EnvironmentalE
SocialS
GovernanceG
As part of ESG compliance, Northern Data Group has a particular level of responsibility in the area of environmental protection due to its high electricity requirements. Northern Data Group aims to make its energy consumption, which is also a significant operational cost factor, as efficient and environmentally friendly as possible. At the end of 2023, Northern Data Group operated 14 data centers in Germany, the Netherlands, Sweden, Norway, the USA and Canada, whose design and operating processes are aimed at achieving maximum energy efficiency. The data centers include contracted sites. The monitoring and recording of energy consumption and other relevant environmental parameters can currently only be fully documented for the site in Sweden but are planned for all data center sites in the future.
Power Usage Effectiveness (PUE) defines the metric that describes how efficiently data centers use electricity to generate computing power. PUE is the ratio of the total amount of energy used by a data center facility to the energy delivered to computing equipment. An ideal PUE is 1.0. Anything that isn’t considered a computing device in a data center (e.g. lighting, cooling, etc.) falls into the category of facility energy consumption. Northern Data Group calculates data center PUE by dividing the amount of energy fed into the data center by the amount of energy used to operate the IT infrastructure in the data center. The PUE values for two data centers were determined in the reporting year 2023. A PUE value of 1.09 was determined for the data center in Sweden. According to Deutsche Rechenzentren GmbH, values of 1.5 are considered efficient and less than 1.2 are considered very efficient. Lefdal Mine, one of Northern Data Group's contracted third-party data centers, guarantees a PUE of 1.15. Northern Data Group is currently preparing the introduction of suitable measurement procedures in all data centers in order to determine the PUE value globally in a standardized procedure, as in Sweden.
Total energy consumption is defined as the sum of all electrical energy consumed in Northern Data Group’s data center operations, including contracted third-party data centers. The data for the energy consumption is provided by the contracted energy suppliers according to the data center location.
Based on this information, total energy consumption for 2023 was 787 GWh (prior year: 963 GWh). In essence, the decrease in total energy consumption compared to the previous year can be attributed to the termination of Ethereum mining in September 2022.
Northern Data Group reports on the share of renewable, nuclear and fossil energy. The share of nuclear and renewable energy was determined by multiplying the data taken from the fuel mix by the amount of energy used in the data centers. In 2023, 41 percent (322 GWh) of the energy consumption was drawn from renewable energies and 22 percent (173 GWh) from nuclear energies. 250 GWh (32 percent) were drawn from fossil fuel sources. The total energy mix of Northern Data Group’s data centers has shifted slightly towards fossil fuels in 2023 compared to 2023. This is primarily due to the fact that the energy mix of some electricity grids, that some of the existing data centers are connected to, have shifted into the direction of fossil energies.
In 2021, Northern Data Group purchased Renewable Energy Certificates (RECs) with a capital expenditure of EUR 570 thousand. In 2022 and 2023, no additional RECs were purchased as Northern Data Group was reviewing its REC strategy.
Data center operations
In 2023, no carbon footprint was reported, as Northern Data Group was reviewing its measurement operations on a global level.
Business travel
Northern Data Group is certified to offset 100 percent of the CO2 from most of its business travel. The majority of business travel at Northern Data Group is booked through GreenPerk, TravelPerk’s carbon-neutral business travel program. GreenPerk partners with carbon calculation and offsetting providers, so that Northern Data Group compensates for its CO2 emissions directly through the platform. Offsetting is done on a per-trip basis, helping to reduce the carbon footprint of the Company’s business travel. With this contribution, Northern Data Group supports projects to combat deforestation in Indonesia, to aid reforestation in Cambodia and to empower the use of hydropower in Turkey. All projects are VERRA / GOLD-awarded and audited.
Electronic waste is considered as all kinds of discarded electronic devices and assets nearing or that have reached the end of their lifecycle. In 2023, Northern Data Group managed its electronic waste by deciding whether it can be remarketed, refurbished, recycled, or must be dis- posed via Northern Data Group’s established hardware lifecycle program. The Group strives to give end of first lifecycle assets a second life where possible, supporting the environment and contributing to the circular economy. No assets were discarded in 2023, hence no waste was measured. Northern Data Group handles the recycling and disposal of electrical waste in accordance with local and European laws and guidelines.
Attracting new and retaining existing employees is critical to Northern Data Group’s future success. In 2022, the focus was on expanding the HR department globally to implement a global strategy on people and culture, including standard processes, frameworks, and tools. As part of this program, job profiles at Northern Data Group were reviewed. Based on this analysis, job grades were then defined and a bonus system was developed. The result is a concept that clearly shows which career paths can be taken at Northern Data Group, at both the specialist and the management level.
To achieve its recruiting goals, the HR department is continuing the employee referral program that motivates employees to recruit experts from their own network for Northern Data Group. In view of the many changes that have been made, the People team focused on defining and adapting new processes. Northern Data Group is hiring internationally in accordance with the global People & Culture strategy. In 2023, Northern Data Group launched an onboarding handbook that facilitates the onboarding pro- cess of new employees. On December 31, 2023, Northern Data Group employed 145 employees, all of whom have contracts without a fixed employment term.
Every employee should be given the opportunity to develop his or her personal and professional ambitions to the fullest. To underpin this belief, Northern Data Group is pursuing a recognition strategy. As part of this strategy, Northern Data Group offers competitive salaries, flexible working hours and supports professional development. In line with the recognition strategy, a performance/bonus framework recognizes good and rewards exceptional performance. Quarterly appraisals are conducted as part of the performance process. These are designed to help the supervisors and employees track their performance and determine the next steps. The basic idea is to keep employees motivated and help them achieve their goals. At Northern Data Group, good performance is incentivized. However, to motivate employees to go one step further, exceptional performance is rewarded even higher.
Furthermore, Northern Data Group has generous benefit schemes in place, including pension, death in service, accident cover and wellbeing programs available to those who opt to receive Private Medical Insurance. Besides, the Group has a share option program under which employees and management can be offered subscription rights to share options.Northern Data Group invests in world class office spaces for employees across all regions and has various social events in each country. For example, employees had the opportunity to take part in the JP Morgan Run in Frankfurt. Moreover, end of year activities and gift programs for each region are arranged, based on their geographical spread and the staff population size.
The professional and personal development of employees is very important to Northern Data Group. To contribute to the development of its employees, Northern Data Group pursues continuous reviews and target-setting cycles with both line managers and professionals. There is a training budget available to each employee. Northern Data Group offers several self-study training courses in various areas via the Haufe Academy, an e-learning platform. In addition, Northern Data Group also promotes training measures that are in line with the employee’s individual performance plan.
Northern Data Group consistently opposes discrimination based on gender, ethnicity, age, sexual orientation, and religion. Northern Data Group documents its workforce data broken down by age, nationality, and gender. In fiscal year 2023, 62 percent (prior year: 52 percent) of the work- force were between 30 and 50 years old, 26 percent (prior year: 21 percent) were under 30, and 12 percent (prior year: 8 percent) were 50 or older. 31 percent (prior year: 25 percent) of the workforce were female and 69 percent (prior year: 75 percent) were male. In the reporting year, Northern Data had employees of 26 different nationalities, hailing from five continents. 32 percent of them are Ger- man (prior year: 39 percent), 24 percent American (prior year: 15 percent), 9 percent British (prior year: 3 percent), 6 percent Norwegian (prior year: 5 percent), 4 percent Canadian (prior year: 21 percent), and 3 percent Swedish (prior year: 3 percent). The remaining 22 percent of the workforce hails from other countries.
Northern Data Group places great importance on the physical and mental well-being of its employees. The rules of conduct for a safe workplace and healthy interaction are documented in Northern Data Group’s Code of Ethics and Conduct. Northern Data Group pursues a Health, Safety and Environmental (HSE) Program that covers key elements such as a comprehensive safety plan, accident and damage reporting, safety, orderliness and cleanliness, organization of first aid, risk audits, instructions, training and drills, contractor qualifications.
Northern Data Group’s approach to respecting and complying with human rights is set out in Northern Data Group’s Human Rights Policy. Northern Data Group’s po- licy is based on the international human rights principles contained in the Universal Declaration of Human Rights, the International Labor Organization (ILO) Declaration, the Fundamental Principles and Rights at Work, the United Nations Global Compact and the United Nations Guiding Principles on Business and Human Rights. It applies throughout the Group and covers the topics of anti- discrimination, freedom of association and collective bargaining, a safe and healthy workplace, forced labor, human trafficking, child labor and working hours.
Northern Data Group takes the topic of responsible corporate governance very seriously and aims to sustainably increase the value of the Group. ESG is integrated into the Group-wide risk management system, and a Conflict- of-Interest Register is maintained. In addition, there are obligatory training courses for all employees in the field of acting safely and responsibly in the workplace. Most importantly, Northern Data Group was certified according to ISO 27001 in 2023, the international standard for information security, which works on three principles: confidentiality, integrity, and availability of data. In 2023, Northern Data Group deepened its focus on ESG and started preparations for the coming Corporate Sustainability Reporting Directive (CSRD). With the introduction of the three business divisions (Taiga Cloud, Ardent Data Centers, Peak Mining) a corresponding start was made in 2023 on converting the ESG strategy to the division level.
Group-wide Risk and Compliance Management is responsible for preserving data privacy. It is carefully considered – especially when hiring freelancers, implementing new software, making changes in processing personal data, answering incoming questions from customers, business partners or suppliers, video surveillance, and when personal data is transferred outside the European Economic Area (EEA). To ensure Group-wide data privacy, all employees attend data privacy training once a year. The requirements with regard to data privacy are recorded in Northern Data Group’s privacy policies, which are all third-party audited. They cover all GDPR- relevant procedures and apply to the entire operations, including suppliers. Northern Data Group is ISO 27001 certified. There were no data protection breaches in 2023 and Northern Data Group expects to maintain this result.
Cyber security is of critical importance for all departments that are directly connected with IT activities. In 2023, these departments included internal IT, the team responsible for the data center infrastructure and the cloud department. For the Group-wide workforce, Northern Data Group has a cyber security policy in place that offers recommendations and sets rules in the fields of email security, password protection, and multi-factor authentication.
Newly hired employees receive an IT guide during onboarding. Training materials and information are regularly provided on the intranet and via IT newsletters. To ensure that every employee knows the basics of IT security, everyone is required to attend IT security training once a year. Moreover, there are regular phishing simulations that show potential areas of risk.
To manage incidents and breaches in the internal IT, several security mechanisms (Defender for Endpoint, Defender for O365, Identity Security) that all report to
one central location are put to use. Depending on the incident, the management system automatically executes actions or calls for a manually executed action. In addition, all software installed is analyzed frequently for possible vulnerabilities and outdated versions. During fiscal year 2023, several cyber security incidents were recorded, including multiple phishing attempts and one malware detection. In all cases, the IT department was able to successfully block access and prevent any harm or impact to Northern Data Group. The technical and manual measures in place were effective in mitigating the risks and ensuring the safety and security of Northern Data Group’s data and systems.
Northern Data Group does not tolerate any form of corrupt practices, including, but not limited to, extortion, fraud, or bribery. Northern Data Group encourages employees who suspect that serious issues exist to report them using a whistleblowing form without fearing any kind of reprisal. Normally, suspected irregularities must be reported to the respective manager, who examines the matter and seeks a solution. If, for whatever reason, an employee does not feel comfortable with reporting the issue to the manager, the Compliance or People Team may be approached directly. Whistleblowing, however, does not only concern employees. Northern Data Group provides a whistleblowing form on its website to enable members of the public to report wrongdoing. In fiscal year 2023, four cases of whistleblowing were reported. All of them were considered negligible.
Northern Data Group is committed to the highest values and morals. These are presented in Northern Data Group’s Code of Conduct. The “Code of Business Conduct & Ethics” applies to all employees, suppliers, customers and partners. It provides guidelines that must be followed under all circumstances. The code covers important topics such as health and safety, equality and anti-discrimination, conflicts of interest, the confidentiality of information, intellectual property, competition and anti- trust, risk management and awareness, money laundering and insider trading. The code is centrally placed on the Northern Data Group intranet and has been translated into German, English, and French. To ensure consent and compliance, all employees are required to complete a course that teaches the basics of the Code of Conduct and confirm that they agree with and follow it.