Modern Slavery Statement
- Customer Terms of Service
- Product Privacy Notice
- CPRA Addendum
- Global Data Processing Addendum
- KSAT, KCM GRC, PhishER, and SecurityCoach DPIA
- Security
- System Status
- Maintenance Windows
- Documentation Page
- Federal
- Code of Ethical Business Conduct
- KnowBe4 Global Privacy Compliance
- Transparency Report
- Data Transfer Impact Assessment
- ICO UK SCC Addendum
- Free Downloadable Software Tools EULA
- KnowBe4 Mobile App License Agreement - iOS
- KnowBe4 Mobile App License Agreement - Android
This statement describes the actions taken by the covered entities within the KnowBe4 group (collectively, we, us, our) during the period January 1, 2024 to December 31, 2024 inclusive. This statement has been published in accordance with the requirements of the United Kingdom Modern Slavery Act 20151 and the Australia Modern Slavery Act 2018 (Cth)2.
This is the first time that we have published a Modern Slavery Statement.
About KnowBe4
KnowBe4, Inc. is the parent company of the KnowBe4 group and is headquartered in Florida in the United States. As of May 2025, the broader KnowBe4 group has approximately 2,150 full and part-time employees worldwide and a global presence in Australia and the UK (where the covered entities are based) as well as Brazil, France, Germany, India, the Netherlands, Japan, Singapore, South Africa and the UAE).
We provide HRM+, an innovative approach to human risk management through integration of AI and comprehensive security products delivered as an integrated software-as-a-service (SaaS) platform. HRM+ is the only platform on the market that combines security awareness, compliance training and testing, simulated phishing, real-time coaching, and security orchestration to truly address the human element of cybersecurity.
Our customers vary in size from individuals to global enterprises, and we work with organizations across sectors and industries, including those in central government, technology, finance, legal, accountancy, healthcare, retail and education. Depending on the region, we either work exclusively with our channel partners to engage with customers, or sell through both our partner network and direct to our consumers/business customers.
Our Governance
We pride ourselves on our culture which is based on strong values of responsibility, transparency and integrity. These values enable us to strive for an environment where open, honest communications are the expectation, not the exception. When it comes to our ethics, we do not allow the bottom-line to shift our decision making and consider the greater good for all parties. We acknowledge and accept that we have a responsibility to conduct our business ethically, and are committed to respecting human rights in our business activities.
We support and stand behind the Universal Declaration of Human Rights, and comply with all applicable laws, rules and regulations related to anti-human trafficking, anti-slavery, anti-forced labor and child labor. Equal and inalienable rights of all members of the human family is the foundation of freedom, justice and peace in the world. We believe in the promotion of universal respect for and observance of human rights and fundamental freedoms afforded to everyone. All human beings should be treated with decency, kindness and respect.
As an organisation developing and providing tools that help organizations fight against cybercrime and enable their employees to make smarter security decisions, every day, trust is essential to our business. Our publicly accessible Code of Ethical Business Conduct, together with our associated internal policies, procedures and training sets out not only the standard that we expect our employees to meet in order for us, as a business, to meet the expectations on us and that we hold for ourselves, but also serves to encompass our commitment to ensuring compliance and ethical behavior in all that we do.
Internally, our policy against discrimination, bullying, harassment and violence in the workplace establishes and communicates our commitment to maintaining a respectful and safe workplace for all. This is reinforced by regular training undertaken by our employees on diversity, equity and inclusion in the workplace.
Our thirty-party independent Whistleblower Hotline enables both our employees and contractors, and external third parties, to report any observed or suspected violation of our policies or applicable laws. Employees and contractors are also able, internally, to report concerns directly to our Legal Department. We want individuals to feel comfortable in approaching their supervisor, Employee Relations, the Legal Department or any member of executive management, or approaching us, if they believe violations of policy or applicable law have occurred.
Our Business Partner Code of Conduct reflects the principles set out in our Code of Ethical Business Conduct and therefore sets out the standards that we expect of our supply chain, and our channel partners, in order for us to deliver on our own expectations and commitments.
Within our business
In preparation for this first Modern Slavery Statement, we have undertaken a review of our business operations to assess the risk of modern slavery in our direct operations.
Our offices are located across the world and we are mindful that, whilst modern slavery can be found in all countries, certain countries/regions are assessed as posing a higher risk for modern slavery3. We believe that the risk of modern slavery in our direct business operations is low as a result of a number of key mitigating factors:
- we employ individuals directly with us through employment agreements.
- we apply the same recruitment policies and procedures across our business operations, no matter where they are located in the world. These processes include checks specific to the individual, such as their right to work, and security checks similar to the UK’s baseline personnel security standard (BPSS).
- the relatively highly-skilled nature of the work undertaken by all our employees.
- Most of our recruitment is undertaken by in-house employees.
Supply chain
In preparation for this first Modern Slavery Statement, we have undertaken a review of our supply chains for the covered subsidiaries.
Channel partners
Our channel partner network provides relatively highly skilled external services to help us source, support and develop our relationships with our customers. These key business partners are required to pass our onboarding process and are then engaged on either our KnowBe4 Reseller Agreement, our Managed Service Provider Agreement, or other appropriately negotiated terms based on our procurement guidelines, under which they are required to comply with all applicable laws and with our Business Partner Code of Conduct.
In respect of the covered subsidiaries and their channel partner networks, they are predominantly “within region” and therefore we consider the risk of modern slavery in these supply chains to be low.
Suppliers
The majority of our external spend within these supply chains is through the procurement of goods and services to support our general business activities and the delivery of our services to our customers. This includes cloud and software services, marketing and events, professional advisors and consultancy services, premises and associated management, device procurement and cleaning.
It is understood that technology firms like us that do not supply hardware encounter the same risks as other office based organisations, but it is essential to recognise that low risk does not equate to no risk”4. As a result, we are engaging with relevant suppliers within our supply chain to review the contractual terms that we have in place with them to ensure that they appropriately reflect the standards and controls that we expect with regards to mitigating and controlling any risks of modern slavery.
In respect of the covered subsidiaries and their supply chains, they are predominantly within low risk regions or industries, or we have taken measures to ensure that any identified risk is appropriately mitigated. We therefore consider the risk of modern slavery in these supply chains to be low.
Future activities
We are committed to continuously improving our efforts to prevent modern slavery and human trafficking. Over the next 12 months we will:
- review our contracts in place with organisations operating in industries understood to be at greater risk of modern slavery.
- review our policies and procedures to ensure they remain effective and aligned with industry practice and legal requirements.
- review our training programs in line with industry practices.
- continue to take steps where possible to ensure our business and supply chains are remain free of modern slavery.
- review our assessment of the risk of modern slavery existing within our business and supply chains regularly.
Approval
This Modern Slavery Statement has been reviewed and approved by the Directors of the covered subsidiaries.
1 The subsidiaries relevant to the UK Modern Slavery Act 2015 are KnowBe4 UK, Ltd (company number 10885710; 1st Floor, 1 Leeds City Office Park, Meadow Lane, Leeds, LS11 5BD, UK) and Egress Software Technologies Limited (company number 06393598; 12th Floor, The White Collar Factory, 1 Old Street Yard, London, EC1Y 8AF, UK).
2 The subsidiaries relevant to the Australia Modern Slavery Act 2018 (Cth) are KnowBe4 AU Pty, Ltd (ACN 633 151 470 ; Part Level 1, 95 Coventry Street, Southbank, VIC, 3006 Australia) and Egress Software Technologies Pty Limited (ACN 667 428 971)
3 https://www.walkfree.org/global-slavery-index/map/ based on a wide range of risk factors including: governance issues; lack of basic needs; inequality; disenfranchised groups; effects of conflict; attitudes; social systems; and, government action
4 TechUK's written evidence to the UK Government on reform of the Modern Slavery Act (MSA0032 - March 26, 2024) https://committees.parliament.uk/writtenevidence/129083/pdf/ page 3 - Office and service sector risks
