Governance
GOVERNANCE
Responsible Governance
To ensure long-term trust among our stakeholders, we act with transparency, integrity, and accountability and embed the two main focus topics of Supply chain due diligence and Cybersecurity into our Sustainability Strategy.
Focus Topic: Supply Chain Due Diligence
We uphold responsible sourcing and risk based due diligence to support an environmentally and socially responsible supply chain.
OUR KEY TARGET
We want to establish an Human Rights and Environmental auditing system and include audit results in purchasing decisions by 2027.
RESPONSIBLE SOURCING
Responsible sourcing means the secure and sustainable purchase of materials and services in order to ensure timely production and construction of wind turbines. We source products and services from numerous suppliers based in a wide range of countries and generate a significant share of value in our upstream production stages. Our Global Sourcing department ensures that the required products and services are sourced in the right quality, at the right time, and at the right cost.
STANDARDS FOR RESPONSIBLE INTERNATIONAL COLLABORATION
For us, it is vital to ensure that our own environmental and social standards are maintained throughout our supply chain. The Nordex Group Code of Conduct for Contractors and Suppliers as well as the Nordex Supplier Manual form the basis for this, and we expect our contractors and suppliers to comply with these standards for the entire duration of their business relationship with the Nordex Group. The Principles of the UN Global Compact on Human Rights, Labor, Environment, and Anti-Corruption provide fundamental guidance for our business activities. Our supplier due diligence covers all demands placed on our suppliers regarding finance, quality, compliance, human rights and environmental aspects along the supply chain. Upholding human rights is vitally important to us.
We strictly prohibit any kind of child labor, forced labor, modern slavery, discrimination, harassment or retaliation, and any kind of other unfair treatment of workers, as well as any further violation of human rights, as inter alia described in the German Supply Chain Act. We also actively promote equal opportunities for and equal treatment of employees, as well as full compliance with regulations on freedom of association and collective bargaining. We expect the same attitude and action from our business partners and suppliers along our entire supply chain.
BUSINESS ETHICS, COMPLIANCE AND INTEGRITY
Our company is committed to using resources in full awareness of our legal, social, environmental, and economic responsibilities. We treat all people we interact with a clear sense of social responsibility. We collaborate respectfully with our customers, suppliers, contractors and shareholders, as well as with local communities. All our business decisions and activities are based on our strict compliance with laws and regulations which are applicable in the countries where we do business as well as our strong company values.
Our principles and standards of good conduct are set out in several policies, in particular in our Code of Conduct for Employees and our Code of Conduct for Contractors and Suppliers.
REGULATORY COMPLIANCE AND PREVENTING CORRUPTION
The Nordex Group has zero tolerance for any form of corruption. Every employee is responsible for effectively preventing corruption, and we expect the same from our business partners. The Compliance Department uses the Code of Conduct, company policies, guidelines, risk assessments, individual advisories, and training to raise our employees’ risk awareness and enable them to prevent and detect potential corruption issues. We work continually to identify, evaluate, avoid or mitigate corruption risks at different stages in our value chain, core business processes and activities.
Nordex Group employees as well as our business partners’ employees can use the Whistleblower System “notify!” to submit and discuss any indications of compliance violation in connection with the Nordex Group’s business activities.
LEARN MORE
UPHOLDING HUMAN RIGHTS
Our business decisions and activities are subject to the demand to uphold human rights globally. This includes all of our investment commitments. We follow the principles for responsible business conduct, including the UN Global Compact, the OECD Guidelines for Multinational Enterprises, the UN Guiding Principles on Business and Human Rights (UNGPs), the ILO Conventions, and the UN Universal Declaration of Human Rights.
The Nordex Group has a Human Rights Policy in place, as well as a Diversity and Inclusion Policy. We commit to conducting our business in accordance with the above-mentioned ethical standards, our values and applicable laws. We strive to be open and fair in our dialogue with stakeholders and to communicate effectively with external parties.
Since 2024, we apply the German Supply Chain Due Diligence Act (GSCA) and address its protected legal positions.
Focus Topic: Cybersecurity
We ensure digital resilience by proactively managing cyber risks and safeguarding information security.
OUR KEY TARGET
We want to ensure that 100 % of Critical Security Incidents detected across all Nordex corporate and product systems globally are reported to Senior Management within 24 hours.
Cyber security is essential for safeguarding our operations, protecting our stakeholders, and ensuring the reliable delivery of renewable energy. We work to maintain secure digital environments across all regions and support a culture that prevents disruptions, protects data, and reinforces trust in the Nordex Group. To drive our approach, we operate an Information Security Management System (ISMS) that defines governance processes, risk controls, and responsibilities across all Nordex entities and partners with system access.
The system is aligned with internationally recognized standards, including ISO/IEC 27001, ISO 31000, ISO 27005, ISO 23001, and IEC 62443, and supports compliance with NIS2, GDPR, and sector-specific regulations. It provides the framework for how we manage risks, handle incidents with clarity and speed, and strengthen resilience across our information and operational technology environments. To further enhance robustness, we maintain clear processes for managing significant incidents and addressing critical risks as they arise.
Our continuity and recovery procedures are regularly tested to ensure that business critical assets remain operational in the event of a disruption. Audits, management reviews, and structured follow-up activities support consistent improvement and help us maintain compliance with legal requirements and internationally recognized certification standards across our global footprint.