Enterprise-grade compliance, by design
commercetools is built to support the world’s most complex businesses, and that starts with a foundation of integrity, security, and global compliance.
We align with the highest international standards and continuously invest in the infrastructure, certifications, and controls that enterprise customers expect. From GDPR to ISO to anti-corruption practices, our approach to compliance is proactive, rigorous, and built to scale.
Want to go deeper? Explore our documentation, incident reporting process, or Code of Conduct to learn how we meet your expectations and your regulators’.
Modern Slavery Statement
This statement is made by commercetools GmbH pursuant to Section 54 of the United Kingdom’s Modern Slavery Act 2015. It applies to commercetools GmbH, commercetools Limited UK, and commercetools AU Pty Ltd for the financial year ending 31 December 2024.
It outlines the steps commercetools has taken — and continues to take — to help prevent slavery and human trafficking across our operations and supply chains. We’re committed to ethical business practices and to building a global commerce ecosystem rooted in transparency, accountability, and respect for human rights.
Read NowIncident Reporting System
commercetools employees, business partners, and third parties can report suspected violations of law or company policy through our secure, external web-based Incident Reporting System. This includes concerns related to misconduct, safety, or security.
The system is designed to protect all involved — commercetools, impacted individuals, and anyone who reports a genuine concern — by prioritizing transparency, accountability, and protection from retaliation.
Frequently Asked Questions
How can I report an incident
You can report a concern through our secure web-based Incident Reporting System. This platform allows you to submit a report, upload supporting documents, and communicate with the assigned case handler. All reports are treated confidentially and managed through a secure, independent mailbox.
You may also report an incident via email, phone, or regular mail if you prefer another method of communication.
What can I report?
The system is for reporting suspected violations of law or policy, including concerns about corruption, anti-trust, breaches of confidentiality, and misconduct. You may also report threats to safety, security, or property. False or bad-faith use is prohibited.
Do I need to reveal my identity?
You’re encouraged to include your name and contact details to help clarify the facts. However, if you prefer, you may submit a report anonymously where permitted by law. If you do share your identity, it will be kept strictly confidential.
What information do I need to provide?
For an effective investigation, include clear, specific details:
- Who is involved or affected?
- What happened?
- When did it occur?
- Where did it take place?
How will reports be handled?
Your report is processed securely and confidentially. Our system is operated by WhistleB, an independent provider that ensures encryption, anonymity, and password protection throughout the reporting process.
How are individuals who report concerns protected?
We foster an environment where concerns can be raised without fear of retaliation. Identities and statements from good-faith reporters are kept confidential unless required otherwise by law. We enforce a strict zero-retaliation policy.
Privacy notice
In accordance with Article 13 of the EU General Data Protection Regulation (GDPR), you can download and review the data protection notice for the Incident Reporting System here.
Disclaimer
Please note: this is not an emergency service.
The Incident Reporting System is intended for serious, good-faith concerns and is not designed to handle general complaints.
For matters related to data protection under the EU General Data Protection Regulation (GDPR), please contact privacy@commercetools.com.