Employee Code of Conduct

Reviewed: 29 January 2026

At a glance

  • We act with integrity, respect and accountability.
  • We comply with law and policy at all times: data protection, information security, anti‑bribery, AML/fraud prevention, health & safety and equal opportunities.
  • We protect customer trust, confidential information and mail items handled in our operations.
  • We speak up through whistleblowing channels without fear of retaliation.

Purpose

To define the standards of professional behaviour expected at UK Postbox and to help employees make ethical decisions consistent with our values and legal duties.

Scope

This Code applies to all UK Postbox people while working, representing the company, using company systems/equipment, or handling customer data or mail—on‑site, remote or hybrid.

Our values in action

  • Integrity: do the right thing even when no one is watching; be honest and transparent.
  • Respect: treat colleagues, customers and partners fairly and with dignity.
  • Accountability: take ownership, learn from mistakes, and follow through on commitments.
  • Security & privacy by design: handle information and mail responsibly and lawfully.
  • Customer focus: earn and keep trust in every interaction.

Legal & policy compliance

Employees must follow all applicable laws and company policies, including:

  • UK GDPR & Data Protection Act 2018, PECR (privacy & cookies).
  • Computer Misuse Act 1990, Fraud Act 2006, POCA 2002, Sanctions and AML Act 2018.
  • Bribery Act 2010, Modern Slavery Act 2015, Equality Act 2010.
  • Health and Safety at Work etc. Act 1974.
  • Relevant Trust Centre policies (see Related documents).

Professional conduct standards

Respectful workplace; EDI

  • Zero tolerance for bullying, harassment or discrimination.
  • Support diversity, equity and inclusion; use inclusive language; accommodate reasonable adjustments.
  • Report concerns promptly.

Conflicts of interest

  • Avoid situations where personal interests conflict (or appear to conflict) with UK Postbox’s interests.
  • Disclose potential conflicts to your manager; follow mitigation steps.

Gifts & hospitality

  • Do not offer/accept gifts or hospitality intended to influence a decision.
  • Token gifts may be acceptable if modest (under £50), infrequent and transparent; gifts £50–200 require line manager approval; gifts over £200 require Compliance approval. Record per the Gifts Register.
  • Never solicit gifts or cash equivalents. See Anti‑Bribery & Corruption Guidance.

Communications & social media

  • Be professional, factual and respectful.
  • Only authorised spokespeople speak to media/press.
  • Clearly mark personal opinions; do not disclose confidential information or make statements that could harm trust. Do not disclose your role at UK Postbox in a way that implies your personal views represent the company. Be aware that even private posts may become public.

Safeguarding information & mail

  • Treat customer mail and scans as confidential; follow the Mail Inspection & Handling Policy and Restricted Goods Policy.
  • Handle personal data per Data Protection Policy; access only what you need; use approved systems; enable MFA.
  • Never remove mail items from secure areas without authorisation; use tamper‑evident containers where appropriate. Never photograph or copy mail content except as required for legitimate business purposes using approved systems.

Information security & acceptable use

  • Follow Access Control & Authentication, Data Security & Encryption and AUP policies.
  • Use strong passwords, do not share credentials, lock screens, and report suspected compromise to security@ukpostbox.com immediately.
  • Do not install unapproved software or bypass security controls.

Use of AI & data analytics

  • Use only approved AI tools; do not paste personal data, mail content, secrets or KYC/biometric data into public AI (see AI Usage & Compliance Policy).
  • Keep a human in the loop for material decisions; avoid solely automated adverse decisions. If in doubt about whether a tool is approved, check with security@ukpostbox.com before use.

AML, fraud & financial integrity

  • Complete KYC/AML tasks accurately; escalate red flags to the MLRO (compliance@ukpostbox.com); no tipping‑off.
  • Follow the Fraud Prevention & Detection Policy and Handling of Cash, Postal Orders & Cheques Policy.

Health, safety & environment

  • Work safely; follow site rules, risk assessments and training.
  • Report accidents, near misses and hazards immediately.
  • Support our Environmental & Sustainability Policy (waste segregation, energy saving, sustainable logistics).

Alcohol, drugs & fitness for work

  • Come to work fit for duty. Alcohol or illegal drug use at work is prohibited. Prescription medication must not impair safety or performance. If you are taking prescription medication that may affect your ability to work safely, inform your manager or HR confidentially so that appropriate adjustments can be made.

Attendance, time & expenses

  • Be punctual; record time and attendance accurately; claim only legitimate, reasonable expenses with receipts.

Remote/hybrid working

  • Maintain a safe, private workspace; protect screens and documents; use company‑approved devices and VPN where required.

Company assets & records

  • Protect company property, systems and funds from loss, damage or misuse.
  • Keep accurate, complete records (financial, operational, security logs).
  • Do not falsify documents or conceal errors.

Equal opportunities & reasonable adjustments

We are committed to equal opportunity in recruitment, development, pay and promotion. If you need a reasonable adjustment to perform your role, speak to your manager or HR.

Learning & mandatory training

Complete mandatory courses on time (e.g., data protection, security, AML, H&S, modern slavery). Managers must ensure team completion.

Speaking up (whistleblowing)

Raise concerns about suspected breaches of this Code, law or policy via your manager, HR, the confidential Speak Up form, or ethics@ukpostbox.com. We prohibit retaliation against good‑faith reports.

Investigations & cooperation

  • Cooperate fully and honestly with company investigations and lawful requests from regulators or law enforcement.
  • Preserve relevant records; do not obstruct or influence witnesses.
  • Investigation outcomes may lead to remedial actions, training or discipline.

Disciplinary action

Breaches of this Code or other policies may result in disciplinary action up to and including dismissal. Processes follow the ACAS Code of Practice and our internal Disciplinary Procedure. In serious cases, we may also report matters to law enforcement, regulators, or professional bodies.

Management responsibilities

Leaders must: model the Code; create an open culture; act on concerns promptly; avoid conflicts; manage suppliers against the Supplier & Partner Code of Conduct; ensure completion of mandatory training.

Reporting lines & contacts

  • Urgent security/privacy issues: security@ukpostbox.com / dpo@ukpostbox.com.
  • AML/financial crime: mlro@ukpostbox.com.
  • Safety incidents: facilities/site manager or H&S Lead.
  • Whistleblowing: Speak Up submission (anonymous option where lawful).
  • HR/People: hr@ukpostbox.com.

Acknowledgement

All employees must read, understand and acknowledge this Code on joining and annually thereafter. Acknowledgements are captured and retained for 6 years after employment ends.

UK Postbox Limited

13 Freeland Park, Wareham Road, Lytchett Matravers, Poole, Dorset, BH16 6FH, United Kingdom


Support: support@ukpostbox.com

Security: security@ukpostbox.com

Legal notices: legal@ukpostbox.com

Data protection: dpo@ukpostbox.com

Complaints: complaints@ukpostbox.com

Accessibility: accessibility@ukpostbox.com

Website: www.ukpostbox.com


Registered in England and Wales Company Number: 06723381

MLR registration no: XLML00000192390

ICO registration no: ZA038907