Data Protection & Privacy Notice

The data privacy regulations of some countries require that a person making a report containing personal data be notified of certain collection and retention practices regarding the information submitted and must accept the terms and conditions for the use of this service.

You are being asked to read and accept the terms outlined below. If you do not accept the terms below, we are unable to accept any information through this system and suggest you contact your supervisor or manager to discuss the matter further.

  1. General

    This service is a web and phone-based intake system provided by your organization to individuals for reporting suspected violations of laws or regulations or company policies.

    For more information click here.

    In certain countries, such as the United States, this service may also be used to report suspected violations of other matters. The personal data and information you report is stored and operated by NAVEX in the United States.

    To proceed further, you must read this notice in its entirety. If you agree, check the I CONSENT box that follows. You will then be able to submit a report or question using this service. If you do not provide your consent, you will not be able to submit a report or question through this service.

  2. Use of this service

    Use of this service is entirely voluntary. You are encouraged to report possible violations directly to your supervisor or manager. If you feel that you are unable to do so, you may use this service to make your report.

    For more information click here.

    This service is a confidential online reporting system that allows you to report on certain matters related to suspected violations of law or company policies, as well as other concerns you may have, to your organization. However, regulations in certain countries may restrict the types of matters that may be reported; generally these relate to financial concerns, accounting or auditing irregularities, bribery, competition law violations, discrimination and harassment, and impacts to the environment, health, hygiene, and safety. If your concern pertains to a matter that may not be accepted by your organization (the type of matter is not available to select), you will need to contact your supervisor or local management to report the matter.

    Please note that we are able to receive and process reports through this service only if you confirm that you have read and taken note of this Data Protection and Privacy Notice and expressly consent to the collection and processing of the information you provide, as described below, by clicking the I CONSENT box. If you do not consent then you may not use this service to file a report and should contact your supervisor or local management to report the matter.

    Please be aware that the information you supply about yourself, your colleagues, or any aspect of the company’s operations may result in decisions that affect others. Therefore, we ask that you only provide information that you believe is true. You will not be subject to retaliation from your organization for any report of a suspected violation that is made in good faith, even if it later turns out to be factually incorrect. Please be aware, however, that knowingly providing false or misleading information will not be tolerated. The information you submit will be treated confidentially except in cases where this is not possible because of legal requirements or in order to conduct an investigation, in which case the information will be handled sensitively. We encourage you to identify yourself in order for us to follow up with questions we may have.

  3. What personal data and information is collected and processed?

    This service captures the following personal data and information that you provide when you make a report: (i) your name and contact details (unless you report anonymously) and whether you are employed by the organization; (ii) the name and other personal data of the persons you name in your report if you provide such information (i.e.: description of functions and contact details); and (iii) a description of the alleged misconduct as well as a description of the circumstances of the incident. Note that the laws of some countries do not permit reports to be made anonymously; however, your personal information will be treated confidentially and will only be disclosed as set out below.

  4. How will the personal data and information be processed after your report and who may access personal data and information?

    The personal data and information you provide will be stored in a database which is located on servers hosted and operated by NAVEX in the United States. NAVEX is committed to maintaining stringent privacy and security practices including those related to notice, choice, onward transfer, security, data integrity, access, and enforcement. For more information about how we protect the information we collect, please visit: http://www.navexglobal.com/en-us/privacy-statement.

    For more information click here.

    For the purpose of processing and investigating your report and subject to the provisions of local law, the personal data and information you provide may be accessed, processed and used by the relevant personnel of your organization, including Human Resources, Finance, Internal Audit, Legal, Corporate Compliance, management, external advisors (e.g. legal advisors), or, in limited circumstances, by technical staff at NAVEX, Inc. Those individuals may be located in the United States or elsewhere.

    Personal data and information you provide may also be disclosed to the police and/or other enforcement or regulatory authorities. The relevant bodies that receive and process personal data can be located in the US or in another country that may not provide the level of data protection available in the EU.

    The personal data you provide will be kept as long as necessary to process your report, or, if applicable, as long as necessary to initiate sanctions or to meet legal or financial needs.

  5. Accessing information concerning the report

    Your organization should promptly notify any person who is the subject of a report to this service except where notice needs to be delayed to ensure the integrity of the investigation and preservation of relevant information.

    For more information click here.

    With some exceptions, the subject of the report may request access to information concerning the report (with the exception of the identity of the reporter) and request correction of personal data that is inaccurate or incomplete in accordance with applicable law. Similarly, with some exceptions, reporters may also access information about the report and request corrections of their personal data in accordance with applicable law. To make any such corrections, please contact your organization.

  6. Special country regulations

    Throughout much of the European Union and surrounding areas, reports can only be made relating to limited topics, typically accounting, auditing, bribery, competition law, discrimination and harassment and environment, health, hygiene, and safety matters. Further, some countries also restrict the subject of a report to only employees in key or management functions.

    For more information click here.

    Reporting of issues or concerns relating to topics not permitted by law should be reported directly to your manager or supervisor as appropriate. As previously noted, some countries do not permit anonymous reporting.