A confident professional woman in a light blouse, surrounded by greenery, symbolising CSR governance and leadership in sustainability — Discover GFT's commitment to Corporate Social Responsibility (CSR) governance through this image of a confident professional woman surrounded by greenery. Learn about our initiatives and leadership in promoting sustainability and responsible business practices. Explore more about our CSR governance efforts on the GFT website.

Professional Integrity

For us, sustainable corporate governance means growing profitably in the long term - in line with our environmental and society-related goals and together with our stakeholders. Cybersecurity and data protection play an important role here.

GFT endorses the United Nations 2030 Agenda for Sustainable Development

Since 2019, GFT is a member of the United Nations Global Compact, the largest voluntary initiative for responsible Corporate Governance worldwide. We aim to set key sustainability aspects in all management systems. For us, compliance is not a goal but a way of life.

Responsibility for sustainability

The Administrative Board of GFT Technologies SE is responsible for corporate strategy and all major decisions, including fundamental sustainability issues. It considers appropriate consideration to environmental and social objectives, and systematically identifies and evaluates the impacts, risks and opportunities associated with social and environmental factors.

The Group CSR Committee is a Group-wide and cross-functional steering committee chaired by the CEO that supports and reports to the Administrative Board. It convenes three times a year to review progress on the CSR agenda at operating level and to discuss strategies to support the sustainability goals.

In dialogue

GFT can only be successful if we take due account of the needs and expectations of our stakeholders. We actively involve our stakeholders under the motto “Let’s shape and simplify the digital world together”. Our important stakeholders include clients, employees and freelancers, shareholders and investors, our Administrative Board and our CSR Committee, main suppliers and commercial partners.

Infographic illustrating GFT's sustainability and CSR stakeholders and fields of action — Explore GFT's commitment to sustainability and Corporate Social Responsibility (CSR) through this detailed infographic. Understand the key stakeholders, focus areas, and fields of action that drive GFT's sustainable practices and ethical business operations. Learn more about our sustainability and CSR initiatives on the GFT website.

We listen and respond to our stakeholders’ evolving needs and rising expectations. And we continually assess our role in the supply chains of our clients. Communication is conducted via surveys, newsletters, PR, social media, meetings and events. Authorities and ESG rating agencies are key indirect stakeholders and the broader context of politics, society and the environment is also considered.

Environmental protection

As a reliable provider of technology solutions, we understand our environmental accountability and its importance. We strive to increase our operational efficiency including energy consumption, raise the share of renewable energy, and adopt more sustainable procurement practices. The basis for environmental and climate protection is set out in our Group Environmental Policy, which is binding for all employees of all Group companies.

Cybersecurity and resilience

Digitalisation and the proliferation of key technologies such as generative AI and cloud create a new world of opportunity. But success depends on the uninterrupted availability of data, IT systems and networks. Cybersecurity risks are a constant threat for companies and other organisations. The aim of our cybersecurity & resilience strategy is to protect the company, its people, and its tangible and intangible assets, as well as ensuring business continuity.

Led by the Chief Information Security Officer (CISO), our information security management system (ISMS) ensures consistent security policies across all entities. Certified to ISO/IEC 27001 for exemplary areas, our global ISMS is a guarantee of professional security management. Our German subsidiary is also TISAX certified for the automotive industry.

Operating in a distributed, network-oriented environment, GFT regularly assesses risks and implements mitigation countermeasures and resilience strategies, including ISO 27000 controls alignment, a hybrid operational model, zero trust network, and modern cloud-based desktops. Our Privacy and Security Steering Committee provides strategic direction, while the Security Operating Committee handles operational oversight.

All employees are responsible for data security and receive annual mandatory training. Our Security Operations Centre (GISOC) monitors systems 24/7, ensuring quick incident responses. GFT’s resilient business model includes distributed delivery processes, cloud-based applications, and a hybrid working model, ensuring business continuity and security.

Data protection & privacy

Our data protection framework is built on respect for human rights and legislation, fostering trust in digital transformation for our clients, partners, and employees.

The Data Protection Team, led by the Chief Privacy Officer (CPO), ensures data protection is integrated into all operations. In 2023, our CPO received the IAPP Vanguard Award EMEA for exceptional leadership in privacy.

Our policies and guidelines ensure a high level of data protection across all GFT operations, even in countries without robust data protection laws. We provide mandatory and optional training programmes to ensure all employees understand and comply with data protection standards. Our GFT Group Data Sharing Agreement is a unified approach to safely share personal data within the Group.

A global incident handling process is in place for quick response to any data breaches, protecting individuals’ rights and preventing significant damage. Our Data Protection by Design approach integrates data protection into IT systems from the start, with ongoing campaigns to train Privacy Engineers and improve data protection considerations in software development.

We are committed to Responsible AI. Since 2020, GFT Group Data Protection have issued guidelines on AI and Machine Learning, and pseudonymisation, which was derived from the ACM Statement on Algorithmic Transparency and Accountability. In 2023, we launched a taskforce to develop guidelines for using AI tools like ChatGPT, ensuring safe, effective use and compliance with regulations. In 2024, a section on responsible AI was added to the GFT Group Data Protection Policy and a GFT Group Data Protection Guideline for Responsible AI was issued. GFT has committed to the pledges of the AI PACT.