: 9 Feb 2026

Data controller

Company details:

Legal name: ARETION & Company
Registered office: 71-75 SHELTON STREET COVENT GARDEN, LONDON, WC2H 9JQ

Contact email: post@aretion.co.uk
Data Protection Officer (if appointed): dpo@aretion.co.uk

Who this notice applies to

This Privacy Notice applies to individuals who interact with us, including:

website visitors;
people who contact us with general enquiries, service enquiries, or partnership enquiries;
representatives of clients, partners, suppliers, and collaborators;
individuals who request or receive psychotherapy services (where offered);
job applicants (where we receive application materials directly).

How we collect personal data

We collect personal data:

directly from you(for example, when you email us or submit an enquiry);
automatically when you use our website(for example, through log files and similar technical records);
from your organisation(for example, where you are a representative of a client, partner, or supplier);
from third partieswhere appropriate (for example, professional advisers, or referees in recruitment), and only where permitted by law.

You are not required to provide personal data to us, but if you do not provide certain information, we may be unable to respond to your request or provide services.

Categories of personal data

Depending on how you interact with us, we may collect the following categories of personal data.

4.1 Enquiries and communications

name, email address, telephone number;
organisation and role (where relevant);
the content of your message and our correspondence with you, including attachments.

4.2 Service-related data

information needed to provide consulting services and manage engagements;
where you request or receive psychotherapy services, information you provide about your health and wellbeing.

4.3 Website technical and usage data

IP address;
date and time of access;
pages requested and referrer (where provided);
browser and operating system information (where provided).

4.4 Recruitment data (if applicable)

CV, cover letter, work and education history;
interview notes and assessment information;
right-to-work information (where required and provided).

Why we use personal data and our legal bases

We process personal data for the purposes below and using the legal bases set out here.

5.1 Providing and securing the website

Purpose:operate, maintain, troubleshoot, and secure the website; prevent and investigate misuse.
Legal basis:legitimate interests.

5.2 Enquiries and relationship management

Purpose:respond to enquiries; manage communications; progress and manage client, partner, and supplier relationships.
Legal basis:legitimate interests and/or steps prior to entering a contract or performance of a contract.

5.3 Service delivery

Purpose:provide consulting and related services; manage service delivery, administration, and quality assurance.
Legal basis:performance of a contract and/or legitimate interests.

5.4 Recruitment (where applicable)

Purpose:assess applications and manage recruitment; comply with applicable employment and legal requirements.
Legal basis:legitimate interests; steps prior to entering a contract; legal obligation (where applicable).

5.5 Legal compliance and protection of rights

Purpose:comply with legal requirements; establish, exercise, or defend legal claims; protect our rights and property.
Legal basis:legal obligation and/or legitimate interests.

Where we rely on legitimate interests, we consider necessity and proportionality and balance our interests against your rights.

Special category data

Where you request or receive psychotherapy services, we may process information that constitutes special category data (for example, health-related information).

We will process special category data only where a specific condition under UK GDPR applies, typically:

explicit consent; and/or
another applicable condition depending on the service model and safeguarding framework.

Where we rely on consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing carried out before withdrawal, but it may affect our ability to provide services.

Who we share personal data with

Personal data may be disclosed on a need-to-know basis to:

service providers supporting our IT, hosting, communications, security, and (where used) analytics, acting under contractual and confidentiality obligations;
professional advisers (including legal, audit, and insurance);
partners and collaborators where necessary for a specific engagement (subject to appropriate contractual protections);
public authorities and law enforcement where required by law, or where necessary for legal claims or investigations;
a successor entity in the event of a reorganisation, merger, sale, or transfer of assets (subject to appropriate protections).

We do not disclose personal data to third parties for unrelated purposes without a lawful basis.

International data transfers

transfers to locations recognised as providing an adequate level of protection; and/or
approved contractual protections (for example, the UK International Data Transfer Agreementor the UK Addendum), together with transfer risk assessment and supplementary measures where required.

Security

No system is completely secure. You should take care when sending information by email or over the internet.

Retention

Indicative retention periods (to be finalised to match ARETION’s operations):

website log data: kept for a short period for security and troubleshooting, then deleted or anonymised;
enquiries and correspondence: typically up to 12 months after closure, unless required longer for an ongoing relationship or dispute;
client/partner records: typically for the life of the relationship plus a further period appropriate for contractual, accounting, and legal purposes (often 6–7 years);
recruitment records: typically 6–12 months for unsuccessful candidates, unless longer retention is agreed or required by law;
psychotherapy-related information: retained only as necessary for service delivery and applicable legal/professional requirements.

Your rights and how to exercise them

Subject to conditions and exceptions under UK GDPR, you may have the right to:

request access to personal data we hold about you;
request rectification;
request erasure;
request restriction of processing;
object to processing (including where based on legitimate interests, and for direct marketing where applicable);
request data portability (where applicable);
withdraw consent where processing is based on consent.

How to exercise your rights: contact us using the details in Section 15. We may take reasonable steps to verify your identity before acting on certain requests.

Cookies and similar technologies

Our website may use cookies and similar technologies to support core functionality and improve user experience.

Where non-essential cookies or similar technologies are used (for example, analytics), we will seek consent where required under UK law and provide appropriate cookie information and choices.

You can also manage cookies through your browser settings. If you disable cookies, parts of the website may not function as intended.

Note: ARETION should confirm the cookies and tracking technologies actually used on aretion.org and ensure cookie controls and notices reflect those technologies.

Children

Updates to this notice

We may update this Privacy Notice from time to time. The latest version will be made available on our website and will be identified by the “Last updated” date.

Contact and complaints

Contact: post@aretion.co.uk. (please include “Privacy” in the subject line).

IT Solutions

IT SOLUTIONS

Integrated Digital Ecosystem for Smarter Hospital Operations

Our Solutions

DisasterMs

Specialized Chatbot

Predictive Models

Triage

EM:CC – Emergency Medicine Cluster Coverage

Tele-Intubation (Coming soon)

Tele Code Blue Kit (Coming soon)

Medical IoT (Coming soon)

Mission-Specific Protocol Designer (AI SaaS) (Coming soon)

Key Benefits