Dear Whistleblower,
The internal reporting procedure under the German Whistleblower Protection Act (Hinweisgeberschutzgesetz – HinSchG) and the Austrian Whistleblower Protection Act (HinweisgeberInnenschutzgesetz) (collectively referred to as the “HinSchG” or the “Act”) is an important element in fostering a transparent and ethical corporate culture.
It enables employees and other eligible persons to confidentially report potential violations of certain laws, regulations, or internal policies without fear of retaliation.
The procedure is designed to be clear and easily accessible to ensure that you can submit concerns or information securely and confidentially. Below you will find information on:
Who may act as a whistleblower
What can be reported
How a report can be submitted
Who receives your report
How you will be informed about receipt of your report
How your personal data is protected
How confidentiality is ensured
How you are protected
How your report will be handled
The group of persons protected under the HinSchG is broad. It includes all natural persons who, in connection with their professional activities, have obtained information about violations and report them (“reporting persons”), in particular:
Employees (including former employees), job applicants, interns, and temporary agency workers
Self-employed persons, freelancers, contractors, subcontractors, suppliers and their employees
Shareholders and members of management or supervisory bodies
2.1 Protected Reports
You are protected under the HinSchG if you report violations concerning:
Criminal offences under German law
Administrative offences (regulatory offences) where the violated provision serves to protect life, limb, health, or the rights of employees or their representative bodies (e.g. occupational health and safety regulations, violations of minimum wage legislation, or information and disclosure obligations towards works councils)
Violations of federal or state laws implementing European regulations
Violations of directly applicable EU legal acts in various areas, including but not limited to:
Anti-money laundering and counter-terrorism financing
Product safety
Transport safety
Transport of dangerous goods
Environmental protection and radiation protection
Food and feed safety
Pharmaceutical and medical device safety and quality standards
Consumer protection
Data protection and information security
Public procurement law
Accounting requirements for corporations
Competition law
2.2 Professional Connection Requirement
A report must relate to the company or another entity with which the reporting person has had or currently has professional contact.
3.1. Internal Reporting Channels
The following internal reporting channels are available:
At the end of this document, you will find a link titled “Submit a Report.” By clicking the link, a reporting form will open. After completing the mandatory fields and entering your report, you may submit it to the responsible reporting office by clicking “Submit Report Now.” You will also be required to consent to the data protection provisions (see Section 6).
A telephone reporting hotline is available: NUMBER.
Outside regular business hours, an answering system will allow you to leave your report and the required information as prompted by the automated message.
Upon your express request, you may discuss your report in person within a reasonable timeframe or, with your consent, via video conference. If you wish to do so, please first use the written reporting channel described above and indicate your request for a personal meeting or video conference in the text field.
3.2 External Rreporting Channels
In addition to internal reporting offices, public authorities have established external reporting offices.
In Germany, a central external reporting office has been established at the Bundesamt für Justiz.
In Austria, the competent authority is the Bundesamt zur Korruptionsprävention und Korruptionsbekämpfung.
Further specialized external reporting offices in Germany include:
Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin)
Bundeskartellamt
Information on federal external reporting procedures in Germany is available at:
www.bundesjustizamt.de
German federal states may establish their own external reporting offices for matters concerning state and municipal administrations.
Additionally, reporting channels exist at EU level, including those operated by:
The European Commission
The European Anti-Fraud Office (OLAF)
The European Maritime Safety Agency (EMSA)
The European Union Aviation Safety Agency (EASA)
The European Securities and Markets Authority (ESMA)
The European Medicines Agency (EMA)
As a whistleblower, you are generally free to choose whether to contact an internal reporting office or an external authority. However, the Act encourages the use of internal reporting channels where appropriate.
Please note that reports to the public (e.g. via press or social media) are only protected under strict legal conditions, particularly if a prior external report was unsuccessful or if there is an imminent or manifest danger to the public interest.
If you use the internal reporting channels, your report will be received by our long-standing General Counsel and Data Protection Officer, Mr. Ass. iur. Milan Trúsik. As a qualified legal professional, he possesses the required expertise and integrity necessary for this role.
You will receive confirmation of receipt of your internal report in text form within seven days.
Personal data will be processed in the course of handling your report. The internal reporting system has been implemented in full compliance with applicable data protection requirements.
All personal data are processed in accordance with the EU General Data Protection Regulation (GDPR) and applicable national data protection laws.
When clicking “Submit Report Now,” you will be asked to consent to the applicable data protection provisions. The privacy policy is available at:
7.1 Confidentiality Obligation
A key element of the procedure is strict confidentiality. Internal reporting channels are designed to protect:
Your identity
The identity of persons concerned by the report
The identity of any other persons mentioned in the report
This information is accessible only to the Reporting Office Officer responsible for receiving reports and taking follow-up actions. Disclosure to others is permitted only with the explicit consent of the affected person.
7.2 Exceptions
Information about identities may only be disclosed in exceptional cases, such as in criminal proceedings upon request by law enforcement authorities.
7.3 No Obligation to Accept Anonymous Reports
Confidentiality does not mean anonymity. The Act does not require internal channels to allow anonymous reporting. We have chosen not to provide anonymous reporting. Therefore, you will be required to provide your name and contact details when submitting a report.
8.1 Protection Against Retaliation
The HinSchG prohibits retaliation, including threats or attempts thereof. Prohibited actions include, in particular:
Suspension or dismissal
Demotion or denial of promotion
Coercion, intimidation, harassment, or discrimination
Non-renewal of fixed-term contracts
Reputational damage
Negative performance assessments
The Act provides for a reversal of the burden of proof in favor of the reporting person. If a disadvantage occurs after a report has been made, the company must demonstrate that the measure was not connected to the report.
Whistleblowers may be entitled to compensation for damages resulting from prohibited retaliation. However, compensation for non-material damages (e.g. pain and suffering) is excluded.
8.2 No Protection for False Reports
Protection does not apply to reports that are knowingly false or made with gross negligence. In such cases, the reporting person may be liable for damages caused.
After submission and acknowledgment of receipt, internal investigations will be initiated and appropriate remedial measures assessed.
You will be informed within three months after acknowledgment of receipt about:
Planned or taken follow-up measures and the reasons for them; or
Closure of the procedure due to lack of evidence or other reasons.
All incoming reports are documented. Documentation will be deleted three years after conclusion of the procedure, unless longer retention is required and proportionate under the HinSchG or other applicable legal provisions.
You are currently viewing a placeholder content from Vimeo. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.
More InformationYou are currently viewing a placeholder content from YouTube. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.
More InformationYou need to load content from reCAPTCHA to submit the form. Please note that doing so will share data with third-party providers.
More InformationYou are currently viewing a placeholder content from Facebook. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.
More InformationYou are currently viewing a placeholder content from Google Maps. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.
More InformationYou are currently viewing a placeholder content from Google Maps. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.
More InformationYou are currently viewing a placeholder content from Mapbox. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.
More InformationYou are currently viewing a placeholder content from OpenStreetMap. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.
More Information