Fiscal 2021 Universal Registration Document

In the area of nutrition for the health and wellness of consumers, Sodexo is committed to food safety and encouraging our guests to develop good eating habits and healthy lifestyles. With the help of our nutritionists, we create balanced, nourishing meals adapted to the lifestyles and the diversity of the tastes of our consumers around the world.

In the area of social, economic and environmental development in the cities, regions or countries where Sodexo is present, we focus on the following actions:

• supporting the fight against hunger through Stop Hunger a global network created 25 years ago;
• working with local and small businesses and contributing to local economies through the Partner Inclusion program which allows thousands of local businesses to integrate Sodexo’s value chain;
• promoting gender balance with a target of having at least 40% woman among Sodexo’s senior leaders by 2025 (during Fiscal 2020-2021 we reached 43% for this indicator and we are committed to ensuring that the Group maintains its lead on the subject of gender diversity and does not fall below 40%), and 100% of employees working within entities having genderbalanced management teams.

Sodexo is committed to respecting human rights wherever it does business. This commitment, with its core policies and procedures are based on international texts such as the Universal Declaration of Human Rights, the International Labour Organization’s Declaration of Fundamental Principles and Rights at Work; it is also based on the principles set forth in the OECD Guidelines for Multinational Enterprises and the United Nations’ Guiding Principles on Business and Human Rights.

Health, safety and environment policy

Sodexo’s ambition is to be the safest place to work for our employees. This ambition is reflected in our commitment to reach zero harm and a culture of care, for the people who work for us, for our clients, and for the consumers we serve every day.

Sodexo’s global Health, Safety and Environment policy describes the Company’s commitments, including working in partnership with our clients, consumers, suppliers and local communities, towards a zero harm culture where injuries and health issues are prevented and the environment is protected.

Information systems policies

The Group Information Systems and Technologies Department has defined three core objectives:

• provide a first-class experience to our customers and consumers as well as to our own employees by making the best use of available technologies;
• continuously improve Sodexo's performance through productivity gains, extensive data analysis, respecting obligations of compliance and strong relationships with our partners (solution and cloud providers, integrators);
• protect Sodexo's digital assets in a context where cyber risk is increasingly pervasive and complex.

To meet these three core objectives, the Information Systems and Technologies Department has put in place numerous procedures, notably in the following areas:

• Group Information Systems Governance;
• Information and Systems Security;
• Mobile Terminal Allocation and Security;
• IS&T Capital Expenditure Programs;
• Third Party Security.

Data Protection policy

Sodexo’s Global Data Protection Policy describes how Sodexo entities collect, use, store, share, delete or otherwise process personal data and how data subjects can exercise their rights. This policy applies to the global organization of Sodexo entities when the European data protection law, namely, the General Data Protection Regulation (or “GDPR”) is applicable. This policy applies to the processing of personal data collected by Sodexo, directly or indirectly, from all individuals including, but not limited to Sodexo’s job applicants, our employees, clients, consumers, suppliers or subcontractors, our shareholders or any third parties (for further details of the compliance program relating to GDPR and other data protection laws, please refer to section 6.3.5).

Internal audit policy

Internal audit activities include reviewing and assessing the adequacy and effectiveness of governance, risk management and internal control systems and processes. This includes assessing:

• the reliability of financial and non-financial information;
• compliance with existing policies, procedures, laws and regulations;
• the methods used to safeguard assets;
• the effectiveness of governance, operations and the resources used.

The internal audit team is also responsible for alerting the Chairwoman of the Board of Directors, the Audit Committee and the Executive Committee to any material risks and informing them of the causes of identified weaknesses.

The internal audit team has defined several procedures, primarily covering the identification of internal audit priorities for the coming fiscal year, the planning and execution of internal audits, the drafting of Internal Audit Reports and the follow up of action plans to implement the team’s recommendations.

A series of internal audit performance indicators has been developed. These include such issues as the percentage of internal audit recommendations that have been implemented, the average time required to issue Internal Audit Reports, the annual audit plan completion rate, internal auditor rotation rates, the satisfaction rate among audited units