Supply Chain - SCANDIC GROUP

SCANDIC DATA supply chain overview

Introduction

This overview describes SCANDIC DATA's integrated supply chain strategy within the SCANDIC GROUP. As the operator of a state-of-the-art data center, SCANDIC DATA depends on coordinating a reliable chain of services - from the procurement of hardware and energy to secure operation, maintenance and aftercare. The focus is on efficiency, transparency and compliance with legal requirements.

SCANDIC ASSETS FZCO
Dubai Silicon Oasis DDP
Building A1/A2
Dubai - 342001
United Arab Emirates
Phone +97 14 3465-949
Mail Info@ScandicAssets.dev
Commercial register: https://dieza.my.site.com/diezaqrverify/validateqr?id=001NM00000K2u4FYAR&masterCode=CERTIFICATE_OF_FORMATION&relatedToId=a1MNM000004ddaI2AQ

Represented by:
SCANDIC TRUST GROUP LLC
IQ Business Center
Bolsunovska Street 13-15
Kyiv - 01014, Ukraine
Phone +38 09 71 880-110
Mail Info@ScandicTrust.com
Commercial register: https://legiergroup.com/Scandic_Trust_Group_LLC_Extract_from_the_Unified_State_Register.pdf

in cooperation with:
LEGIER Beteiligungs mbH
Kurfürstendamm 14
10719 Berlin
Federal Republic of Germany
HRB 57837 - VAT ID DE 413445833
Phone +49 (0) 30 99211-3469
Mail: Office@LegierGroup.com
Commercial register: https://www.handelsregister.de/rp_web/normalesuche/welcome.xhtml

SCANDIC ASSETS FZCO and LEGIER Beteiligungs mbH are non-operational service providers; the operational services are provided via the SCANDIC TRUST GROUP LLC provided.

Overview library

– 1. value stream in data center operation
– 2. digital twin and control tower
– 3 Regulatory framework conditions
– 4 Governance and transparency

1. value stream in data center operation

The SCANDIC DATA end-to-end process comprises various phases and participants:

– Input phase: In this phase, customer requirements are recorded and the required resources are planned. Inputs are: technical requirements (computing power, storage, network bandwidth), security and compliance requirements, SLA parameters, location preferences and regulatory requirements (e.g. data localization). - Conversion: Our teams check the request against the available infrastructure. Hardware and software resources are configured, virtual machines or containers are provided, networks are segmented and security mechanisms are implemented. At the same time, KYC and compliance checks are carried out, contracts are drawn up and payment processing is initiated via SCANDIC PAY. - Delivery: After commissioning, we support customersduring the runtime. This includes monitoring, incident management, patch management, backup and restore processes as well as the provision of support. Up- and down-scaling can take place during ongoing operations. At the end of the contract, data is migrated or deleted as agreed. - Value contribution: By bundling demand and supply, SCANDIC DATA achieves economies of scale, increases the utilization of infrastructure and offers customers the best possible service.transparent, secure and flexible environment. Synergies with other SCANDIC brands (e.g. PAY, NEWS, YACHTS) create added value for media companies, payment service providers and high-performance computing customers.

2. digital twin and control tower

SCANDIC DATA uses a digital twin that maps the entire data center: Servers, storage, networks, power supply, cooling systems, container platforms, databases, workloads and customer occupancy. A supply chain control tower provides real-time monitoring of utilization, energy consumption, temperature, humidity, availability and security events. Forecast models support capacity management and the procurement of hardware, spare parts and energy. The control tower also links sustainability data (e.g. CO₂ emissions per rack) so that we can show the ecological footprint per customer and per service.

3 Regulatory framework conditions

SCANDIC DATA's supply chain processes are subject to the following legal norms and standards:

– Data protection and data residency: We comply with the GDPR, PDPL and other data protection laws. Data localization obligations are taken into account when selecting server locations. - IT security laws: Requirements from the EU NIS 2 Directive, the German IT Security Act 2.0, the Bahraini Cybersecurity Act and best practices (ISO/IEC 27001, 27017, 27701) are implemented. - Customs and export law: When importing hardware, we comply with export control and customs regulations (e.g. Dual-Use Regulation, US Export Administration Regulations). Suppliers must submit the relevant licenses. - Supply chain diligence: The SCANDIC GROUP fulfills the requirements of the Supply Chain Due Diligence Act and the EU-CSDDD. This includes risk analyses, prevention and remediation measures as well as reporting to authorities. - Environmental and energy law: Data center operations are subject to environmental regulations (e.g. EU Energy Efficiency Directive, local emission limits). We comply with these and strive for a PUE ≤ 1.25.

4 Governance and transparency

SCANDIC DATA controls the supply chain processes through clear governance structures. A central team coordinates the procurement of hardware, energy and services, negotiates contracts with suppliers and monitors their compliance status. Digital dashboards show KPIs such as availability, PUE, capacity utilization, energy consumption, CO₂ emissions, supplier ratings and compliance cases. Measures are taken in the event of deviations (e.g. selecting alternative suppliers, training, contractual penalties). Transparency towards customersThis is ensured through clear contracts, service descriptions and sustainability reports. The SCANDIC GROUP publishes regular reports on the supply chain and identifies remedial mechanisms. A grievance mechanism enables employees, customers and suppliers toand business partners to report problems along the supply chain (e.g. supply interruptions, quality fluctuations, legal violations).