Whistleblower system

Clarifying violations with the help of a whistleblower system

ISOWA GmbH does not tolerate any violations of the rules of compliance and conduct and the laws and company guidelines mentioned therein. In particular, this includes any unauthorized conduct in the areas of data protection, corruption, antitrust law and the prevention of money laundering. The compliance declaration applies to all employees, managers and business partners.

ISOWA GmbH will investigate all indications of potential and existing violations of regulations, attempt to clarify the violation and then take follow-up measures to prevent violations of this kind in the future. All of this is done in accordance with the provisions of data protection, labor law and the applicable co-determination laws.

What is a violation?

A violation is, in particular, any behavior that is contrary to our compliance and conduct regulations, the applicable laws or the company guidelines and is caused intentionally or negligently during the performance of professional activities for the company.

Mere complaints from employees or customers do not constitute information within the meaning of the whistleblower system. For such reports, employees are welcome to use the established complaint box and customers can use the following e-mail address: info(at)isowa.de

How can you make a report?

If you become aware of reasonable grounds for suspicion that indicate a breach of regulations, you have various options for reporting this.

Internal reporting office

Firstly, we encourage all whistleblowers to confide in their line manager in the company.
in the company. In addition, you can also use our whistleblower system with a confidential, optionally anonymized procedure to report possible serious incidents. serious incidents. Data protection is guaranteed during the transmission and data protection is guaranteed. We are responsible for ensuring that that the identity of the whistleblower is protected when processing reports.

Internal reporting office

Human Resources Management (in person Luisa Becker, Theresa Jüngst)
Telefonnummer: +49 2734-2738-250
E-Mail: hinweisgebung(at)isowa.de

Postal address:
ISOWA GmbH
vertraulich, Meldestellen-Beauftragter
Hommeswiese 90
57258 Freudenberg

External reporting office

Another option for submitting reports is the external reporting office at the Federal Office of Justice. However, we would like to point out that we strive to clarify incidents in our company as quickly and successfully as possible. To this end, an internal report is generally advantageous for us.

What should reports look like?

In order for the report to be processed properly, certain information about the facts of the case must be included in the report to the whistleblower system. This includes which company the incident occurred at, who is accused of the violation, what the person did, when the incident occurred, how it actually happened and where it happened. Afterwards, you should at best be available for further questions so that the facts can be fully facts can be fully recorded.

The whistleblower does not incur any costs or suffer any sanctions under employment law or other consequences as a result of reporting a tip-off. However, it should be noted that in the event of clearly recognizable and intentional damage to the reputation of the company and/or individual persons, the anonymization of the data can be lifted in order to report this to the police.

What is the procedure?

After you have submitted your report via our whistleblower system, we will send you a confirmation of receipt within seven days. In the following the facts of the case will be investigated. It may be necessary to clarify further questions with you in order to fully understand the case. Our aim is to successfully clarify the incident. This may involve interviewing employees and reviewing documents or emails. Once the case has been clarified, measures can be initiated to ensure that similar incidents do not occur again. As a whistleblower, you will then receive feedback on the procedure or at the latest three months after receipt of your report.

Please note the following data protection notice on the whistleblower system when submitting a report

1. General information

We would be delighted if you would help us to comply with the law and legislation in our company and use the whistleblower system to report any violations. The whistleblower system enables us to ensure that reports are received and processed quickly and securely. Personal data is all information that relates to an identified or identifiable person. Pseudonymous data that we cannot assign to you directly, e.g. via a name or e-mail address, is also an e-mail address, are also personal data.

As the protection of your personal data in our whistleblower system is very important to us this privacy policy, we inform you about the type, scope and purpose of the personal data processed by us in this whistleblower system and your rights as a data subject.

2. Controller for the processing of data

The data protection officer of ISOWA GmbH is: Andreas Wagner, Hees Bürowelt GmbH, Friedrich-Wilhelm-Str. 148, 57074 Siegen, Germany

Depending on the type and scope of the processing of the report and the measures to be carried out as a result, the company may entrust service providers (e.g. auditors, lawyers or tax consultants) who are not subject to instructions with the specific implementation of the corresponding measures.

3. Processing activity

Under the whistleblower protection system, companies are obliged to set up an internal reporting office for submitting information about irregularities in the company. It is possible to report violations in the areas of criminal law, administrative offense law, tax law or data protection law, for example. We want to avoid any resulting disadvantages, such as fines or damage to our reputation, by using the whistleblower system to draw attention to possible violations and rectify them quickly and appropriately. When processing reports, it is ensured in particular that all legitimate interests of the persons concerned and the whistleblowers themselves are safeguarded.

4. Purposes of the processing activity

With our whistleblower system, we provide whistleblowers with reporting channels so that they can report violations of the Code of Conduct or applicable laws in a secure, confidential or anonymous way. In particular, your data will be used to check the plausibility of information, to communicate with our external partner and, if necessary, other service providers such as lawyers to process the cases, to clarify misconduct, to prevent future misconduct and to compensate and defend against imminent economic or other damages or disadvantages for the companies.

5. Legal basis

The legal basis for the processing of your data in the whistleblower system is the fulfillment of legal requirements from the Whistleblower Protection Act pursuant to § 10 HinSchG in connection with art. 6 para. 1 lit. c GDPR.

In addition, we have a legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in the detection and prevention of infringements. In this way, we try to avoid potential liability and damage. The processing of information relating to employees is also intended to uncover criminal offenses or other legal violations in connection with the employment relationship.

6. Data and data categories

The use of the whistleblower system is voluntary. We may collect the following data from you:

7. Forwarding of data

It may be necessary for us to pass on your data to authorities, courts or other public bodies in order to follow up on the report.

8. Deletion periods

We will retain personal data for as long as is necessary to clarify and final assessment of a report. The duration of storage depends in particular on the severity of the suspicion and the reported possible breach of duty. In principle, the statutory retention period is 3 years after the conclusion of the proceedings, unless further storage is necessary and proportionate.

9. Rights of data subjects

You can assert the following rights regarding your personal data against us:

If you submit a request for information to us, we will inform you in accordance with the data protection regulations, we will inform you whether and what data we have collected from you. Our endeavor to ensure that your data is always up to date and error-free. However, if incorrect information has been recorded, we will correct it immediately after a corresponding request.
To do so, please send us a request to: info(at)isowa.de

In addition to exercising your rights against us, you also have the right to lodge a complaint with a supervisory authority if you suspect a breach of data protection regulations suspect (Art. 77 GDPR).