Code of Conduct Policy Template: What to Include and How to Use

Getting your team on the same page isn’t just about culture and values - it’s a legal and operational safeguard, too. That’s where a clear, practical Code of Conduct policy comes in.

In this guide, we’ll demystify what a Code of Conduct policy is, what to include in yours, how it links to UK employment and privacy law, and how to roll it out confidently. We’ve also included a simple template outline you can adapt for your business.

Put simply: a well-drafted Code of Conduct helps you set expectations, handle issues fairly, and protect your business from day one.

What Is a Code Of Conduct Policy?

A Code of Conduct policy sets out the standards of behaviour your business expects from employees, contractors and, in some cases, volunteers and agency workers. It covers how people act at work, when dealing with customers and suppliers, and when representing your brand online and offline.

Think of it as the practical “house rules” that sit alongside your Employment Contract and wider policies, often bundled into a Staff Handbook. It doesn’t replace those documents - it knits them together and makes expectations crystal-clear.

A good Code of Conduct should be short, readable and action-focused. Your aim is that every team member understands what’s expected, what happens if standards aren’t met, and where to get help if something goes wrong.

Do Small Businesses Need a Code Of Conduct?

Yes - even if you’re a small team. A Code of Conduct reduces ambiguity, helps you manage risk and underpins fair decision-making when issues arise. It’s also useful evidence that you’ve communicated standards and acted consistently if you ever face a dispute or tribunal claim.

Without a clear code, managers end up improvising rules, which can lead to inconsistent treatment, morale problems and legal exposure. For example, if you discipline one employee for a social media post but ignore another’s similar post, that inconsistency can undermine your position later.

A Code of Conduct is especially valuable where you have hybrid or remote working, customer-facing roles, or regulated activities. It also supports related processes, like workplace investigations and performance management, by setting the baseline for expected behaviour.

What Should Your Code Of Conduct Policy Include?

Every business is different, but most UK Codes of Conduct cover the following areas in plain English. You can keep each section short and link out to your detailed policies where needed.

1) Purpose, Scope And Responsibilities

• Why the policy exists (to set expectations, protect staff and customers, and support compliance).
• Who it applies to (employees, workers, contractors, agency staff, volunteers).
• Responsibility for compliance (everyone), and for oversight (managers/HR/directors).

2) Professional Behaviour And Respect At Work

• Act with integrity, honesty and respect towards colleagues, customers and partners.
• Zero tolerance for harassment, bullying, discrimination or victimisation.
• Inclusive behaviour expectations (in line with equality duties).

3) Health, Safety And Wellbeing

• Follow safety instructions and report hazards and incidents promptly.
• Fit for work requirements (e.g. no drugs or alcohol at work or while on call).
• Mention of mental health support routes, and how to raise concerns.

4) Use Of Company Property, IT And Social Media

• Proper use of equipment, systems and facilities.
• Secure handling of data, passwords and confidential information.
• Social media rules when referencing the business or colleagues (on or off duty).

5) Confidentiality, Data Protection And Privacy

• Keep personal data and confidential information secure and only use it for lawful business purposes.
• Refer to your internal data protection procedures and external-facing Privacy Policy.
• Clear reporting procedure for data incidents or suspected breaches.

6) Gifts, Hospitality, Conflicts Of Interest And Anti-Bribery

• When gifts/hospitality are acceptable, and approval thresholds.
• Declare conflicts of interest (e.g. family suppliers; secondary jobs).
• Prohibition on bribery and facilitation payments.

7) Attendance, Dress And Standards Of Service

• Timekeeping, absence reporting and punctuality expectations.
• Dress and appearance appropriate to the role and setting.
• Customer service standards and complaints handling basics.

8) External Communications And Media

• Who can speak to press or post on official channels.
• Rules for personal posts that might affect the business’ reputation.

9) Whistleblowing And Speaking Up

• How to raise serious concerns safely and confidentially.
• No retaliation policy and routes to escalate concerns.

10) Breaches, Investigations And Outcomes

• How concerns are reported and assessed (informal vs formal).
• Reference to fair processes and potential outcomes (from coaching to warnings or dismissal for gross misconduct).
• Right to a companion and appeal where applicable, and signpost to your disciplinary policy.

11) Acknowledgement

• Ask staff to confirm they’ve read and will follow the policy.

Free Template Outline You Can Adapt

Use this outline as a starting point. Keep it concise and tailor the examples to your sector and risks.

Code Of Conduct Policy

1. Purpose And Scope
2. Our Values And Expected Behaviours
3. Respect, Dignity And Inclusion
4. Health, Safety And Wellbeing
5. Use Of Company Property, IT And Social Media
6. Confidentiality And Data Protection
7. Gifts, Hospitality And Conflicts Of Interest
8. Attendance, Dress And Customer Service
9. External Communications And Social Media
10. Speaking Up (Whistleblowing)
11. Breaches, Investigations And Outcomes
12. Who To Contact And Policy Owner
13. Acknowledgement

Avoid relying on a generic download alone - your Code should align with your Workplace Policy suite, contracts and processes so it’s consistent and enforceable.

UK Laws Your Code Of Conduct Should Align With

A Code of Conduct isn’t a law in itself, but it must sit comfortably alongside core UK legal duties. Here are the key frameworks most small businesses should consider.

Equality And Anti-Discrimination

Under the Equality Act 2010, you must not discriminate against staff or job applicants based on protected characteristics (such as age, disability, gender reassignment, race, religion or belief, sex and sexual orientation). Your Code should set a zero‑tolerance standard for harassment and victimisation and explain how people can report concerns and attend grievance meetings fairly.

Health And Safety

The Health and Safety at Work etc. Act 1974 requires you to take reasonable steps to protect employees and others from harm. Your Code should direct staff to follow safety instructions, report hazards and cooperate with risk controls. For specific sectors, you may link to role‑specific safety procedures.

Data Protection And Confidentiality

If your team handles personal data, UK GDPR and the Data Protection Act 2018 apply. Your Code should require secure handling of data, use for legitimate purposes only, and prompt reporting of any suspected breach. Internally, align this with your data processes and externally with your customer‑facing Privacy Policy.

Working Time, Pay And Breaks

The Working Time Regulations 1998 cover maximum weekly working hours, rest breaks and paid annual leave. Your Code should reflect realistic expectations about availability and breaks so practice aligns with law. If staff regularly work shifts or overtime, it’s worth reminding managers to plan in line with the Working Time Regulations.

Discipline, Grievance And Fair Process

While the Acas Code of Practice isn’t legislation, employment tribunals consider it when assessing fairness. Your Code should reference your disciplinary and grievance procedures and explain that concerns will be handled fairly and consistently. This supports any subsequent workplace investigations you may need to conduct.

Anti-Bribery And Modern Slavery

The Bribery Act 2010 applies to all UK businesses and prohibits bribery in the UK and abroad. Include clear rules on gifts and hospitality and how to declare conflicts. If you’re larger or in higher‑risk supply chains, consider aligning your Code with Modern Slavery Act 2015 expectations on ethical sourcing and reporting.

Whistleblowing Protections

The Public Interest Disclosure Act 1998 protects workers who make certain types of disclosures. Your Code should encourage speaking up, explain how concerns are handled, and set out anti‑retaliation commitments.

How To Roll Out, Train And Enforce Your Policy

Having a Code of Conduct is one thing; embedding it is what really protects your business. Here’s a simple, practical approach.

1) Draft And Align

• Map the Code to your risks and culture, and keep it readable (think two to five pages).
• Cross‑check it against your Employment Contract, handbooks and any role‑specific procedures to avoid contradictions.
• Decide who the “owner” is (usually HR or a director) and how often you’ll review it.

2) Communicate And Acknowledge

• Introduce it in onboarding, with a short briefing and real‑world examples tailored to your roles.
• Ask staff to sign an acknowledgement (digital is fine) and store it with personnel records.
• Make it accessible (intranet, shared drive) and reference it in your Staff Handbook.

3) Train Managers

• Run a practical session for managers on how to spot issues early, have coaching conversations, and when to escalate.
• Explain your informal vs formal approach, including notes, follow‑ups and signposting to policies.

4) Apply It Consistently

• Address concerns promptly and proportionately; consistency is key to fairness and legal defensibility.
• If conduct could be serious, follow your disciplinary process and keep the Acas Code in mind. For potential gross misconduct, consider precautionary suspension and a structured fact‑finding process.

5) Investigate Properly When Needed

• Where facts are disputed or the allegation is serious, follow a fair and documented process for workplace investigations.
• Maintain confidentiality and data minimisation throughout to comply with UK GDPR.

6) Review And Improve

• Spot trends (e.g. recurring social media issues) and update your Code and training accordingly.
• Schedule an annual review or after any major incident or legal change.

7) Connect The Code To Your Policy Suite

• For clarity and ease of use, your Code should signpost to deeper policies (disciplinary, grievance, anti‑harassment, data protection) and to operational playbooks.
• If you’re building your policy suite, a tailored Workplace Policy set and robust handbooks will make rollout seamless.

Practical Example

Imagine a customer‑facing employee posts an offensive joke on a public profile mentioning your brand. With a clear Code and social media section, you can act quickly: remove the content, run an initial meeting, decide whether to coach or escalate, and - if appropriate - start a fair process under your disciplinary policy. The employee knew the rules, you apply them consistently, and you’ve protected your brand and team.

Common Mistakes To Avoid

• Copy‑pasting a template without tailoring to your sector or risks.
• Policy and contract misalignment (e.g. dress rules in the Code but contradictory terms in the contract).
• Over‑promising or vague statements that aren’t enforceable.
• Inconsistent application between teams or managers.
• Skipping acknowledgement and training - then lacking evidence later.

How The Code Fits With Other Documents

Your Code should dovetail with core employment documents and procedures. For most SMEs, the typical stack includes:

• An Employment Contract or contractor agreement setting the legal terms of engagement.
• A Staff Handbook with key policies (disciplinary, grievance, anti‑harassment, data protection, social media, IT).
• Operational SOPs, team guides and checklists to make standards practical.

If you’re missing any of these, it’s wise to fill the gaps so your Code is backed up by enforceable documents and clear processes.

Key Takeaways

• A Code of Conduct policy sets clear standards for behaviour, safety, integrity and respect - it’s essential even for small teams.
• Keep it readable and practical. Cover respect and anti‑harassment, health and safety, data protection, IT and social media, gifts and conflicts, attendance and dress, communications, whistleblowing, and how breaches are handled.
• Align your Code with UK laws, including the Equality Act 2010, Health and Safety at Work etc. Act 1974, UK GDPR/Data Protection Act 2018, Working Time Regulations 1998, the Bribery Act 2010, and the Acas Code of Practice.
• Roll it out properly: train managers, get acknowledgements, apply it consistently, and use fair, documented processes for workplace investigations when needed.
• Make sure your Code is consistent with your Workplace Policy suite, Employment Contract and handbooks, so it’s both clear and enforceable.
• Avoid one‑size‑fits‑all templates. Tailor the Code to your business model and risks, and review it annually or after incidents.

If you’d like help drafting a tailored Code of Conduct or aligning it with your policies and contracts, you can reach us at 08081347754 or team@sprintlaw.co.uk for a free, no‑obligations chat.