Compliance - fair play for eCommerce

To ensure ethical behaviour and compliance with the law in the commercetools group, we have developed and implemented a global compliance organisation. Our company is committed to our compliance principles and adheres to the law. Our actions are characterised by ethical decision-making, integrity and sustainability.

We strive to make eCommerce an ethical and honest experience. Therefore, we call on all our suppliers, service providers and business partners to follow the guidelines we set out in our Business Partner Code of Conduct!

Read Now
commercetools Features Business Tooling

Modern Slavery Statement

This statement is made by commercetools GmbH pursuant to Section 54 of the United Kingdom’s Modern Slavery Act 2015 and applies to commercetools GmbH, commercetools Limited UK, and commercetools AU Pty Ltd for the financial year ending 31 December 2022.

This statement details the actions commercetools has taken during the 2022 financial year and continues to take to mitigate the risks of slavery and human trafficking being facilitated through commercetools business, operations and supply chains.

Read Now

Incident Reporting System

commercetools employees, business partners and other third parties can report concerns regarding violations against laws via an external, web-based Incident Reporting System. Improper conduct impacting safety and security matters involving the company can also be reported. The Incident Reporting System is designed to protects commercetools, any impacted employees, as well as anyone who reports a genuine concern or incident.

Frequently Asked Questions

How can I report an incident?

You can use the link to access a web-based communication platform to report an incident, upload documents and contact the responsible case worker. This process is protected and confidential and is activated via a separate mailbox.

In addition to this Incident Reporting System, you still have access to all other communication channels such as email, phone or regular mail correspondence.

What can I report?

The Incident Reporting System is designed for reporting violations or concerns involving matters such as corruption, anti-trust violations, internal policies or breaches of secrecy. You can also report improper conduct that impacts the company’s safety and security, i.e. theft, property damage or threats.

Intentional abuse of the Incident Reporting System and reports not filed in good faith or based on false allegations will not be tolerated and can result in disciplinary action.

Do I need to reveal my identity?

As much information as possible, including your name and contact information, should be provided to assist in the clarification of the facts. Even if you give your name, your identity will be kept strictly confidential within the company. Your report can also remain anonymous, provided this is permitted under law.

What information do I need to provide?

The information provided should consist of as much sufficient and specific detail as possible in order to investigate and process a report effectively and avoid calling the facts of the case into question. You can use the following questions for guidance:

Who is affected?

What happened?

When did the incident occur?

Where did the incident occur?

How will reports be handled?

Your report is in good hands. The Incident Reporting System is provided by an independent, external service provider company named WhistleB, which will protect your anonymity. The reporting and communication process is encrypted and password-protected.

All reports are processed in a confidential manner.

How are notifying persons protected?

commercetools is committed to creating an environment in which concerns regarding Compliance issues can be freely expressed without fear of retaliation. This is why statements by and identities of persons who have reported a genuine concern are treated confidentially, unless otherwise prohibited by law. We prohibit and will not tolerate any retaliatory measures against persons who have reported a genuine concern.

Privacy notice

In accordance with our obligation to provide information pursuant to Article 13 of the European General Data Protection Regulation (GDPR) you can download and read the data protection notices for the Incident Reporting System here.


Warning. This is not an emergency service.

The Incident Reporting System is not available for general complaints.

To report incidents that require a notice or statement in accordance with the European General Data Protection Regulation (GDPR), please contact