Statutory report on Data Ethics policies 2022

Statutory report on Data Ethics policies 20222 DSV - Statutory Report on Data Ethics Policies - 2022 BASIS OF PREPARATION This statutory report on data ethics policies is prepared in accordance with section 99d of the Danish Financial Statements Act covering the period 1 January – 31 December 2022. The report forms part of Managements Commentary of the 2022 DSV Annual Report available at investor.dsv.com. The report describes the principal application of data ethics policies in DSV including how we apply data and related data ethical considerations on a day-to- day basis. This report is not covered by the auditors’ report provided on the 2022 DSV Annual Report. DATA ETHICS IN DSV In DSV we collect, generate, and apply a multitude of data in running our business and in delivering our logistics services to our customers. Examples include customer, supplier and contract data, consignment information, geolocation data and personal information on our more than 75,000 employees worldwide. We also apply internally generated data from machine learning and artificial intelligence, and data generated in application of robotic technology. We are fully committed to complying with all legal rules and regulations on data usage, storage and processing as part of our business operations and to ensure that these are duly reflected in our internal policies, processes, and control frameworks. Furthermore, we recognize that the rapid development and availability in data access, technology, and application, requires additional considerations on how we collect, process, and use data ethically as a responsible company. This report outlines our major data ethical policy areas and how we approach data ethics on a day-to-day basis. “ We are committed to careful ethical considerations on responsible use of data and new technologies “ DATA GOVERNANCE Application of data in DSV including related data ethical considerations are governed in collaboration between our Group IT and Group Compliance departments. Both departments are in direct line of responsibility under Executive Management and the responsibilities of each department are well incorporated into the annual cycle of the Board of Directors and Audit Committee. This ensures that data governance and related data ethical questions are considered at the highest managerial levels of the company and given proper attention. Our Group IT department is responsible for the daily operation and development of processes governing and securing data handling of the Group. Together with our Group Compliance department, Group IT also ensures incorporation of relevant data regulatory requirements into our IT systems, related processes and policies, and that related data ethical matters are reported and addressed at relevant managerial levels in the organisation. Supporting the work of the Group IT department, Group Compliance is furthermore responsible for monitoring compliance with the frameworks set and addressing data application concerns raised by the organisation. DATA USAGE As part of our daily operation’s major categories of data used in running our business include as follows: • Customer data: Logistic information required to complete transportation of goods or other related services such as addresses, goods content and volumes, claims data, and other customerPage 1Page 3