P&G Guidelines/Expectations for Suppliers
General
This page describes some of P&Gs core business conduct expectations for suppliers and other external business partners. For clarification purposes, this list is not exhaustive, and there may be additional expectations/guidelines depending on the goods/services provided. These will be provided on a case by case basis, as relevant.
For information about how P&G collects and processes Vendors information please click here to review P&G’s Vendor privacy notice.
| Guidelines | Relevant for Suppliers |
|---|---|
| Conflict of Interest | All suppliers. See pages 51 + 52 of policy. |
| Global Social Media Policy | All suppliers. |
| Gifts & Entertainment Expectations | All suppliers. |
| World Wide Business Conduct Manual | All suppliers. |
| Purchase Orders (Terms & Conditions) | All suppliers. |
| Utilization of External Party Resources | All suppliers providing staffing to complete a service. |
| P&G Competitive Information Collection Policy | All suppliers. |
| Global Violence Free Workplace | All suppliers. |
| Access Control - Company Facilities | All suppliers accessing P&G facilities. |
| Publicity Guidelines | All Suppliers. |
| Physical Security Expectations | All Suppliers with P&G Assets. |
| Expectations of P&G Suppliers Using Artificial Intelligence (AI) in their P&G Work | Suppliers Using Artificial Intelligence (AI) in their P&G Work |
| Securing Company Facilities | All suppliers accessing P&G facilities and to all Contract Manufacturers |
| CTPAT Statement of Support for Supply Chain Security | All suppliers. |
Supplier Citizenship
External Business Partners and their suppliers are expected to share P&Gs commitment to these standards.
| Guidelines | Relevant for Suppliers |
|---|---|
| Responsible Sourcing Expectations | All suppliers. |
| French Undeclared Labor | Suppliers located in, or doing business in, France |
| U.S. State Requirements for Animal Testing | All suppliers. |
| Beauty Supplier Expectations for Cruelty-Free Brands | Relevant for Beauty suppliers. |
| Policy Statement on German Supply Chain Due Diligence Law (Lieferkettensorgfaltsgesetz) German Version (English version; non-binding) | Relevant for suppliers supplying into Germany or supplying products used to manufacture P&G Brands sold in Germany |
Anti-Bribery / Anti-Corruption(ABAC)
As a P&G supplier you must not offer, give, seek, or accept bribes. You also must not allow any other party working on behalf of P&G—such as an agent, consultant, or subcontractor—to offer, give, seek, or accept a bribe. A bribe is anything that is given or offered to improperly influence the behavior of someone in business or government. It need not be made in cash. P&G also prohibits “facilitation” payments. These are small, unofficial payments made to government officials that prompt or expedite routine tasks, such as clearing goods through customs, obtaining a travel visa, or connecting utilities.
| Guidelines | Relevant for Suppliers |
|---|---|
| Anti-Bribery Expectations | All suppliers. |
| Anti-Corruption Compliance Agreement | All suppliers. |
Privacy
P&G is committed to safeguarding the privacy of its consumers, employees, customers, and other stakeholders. Accordingly, the following requirements are applicable to suppliers and external business partners who, as part of the services to P&G, manage personal data. For additional support, contact your Purchases representative.
| Guidelines | Relevant for Suppliers |
|---|---|
| P&G's Privacy & Security Requirements for EBPs | All suppliers that collect, use, or process personal data as part of the services to P&G. |
| P&G Privacy Assessment Guide | All suppliers that are required to complete the P&G Privacy Risk Assessment in the ARAVO system. |
| P&G Retention Schedules for Consumer Personal Data | All suppliers that process P&G Consumer Personal Data |
| External Business Partner Privacy Training and Awareness | All suppliers that process P&G Personal Data. |
| Global External Party Resources Privacy Notice | This Notice informs all External Party Resources (EPRs) how P&G collects and manages your Personal Information. |
| Brazil Addendum to the Global EPR Privacy Notice | This Addendum details additional specific requirements applicable in Brazil. |
Information Security
Cyber Security is an increasing risk for both P&G and our External Business Partners. Please remain alert and diligent and continue to improve your capabilities to protect all our supply chains. We encourage you to explore and adopt best practices and certifications that support the needs of P&G and the other CPGs and industries with whom you work. For EBPs who have access to P&G Highly Restricted Data, provides a SaaS or an Application that host P&G owned data, and/or have access that requires VPN to P&G network from a third party owned device. P&G requires the following contract to be signed Exhibit C P&G Information Security Requirements.
In addition, all external business partners who deploy, manage, or support P&G IT assets (applications, data, platforms, software, networks and information systems) and / or require access privileges to any P&G system to perform their role should at a minimum adhere to the IT Guidelines below:
| Guidelines | Relevant for Suppliers |
|---|---|
| Info Security Threat & Incident Management | All suppliers who deploy, manage, or support P&G IT assets (applications, data, platforms, software, networks and information systems). |
| System Access | All suppliers who require access privileges to any P&G system to perform their role. |
| Technical Security Management | All suppliers who deploy, manage, or support P&G IT assets (applications, data, platforms, software, networks and information systems). |
| CyberVadis/P&G Welcome Email | All suppliers who deploy, manage highly restricted/secret data, require access privileges to any P&G system to perform their roles, or support P&G IT assets (applications, data, platforms, software, networks and information systems). |
Incident Management
Learn more about P&G Incident Management process or if you feel there has been a Privacy or Information Security Incident.
Learn About Incident Management
IT
External business partners providing IT services to P&G please review the applicable expectations / guidelines from the list below.
| Guidelines | Relevant for Suppliers |
|---|---|
| IT Risk Management | All suppliers who deploy, manage, or support P&G IT applications, data, platforms, software, networks and information systems. |
| IT Change Management | All suppliers who deploy, manage, or support P&G IT applications, data, platforms, software, networks and information systems. |
| Information Asset Classification | All suppliers who are storing, transmitting, processing, or otherwise managing information no matter the physical or digital form of the information or where it is stored. |
| Acceptable Use of P&G Technology | All the suppliers using technology to conduct business for P&G, regardless of whether the technology is owned by P&G, the employee, or by the Third Party. |
| Software Development | All suppliers. |
Regional
Relevant expectations / guidelines for suppliers providing services or goods to P&G in certain regions. Review as applicable from the list below.
| Guidelines | Relevant for Suppliers |
|---|---|
| Occupational Safety and Health Supplement (St. Petersburg Plant) | Requirements for labor protection, industrial safety, fire safety and environmental protection for contractors carrying out work on the territory of LLC Petersburg Products International |