Sixtus Compliance ApS was established in 2019 with a purpose of uniting Law, IT and Strategy, in order for our customers to receive advise and solutions which can be implemented in their daily operations; this applies both in relation to GDPR, e-Privacy and other related businesses. In addition, Sixtus Compliance ApS provides operational, strategic & tactical advice within Governance, Risk & Compliance (“GRC”) services which also include incorporation of Governance structures as well as adequate Risk assessments at the right organizational level. Our customers range from international corporations to small promising starts-ups. Our experience enables us to communicate with all levels in any company.

Sixtus Technologies was established in 2020 with the purpose of developing a Privacy Scanner tool based on Machine Learning and Natural Language Processing (NLP). We support our customers with Data Management Compliance incl. keeping track of where personal data is located. The Sixtus Scanner displays decisions about e.g. Data categories and classification to support the Data Management Compliance work. In addition, the scanner also supports Data Subject Requests, Data Breach investigations, Data Room examinations etc.The Sixtus Scanner operates both as a MS 365 Cloud software solution and as an an on-prem software solution. Both solutions are developed with respect to the principle of 'Privacy By Design'; hence customer data is not transfered / processed by third parties.Our Vision: To become a leader in Governance, Risk and Compliance consulting as well as developing support systems and technologies Our Mission: To provide to our customers solutions which: 1. addresses highly complicated compliance issues 2. are operational and implementable 3. uses groundbreaking technology Our Values: 1. Simplicity • we are straightforward and meeting people where they are in order to make complicated matters operational2. Thoroughness • we make an effort and care and thus create added value for our customers 3. Uprightness • we strive to be honorable and open in our communication with customers and business partners 4. Pride• we develop our business so that our solutions provide added value for our customers 5. Punctuality • we approach our customers with Confidentiality, Integrity and with Availability

Grutt Holding ApS is co-owner of Sixtus Compliance ApS.

Worked in the Danish subsidiary Wise Consulting ApS. Providing HR & Data Protection Compliance advisory to major International corporations incl. IKEA, Solar A/S and DFDS A/S.

- Legal Compliance: Responsible and Management of Global Legal Compliance incl. Policies, Training and Audits- Legal Entities: Responsible for the establishment of legal entities in China, Malaysia and Belgium incl. HR setup, Office Facility setup, Risk controls and AuditsInsurance Management: Renewal and reassessment of Group Insurance Portfolio- Data Privacy & Protection: Drafting of a Swiss Transborder Data Flow Agreement. Drafting of a ‘Data Security Whitepaper’ related to a Cloud product setup - Security Management: Member of the ‘Security Advisory Board’. Responsible for Open Source Software license compliance- Project Management: Product Portfolio & Data Flow analysis of risks related to privacy & protection of customer data- Legal Training: Training of the sales organization related to Anti-Bribery & Anti-Corruption, Anti-Trust/Competition and Code of Conduct. Establishment of global basic E-learning Compliance modules on Anti-Bribery, Anti-Trust and Discrimination

LEGAL WORK RELATED TO GOVERNANCE, RISK AND COMPLIANCE (GRC) MANAGEMENT:RISK MANAGEMENT: Group Policy for UCL (Uncapped Liability in Contracts) and MAG (Management Authorization Guidelines), Bribery & Corruption, Investigations of subsidiaries.ENTERPRISE RISK MANAGEMENT: Half Year and Full Year reporting on Group Legal Risks, Group Legal ICOFR processes (Internal Control Over Financial Reporting), Legal Review of Group Annual Report. COMPLIANCE: Legal Compliance with various Group Programs and Group Policies.CORPORATE GOVENANCE: Legal Review of Group Annual Reports, Group Quarterly Legal Reporting, Advice and Training on Corporate Training modules and Group Code of Conduct.CONTRACT MANAGEMENT: Processes, Negotiations, Review and Drafting. INSURANCE MANAGEMENT: Group Insurance Portfolio, Global Liability Insurance Project. CSR: Review and advice on Corporate Training modules and Group Code of Conduct.MERGERS & ACQUSITIONS: Legal Due Diligence and Contract Review.

CORPORATE LEGAL WORK RELATED TO: LEGAL DEPARTMENT: Establishment of a legal department in Adecco A/S. INSURANCE MANAGEMENT: Advisor on National and International Insurance matters. CORPORATE GOVERNANCE: Responsible for Compliance with legal procedure, policies and guidelines, Implementation of a Corporate Governance Structure and Culture.CONTRACT MANAGEMENT: Legal advisor and negotiator at major negotiation with national and International clients. Drafting of various employment contract templates. EXTERNAL LEGAL COUNSEL: Responsible for co-operation with external legal and commercial advisors/consultants e.g. Danish Industries, Danish Chamber of Commerce, The Danish Construction Association, Johan Schlüter Law Firm.ARBITRATION: Responsible for handling various cases.

CORPORATE LEGAL WORK RELATED TO: EMPLOYMENT LAW: General employment and labour law adviser to internal colleagues. DATA PROTECTION: Responsible for Company Compliance with Privacy and Data Protection legislation incl. Manager of the 2006 Data Protection audit conducted by the ‘Danish Data Protection Agency’. COLLECTIVE AGREEMENTS: Manager of Adeccos Collective Agreements and Employer representative to ‘The Danish Chamber of Commerce’ at the negotiations with the Trade Unions. COMPLIANCE: Adviser to all levels in the organization, implementation of a legal culture of Compliance.

TAX LAW RELATED TO: PERSONAL TAX: Tax advisor to Accountants in Deloitte and to external clients of Deloitte. MERGERS & ACQUISITIONS: Tax Due Diligence. TRANSFER PRICING (TP): Advisor to external clients of Deloitte.