Barco is a company of more than 3,000 people working in offices and R&D/manufacturing facilities in 29 countries. To make it easy to find more information regarding compliance, privacy and security, we have brought them together in this Trust Center.
What is Barco’s Code of Ethics? Where do we stand on child labor and human rights? How do we promote a speak-up culture? What certificates cover our work? How does Barco comply with product green requirements?
What are our policies concerning privacy? How is GDPR applied? How can you contact us when you have a privacy question?
How do we manage security in our various operations? How do we create secure products/services?
Barco puts great emphasis on building a company culture in which ethical conduct and compliance with the company’s policies and the applicable regulations are at the core of how we do business.
Each site worldwide is assigned a local ‘legal & compliance responsible' in charge of overseeing compliance in the country where the site is situated. Every year, the local legal & compliance responsible completes a risk & compliance assessment, an integral part of the company's compliance program.
Barco has deployed a structured, company-wide compliance program, based on our Code of Ethics, which outlines the basic principles of compliant and ethical behavior when dealing with colleagues, business partners, company assets, information, infrastructure, etc.
Barco wants to actively promote a genuine ‘speak up’ culture where ethical questions or dilemmas can be raised without fear of retaliation. Questions and/or concerns can also be communicated via the Ethics mailbox (ethics@barco.com).
In line with the EU Whistleblowers’ directive, Barco has set up a whistleblower reporting tool through the assistance of an external service provider: ethics.barco.com. You, just like any supplier, contractor, customer, or even third party can use this tool to reach out to the company and (anonymously) report any violation or suspected violation of any applicable laws and regulations or the Code of Ethics. You will receive a confirmation of receipt of your report within 7 days. Within 3 months after the confirmation of receipt, you will receive feedback on your report.
Barco's whistleblower channels procedure can be downloaded here.
The Italian translation of Barco's whistleblower procedure channels procedure can be downloaded here and the Dutch translation here.
Barco does not tolerate any kind of child, forced or compulsory labor, either in its own manufacturing activities or those of its suppliers. Barco’s statement concerning Modern Slavery and Human Trafficking can be found here.
Barco respects the internationally recognized human rights. Barco does not tolerate unacceptable worker treatment such as exploitation of children, physical punishment, abuse or involuntary servitude. Barco’s Human Rights pledge can be downloaded here.
Barco values the safety and health of its employees and its business partners, as well as the responsible use of the environment and natural resources. Barco’s Environment, Health, Safety and Security (EHS²) pledge aims at establishing a company policy and related management system. The EHS² pledge can be found here.
Barco strives to provide high quality products and services. Everyone involved in the research, development, manufacture and deployment of our products and services has a responsibility to ensure that design, assembly, testing, installation, and reparation meets the required professional and scientific standards. Barco’s Corporate Quality Policy can be downloaded here.
In accordance with the Norwegian Transparency Act the due diligence assessment report of Barco Fredrikstad AS, a controlled subsidiary of Barco NV, the ulitmate parent entity of the Barco group can be found here.
Any (i) sales of Barco products or supply of Barco services and (ii) any and all purchases by Barco from seller of goods and services shall be subject to following trade compliance conditions.
The buyer of Barco products and services, the seller of goods and services to Barco and Barco’s business partners are subject to and responsible for compliance with the export control and economic sanctions laws of the United States, the European Union and other applicable jurisdictions (collectively, “Applicable Trade Laws”).
General. Barco products and services may only be used, sold, leased, exported, imported, re-exported, or transferred in compliance with Applicable Trade Laws including, without limitation, export licensing requirements, end user, end-use and end-destination restrictions, prohibitions on dealings with sanctioned individuals and entities.
Goods and services supplied to Barco may include raw materials and/or components, software or technical data sourced or obtained by seller. Such items, sourced by seller or any party acting under its control, and incorporated by or for seller in the goods and services supplied to Barco may require specific government authorization (the “Export Restricted Items”). Seller shall ensure that any import, export, re-export or transfer (in-country), directly or indirectly, of an Export Restricted Item is authorized under Applicable Trade Laws. Seller confirms that it is not, and that none of the persons acting under seller’s control to supply the goods and services to Barco are allowing access to an Export Restricted Item so as to enable the manufacturing of a semiconductor or supercomputer in any territory restricted by the U.S. Export Administration Regulations (EAR) administered by the U.S. Department of Commerce (currently, the People’s Republic of China).
Embargoed and restricted destinations. Barco products and services may not be exported or re-exported to: Belarus, Cuba, Iran, North Korea, Russia, Sudan, the Syrian Arab Republic and the Crimea, Donetsk, Kherson, Luhansk and Zaporizhzhia regions of Ukraine without the required government export authorization.
Export for Military Use. Exports, re-exports, and transfers of Barco products and services to military (intelligence) end-users or for military (intelligence) end-uses may be prohibited or may require a license, according to the Applicable Trade Laws, including, without limitation, the U.S. Department of Commerce regulations and the European Union sanctions map.
Suspension/termination. Barco may immediately suspend or terminate any applicable agreements (including withholding of shipment and services) at its sole discretion and without liability on the part of Barco if Barco reasonably suspects that buyer of Barco products and services or Seller of goods and service may be in breach of any Applicable Trade Laws, or in the event that Applicable Trade Laws change in a manner that Barco, in its sole discretion, renders the continued support to be impossible, impractical or potentially impermissible.
Barco complies to a full range of certificates for its various operations.
www.barco.com/about/trust-center/certificates
Barco aligns its Responsible Minerals Sourcing Policy with the “OECD Due Diligence Guidance for Responsible Chains of Minerals from Conflict-Affected and High-Risk Areas” (OECD Due Diligence Guidance). Barco’s Responsible Minerals Sourcing statement addresses the risks defined in Annex II of the OECD Due Diligence Guidance. In addition, Barco has indirectly obligations in various regions, including the United States of America and the European Union.
Barco has implemented measures to avoid the use of raw materials, sub-assemblies or suppliers, containing conflict minerals that directly or indirectly finance or benefit armed groups in Conflict-Affected and High-Risk Areas.
To request information about conflict minerals or to report violations of Responsible Minerals Sourcing statement, please contact the Environmental Compliance Office at green.compliance@barco.com
Barco is a supplier of “articles” as defined in REACH. The substances contained in Barco products are not intended to be released under normal or reasonably foreseeable conditions of use.
Barco has requested to all its suppliers to provide information about the chemicals in their products and parts. This has allowed us to provide our customers with reliable information about Substances of Very High Concern as required by Article 33 of REACH.
A list with all the SVHCs that may be present in our articles can be found here . For those articles where the substances are above 0.1% w/w, Barco has already provided information to its customers.
Barco is collaborating with its suppliers to phase out all SVHC present in a concentration >0.1% on homogeneous level from its products worldwide (in case suitable and reliable alternative solutions are available).
For more information about Barco environmental compliance, please contact the Environmental Compliance Office at green.compliance@barco.com
As part of its commitment to worldwide environmental compliance, Barco has established an environmental management system which ensures full compliance with the requirements of the EU RoHS Directive 2011/65/EU on the restriction of the use of cadmium, hexavalent chromium, mercury, lead and certain halogenated flame retardants (PBBs and PBDEs) in electronic products.
For more information about Barco environmental compliance, please contact the Environmental Compliance Office at green.compliance@barco.com
For every product, we provide a user manual, which includes information for customers on how to handle the product at end-of-life stage, and a recycling passport, which offers recycling information to recyclers.
Under the Waste Electrical and Electronic Equipment (WEEE) Directive and implementing regulations, when customers buy new electrical and electronic equipment from Barco they are entitled to:
Instructions to both customers and recyclers/treatment facilities wishing to obtain disassembly information are provided by following the links below.
Barco prioritizes the protection and management of personal data in accordance with the General Data Protection Regulation (GDPR) and similar data privacy and data protection legislations outside the EU, e.g., the US HIPAA, the UK General Data Protection Regulation and the California Consumer Privacy Act. Our data protection officer (DPO) is in charge of managing our data protection compliance program, which is governed by several guidelines, instructions and templates. Our DPO is supported by a team of privacy liaison officers (the legal & compliance responsibles, security & privacy champions and regional knowledge owners) who oversee and ensure compliance with the GDPR and other data protection laws on a day-to-day basis at a local level.
The issue of privacy becomes more important as systems become more complex. Barco not only values the privacy of its customers, visitors and users, it actively monitors the issue to ensure that our policies match the evolution of technology. Trust can’t grow without proactive transparency. Barco commits to providing clear and consistent information around who can access your data and for which purposes, regardless of the products you’re using or the content you’re visiting.
You can consult our privacy statements here:
As a company with a global customer base and operations, Barco must be able to transfer and access data around the world. We understand and respect the rules for onward transfers of personal data and offer customers a robust international data transfer framework as a part of our data processing agreement. Please contact our DPO office at dataprotection@barco.com to receive a copy of Barco’s data processing agreement. This agreement ensures that our customers can lawfully transfer personal data to Barco cloud products relying on the Standard Contractual Clauses.
Whenever we share your data with Barco service providers, we remain accountable to you for how it is used by any of these organizations. We require all service providers to undergo a thorough diligence process and enter into contracts which ensure our customers' personal data receives adequate protection and safeguards. The list of sub-processors per Barco cloud product is provided in Barco’s product privacy statement.
Barco integrates privacy by design into our products. Barco has devoted significant resources towards ensuring that the Barco cloud products are designed in accordance with widely accepted standards and certifications. These standards mirror data privacy and data protection law requirements and give our customers a transparent framework by which to measure our software development and data management practices. To learn more about our information security management program please see the Security on our Trust Center.
You have a number of rights with regard to your personal data, such as the right of access, the right to rectification of inaccurate personal data, the right to erasure or restriction of processing, the right to data portability and the right to object to the processing. Some of these rights have a very specific scope or are subject to special conditions or exceptions. Please contact our DPO for any questions or requests regarding the processing of your personal data (dataprotection@barco.com).
Barco’s leadership has a clear commitment to cybersecurity, which translates into a Security Organization that operates along three lines of defense. Barco’s Security Office, the second line of defense, drives Barco’s cybersecurity program by focusing on both corporate security and product security.
Barco diligently ensures compliance with cybersecurity regulations and standards. This includes adhering to legislative initiatives such as the General Data Protection Regulation (GDPR), the Directive on Security of Network and Information Systems (NIS 2.0 Directive), the Cyber Resilience Act (CRA), and stricter medical device regulations (MDR, FDA). Additionally, Barco complies with the Health Insurance Portability and Accountability Act (HIPAA) and the Radio Equipment Directive (RED) Delegated Act, among others.
Focus area 1: Corporate security
Increasing security threats urge us to take relevant measures to keep our infrastructure, products and data - particularly personal data - secure from inadvertent transfers, leaks and cyberattacks.
Cybersecurity program
Barco’s Security Office activities driving the corporate cybersecurity program are led by the chief information security officer (CISO). At the core of this program is the corporate cybersecurity roadmap developed in line with Barco’s security objectives. To identify new and remaining security gaps, we regularly perform cybersecurity maturity assessments using the CyFun* framework (based on NIST Cybersecurity Framework (CSF)). Our roadmap is continuously evolving due to ever-changing threats (e.g. ransomware attacks) and findings from internal and external security audits and security tests conducted, using a risk-based approach. In addition, we take into account (potential) security incidents.
Information security management system
Barco’s information security management system (ISMS) complies with the ISO 27001:2022 standard, covering policies, management involvement, business processes, technology, compliance with local laws, security awareness and security best practices. In collaboration with the data protection officer, we assess a growing number of high-risk third parties based on security and privacy requirements. In addition, we continuously monitor our key vendors’ external security activities. We are working to contain all processes, locations and products within the scope of our ISMS and ISO/IEC 27001:2022 certification.
Barco’s cybersecurity certificates can be found at https://www.barco.com/en/about/trust-center/certificates
Integrated reports
More information on corporate security can be found in our annual integrated report on https://www.barco.com/en/about/investors/annual-report/
* CyFun framework
The CyberFundamentals Framework is a framework owned by the Centre for Cybersecurity Belgium (CCB), operating under the authority of the Prime Minister of Belgium.
The acronym “CyFun” stands for “CyberFundamentals Framework” and is a registered trademark owned by the CCB.
The CyFun Framework and the CyberFundamentals Conformity Assessment Scheme (CAS) are available on www.cyfun.be.
Focus area 2: Product security
Barco has a clear commitment to delivering secure products and services. We see this also translated into the increased interest in product security from our customers. Deploying Barco’s digital products/services includes cybersecurity risks which need to be properly identified and addressed across their lifetime:
Barco’s Security Office activities driving the product security program are led by the Head of Product Security. At the core of this program is the product security roadmap developed in line with Barco’s security objectives, this roadmap focuses on following domains:
Security Whitepapers
For more security whitepapers concerning Barco products/services visit:
Security Advisories
Security advisories are published when issues have been reported and confirmed, with updates taking place in a timely manner.
| Affected Product line | CVE Identifier |
| ClickShare | CVE-2024-53919 |
Report a Security Vulnerability / Incident
As a global technology leader, Barco is committed to delivering secure solutions, products and services. We are constantly working on improving our security processes.
If you discover a vulnerability, we would like to know about it so we can take steps to address it as quickly as possible. We would like to ask you to help us better protect our products and our systems.
In the event that we identify a bug or other vulnerability in our product or system that could lead to a personal data breach within your environment, we will notify you as soon as possible in accordance with applicable laws and regulations.
We encourage all researchers and customers to adhere to the following guidelines: responsible disclosure.
Wall of fame
We’d like to publicly extend our thanks to the following people that alerted us to possible issues in our products or services. Their contributions are greatly appreciated.
