Code of Conduct Hotline Privacy Notice
Data Protection & Privacy Notice
The data privacy regulations of some countries require that a person making a report containing personal data be notified of certain collection and retention practices regarding the information submitted and must accept the terms and conditions for the use of this service.
You are being asked to read and accept the terms outlined below. If you do not accept the terms below, we are unable to accept any information through this system and suggest you contact your supervisor or manager to discuss the matter further.
General
This service is a web and phone-based intake system provided by your organization to individuals for reporting suspected violations of laws or regulations or company policies.
Use of this service
Use of this service is entirely voluntary. You are encouraged to report possible violations directly to your supervisor or manager. If you feel that you are unable to do so, you may use this service to make your report.
What personal data and information is collected and processed?
This service captures the following personal data and information that you provide when you make a report: (i) your name and contact details (unless you report anonymously) and whether you are employed by the organization; (ii) the name and other personal data of the persons you name in your report if you provide such information (i.e.: description of functions and contact details); and (iii) a description of the alleged misconduct as well as a description of the circumstances of the incident. Note that the laws of some countries do not permit reports to be made anonymously; however, your personal information will be treated confidentially and will only be disclosed as set out below.
How will the personal data and information be processed after your report and who may access personal data and information?
The personal data and information you provide will be stored in a database which is located on servers hosted and operated by NAVEX in the United States. NAVEX is committed to maintaining stringent privacy and security practices including those related to notice, choice, onward transfer, security, data integrity, access, and enforcement.
Accessing information concerning the report
Your organization should promptly notify any person who is the subject of a report to this service except where notice needs to be delayed to ensure the integrity of the investigation and preservation of relevant information.
Special country regulations
Throughout much of the European Union and surrounding areas, reports can only be made relating to limited topics, typically accounting, auditing, bribery, competition law, discrimination and harassment and environment, health, hygiene, and safety matters. Further, some countries also restrict the subject of a report to only employees in key or management functions.