Barco is a company of more than 3,000 people working in offices and R&D/manufacturing facilities in 29 countries. To make it easy to find more information regarding compliance, privacy and security, we have brought them together in this Trust Center. 

Compliance 

What is Barco’s Code of Ethics?  Where do we stand on child labor and human rights? How do we promote a speak-up culture? What certificates cover our work? How does Barco comply with product green requirements? 

Privacy

What are our policies concerning privacy? How is GDPR applied? How can you contact us when you have a privacy question? 

Security 

How do we manage security in our various operations? How do we create secure products/services? 

Compliance

Barco puts great emphasis on building a company culture in which ethical conduct and compliance with the company’s policies and the applicable regulations are at the core of how we do business. 

Each site worldwide is assigned a local ‘legal & compliance responsible' in charge of overseeing compliance in the country where the site is situated.  Every year, the local legal & compliance responsible completes a risk & compliance assessment, an integral part of the company's compliance program.

Code of Ethics 

Message from the co-CEO's

Barco has deployed a structured, company-wide compliance program, based on our Code of Ethics, which outlines the basic principles of compliant and ethical behavior when dealing with colleagues, business partners, company assets, information, infrastructure, etc.  


Promoting a ‘speak up’ culture 

Barco wants to actively promote a genuine ‘speak up’ culture where ethical questions or dilemmas can be raised without fear of retaliation. Questions and/or concerns can also be communicated via the Ethics mailbox (ethics@barco.com).

 

Ethics helpline (whistleblower reports)

In line with the EU Whistleblowers’ directive, Barco has set up a whistleblower reporting tool through the assistance of an external service provider: ethics.barco.com. You, just like any supplier, contractor, customer, or even third party can use this tool to reach out to the company and (anonymously) report any violation or suspected violation of any applicable laws and regulations or the Code of Ethics. You will receive a confirmation of receipt of your report within 7 days. Within 3 months after the confirmation of receipt, you will receive feedback on your report. 

Barco's whistleblower channels procedure can be downloaded here.


Policies, statements and pledges

Barco does not tolerate any kind of child, forced or compulsory labor, either in its own manufacturing activities or those of its suppliers.  Barco’s statement concerning Modern Slavery and Human Trafficking can be found here.

Barco respects the internationally recognized human rights. Barco does not tolerate unacceptable worker treatment such as exploitation of children, physical punishment, abuse or involuntary servitude. Barco’s Human Rights pledge can be downloaded here.

Barco values the safety and health of its employees and its business partners, as well as the responsible use of the environment and natural resources. Barco’s Environment, Health, Safety and Security (EHS²) pledge aims at establishing a company policy and related management system. The EHS² pledge can be found here.

Barco strives to provide high quality products and services. Everyone involved in the research, development, manufacture and deployment of our products and services has a responsibility to ensure that design, assembly, testing, installation, and reparation meets the required professional and scientific standards. Barco’s Corporate Quality Policy can be downloaded here.

In accordance with the Norwegian Transparency Act the due diligence assessment report of Barco Fredrikstad AS, a controlled subsidiary of Barco NV, the ulitmate parent entity of the Barco group can be found here

Certificates

Barco complies to a full range of certificates for its various operations.  
www.barco.com/about/trust-center/certificates

 

Product Green Compliance

 
Barco’s responsible minerals sourcing statement

Barco aligns its Responsible Minerals Sourcing Policy with the “OECD Due Diligence Guidance for Responsible Chains of Minerals from Conflict-Affected and High-Risk Areas” (OECD Due Diligence Guidance).  Barco’s Responsible Minerals Sourcing statement  addresses the risks defined in Annex II of the OECD Due Diligence Guidance. In addition, Barco has indirectly obligations in various regions, including the United States of America and the European Union.

Barco has implemented measures to avoid the use of raw materials, sub-assemblies or suppliers, containing conflict minerals that directly or indirectly finance or benefit armed groups in Conflict-Affected and High-Risk Areas. 

To request information about conflict minerals or to report violations of Responsible Minerals Sourcing statement, please contact the Environmental Compliance Office at  green.compliance@barco.com

 

REACH

Barco is a supplier of “articles” as defined in REACH. The substances contained in Barco products are not intended to be released under normal or reasonably foreseeable conditions of use.

Barco has requested to all its suppliers to provide information about the chemicals in their products and parts. This has allowed us to provide our customers with reliable information about Substances of Very High Concern as required by Article 33 of REACH.

A list with all the SVHCs that may be present in our articles can be found here . For those articles where the substances are above 0.1% w/w, Barco has already provided information to its customers.

Barco is collaborating with its suppliers to phase out all SVHC present in a concentration >0.1% on homogeneous level from its products worldwide (in case suitable and reliable alternative solutions are available).

For more information about Barco environmental compliance, please contact the Environmental Compliance Office at green.compliance@barco.com

RoHS

As part of its commitment to worldwide environmental compliance, Barco has established an environmental management system which ensures full compliance with the requirements of the EU RoHS Directive 2011/65/EU on the restriction of the use of cadmium, hexavalent chromium, mercury, lead and certain halogenated flame retardants (PBBs and PBDEs) in electronic products.

For more information about Barco environmental compliance, please contact the Environmental Compliance Office at green.compliance@barco.com

 

WEEE recycling info for Barco customers and recyclers

For every product, we provide a user manual, which includes information for customers on how to handle the product at end-of-life stage, and a recycling passport, which offers recycling information to recyclers.

Under the Waste Electrical and Electronic Equipment (WEEE) Directive and implementing regulations, when customers buy new electrical and electronic equipment from Barco they are entitled to:

  • We allow our customers to turn in their used products free of charge to our recycling partners;
  • We demand that all our recycling partners are ISO 14001 certified and comply with legislation regarding the prohibition of e-waste export.

Instructions to both customers and recyclers/treatment facilities wishing to obtain disassembly information are provided by following the links below. 

Privacy

Barco prioritizes the protection and management of personal data in accordance with the General Data Protection Regulation (GDPR) and similar data privacy and data protection legislations outside the EU, e.g., the US HIPAA, the UK General Data Protection Regulation and the California Consumer Privacy Act. Our data protection officer (DPO) is in charge of managing our data protection compliance program, which is governed by several guidelines, instructions and templates. Our DPO is supported by a team of privacy liaison officers (the legal & compliance responsibles, security & privacy champions and regional knowledge owners) who oversee and ensure compliance with the GDPR and other data protection laws on a day-to-day basis at a local level.

Transparency

The issue of privacy becomes more important as systems become more complex. Barco not only values the privacy of its customers, visitors and users, it actively monitors the issue to ensure that our policies match the evolution of technology. Trust can’t grow without proactive transparency. Barco commits to providing clear and consistent information around who can access your data and for which purposes, regardless of the products you’re using or the content you’re visiting.

You can consult our privacy statements here:

International data transfers

As a company with a global customer base and operations, Barco must be able to transfer and access data around the world. We understand and respect the rules for onward transfers of personal data and offer customers a robust international data transfer framework as a part of our data processing agreement. Please contact our DPO office at dataprotection@barco.com to receive a copy of Barco’s data processing agreement. This agreement ensures that our customers can lawfully transfer personal data to Barco cloud products relying on the Standard Contractual Clauses. 

 

Your data and third parties

Whenever we share your data with Barco service providers, we remain accountable to you for how it is used by any of these organizations. We require all service providers to undergo a thorough diligence process and enter into contracts which ensure our customers' personal data receives adequate protection and safeguards.  The list of sub-processors per Barco cloud product is provided in Barco’s product privacy statement.

 

Privacy by design

Barco integrates privacy by design into our products. Barco has devoted significant resources towards ensuring that the Barco cloud products are designed in accordance with widely accepted standards and certifications. These standards mirror data privacy and data protection law requirements and give our customers a transparent framework by which to measure our software development and data management practices. To learn more about our information security management program please see the Security on our Trust Center.

 

Managing individual privacy rights

You have a number of rights with regard to your personal data, such as the right of access, the right to rectification of inaccurate personal data, the right to erasure or restriction of processing, the right to data portability and the right to object to the processing. Some of these rights have a very specific scope or are subject to special conditions or exceptions. Please contact our DPO for any questions or requests regarding the processing of your personal data (dataprotection@barco.com).

Security

Security Office

Barco’s leadership has a clear commitment to cybersecurity, which translates into a Security Organization that operates along three lines of defense. Barco’s Security Office, the second line of defense, drives Barco’s cybersecurity program by focusing on both corporate security and product security.  

Corporate security

Increasing security threats urge us to take all possible measures to keep our IT network, products and data - particularly personal data - secure from inadvertent transfers, leaks and cyberattacks. Moreover, legislative initiatives in this area have increased with the GDPR, the directive on security of network and information systems (NIS 2.0 Directive), both the EU Cybersecurity and Cyber resilience Act, MDR, HIPAA, among others.

Cybersecurity program

Barco’s Security Office activities driving the corporate cybersecurity program are led by the chief information security officer (CISO). At the core of this program is the corporate cybersecurity roadmap developed in line with Barco’s security objectives. To identify new and remaining security gaps, we regularly perform cybersecurity maturity assessments using the NIST Cybersecurity Framework (CSF). Our roadmap is continuously evolving due to ever-changing threats (e.g. ransomware attacks) and findings from internal and external security audits and security tests conducted using a risk-based approach. In addition, we take into account (potential) security incidents reported by Barco employees.

Information security management system

Barco’s information security management system (ISMS) complies with the ISO 27001 standard, covering policies, management involvement, business processes, technology, compliance with local laws, security awareness and security best practices. In collaboration with the data protection officer, we assess a growing number of high-risk third parties based on security and privacy requirements. In addition, we continuously monitor our key vendors’ external security activities. We are gradually working to contain all processes, locations and products within the scope of our ISMS and ISO/IEC 27001:2013 certification.
Barco’s ISO 27001, ISO/IEC 27017:2015 and ISO/IEC 27018:2019 certificates can be found at https://www.barco.com/en/about/trust-center/certificates

Integrated reports

More information on corporate security can be found in our yearly integrated report https://ir.barco.com/

Product security

Given the risk of cybersecurity attacks Barco has a clear commitment to deliver secure products and services. We see this also translated in the increased interest in product security from our customers. Deploying Barco’s digital products/services includes cybersecurity risks which need to be properly identified and addressed across their lifetime:

  • Exposing Barco’s intellectual property embedded in the product/service;
  • The product/service can be used as a pivot point to further penetrate the customer’s network;
  • Exposure of (personal) data processed by the product/service.

Barco’s Security Office activities driving the product security program are led by the chief product security officer (CPSO). At the core of this program is the product security roadmap developed in line with Barco’s security objectives, this roadmap focuses on following domains:

  • Continuous improvement of the secure development lifecycle to embrace the shift left principle with focus on people, processes and technology;
  • Focus on compliance to fully understand the impact of emerging industry and regional regulations related to security and privacy worldwide;
  • Focus on product security certifications and assessments;
  • Create transparency and assess the maturity of Barco’s products/services to define improvement strategy.
Security Whitepapers

For more security whitepapers concerning Barco products/services visit:

Security Advisories

Security advisories are published when issues have been reported and confirmed, with updates taking place in a timely manner.

  • List of advisories

 

Report a Security Vulnerability / Incident

As a global technology leader, Barco is committed to delivering secure solutions, products and services. We are constantly working on improving our security processes.

If you discover a vulnerability, we would like to know about it so we can take steps to address it as quickly as possible. We would like to ask you to help us better protect our products and our systems.

In the event that we identify a bug or other vulnerability in our product or system that could lead to a personal data breach within your environment, we will notify you as soon as possible in accordance with applicable laws and regulations.

We encourage all researchers and customers to adhere to the following guidelines: responsible disclosure.

 

Wall of fame

We’d like to publicly extend our thanks to the following people that alerted us to possible issues in our products or services. Their contributions are greatly appreciated.