Information on data protection
We attach the utmost importance to data protection and confidentiality and comply with Regulation (EU) 2016/679, the so-called GDPR, on data protection and the applicable national regulations on the protection of personal data. Please read this data protection notice carefully before submitting a report.
Purpose of this whistleblowing system and legal basis
The whistleblowing system (BKMS® System) is designed to collect, process and manage the reports in complete security and confidentiality, in accordance with Law 2016-1691 of 9 December 2016 concerning whistleblowers and Law n°2022-401 of 21st March 2022 improving the protection of whistleblowers and its implementing decree of 3rd October 2022. The processing of personal data within the BKMS® System platform is based on our company’s legitimate interest in detecting and preventing any breach and thus protecting SILAB, its employees, clients and stakeholders. The legal basis for the processing of personal data is article 6 paragraph 1f of the GDPR.
Responsible parties
The parties responsible for data protection within the whistleblowing system are
- SILAB and
- its subsidiaries
The BKMS® System platform is managed by a specialist company, EQS Group GmbH, Bayreuther Str. 35, 10789 Berlin, Germany, on behalf of SILAB.
Personal data and information entered into the BKMS® System platform are stored in a database managed by EQS Group GmbH in a certified, high-security data centre. Only SILAB’s compliance and ethical report examiners have access to these data. Neither EQS Group GmbH nor any other third party has access to the data. This protection is guaranteed by the process implemented by EQS Group GmbH.
All data are encrypted and saved using several levels of password protection so that access is restricted to a very limited number of people with the express authorisation of SILAB.
SILAB has appointed a data protection officer. All questions relating to data protection at SILAB can be sent to the following address: rgpd@silab.fr.
Type of personal data collected
Use of the system is voluntary. By submitting a report through the whistleblowing system, we collect the following personal data and information:
- Your surname if you choose to disclose your identity.
- Your first name if you choose to disclose your identity.
- Your status as a SILAB employee / external or occasional collaborator and
- if applicable, the names of persons and other personal data of the persons you mention in your report.
Confidential handling of reports
Incoming reports are received by a limited number of employees with specific authorisations and specially trained by SILAB: the compliance and ethical report examiners. The reports are always handled with the strictest confidentiality. The SILAB compliance and ethical report examiners assess the report and, if necessary, carry out a more detailed investigation.
When handling a report or investigation, it may be necessary to share reports with other SILAB employees or with employees of other group companies, for example if the reports relate to incidents that have taken place in subsidiaries. These subsidiaries may be based outside the European Union or the European Economic Area subject to different regulations on the protection of personal data. Compliance with the data protection provisions applicable at the time these data are transmitted is always guaranteed.
Any person obtaining access to the data is obliged to keep it strictly confidential.
Information relating to the accused person
We are obliged by law to inform the accused person that we have received a report concerning them as soon as this does not threaten the implementation of measures to clarify the situation. To the extent permitted by law, your identity as the whistleblower will not be disclosed.
Rights of the data subjects
Under the applicable data protection regulations, you and the person concerned by the report have the right to information, access, rectification, erasure and objection to the processing of personal data concerning them. If the right of erasure is invoked, we will examine as soon as possible to what extent the data saved are still necessary for processing the report. Data that are no longer necessary will be deleted immediately. In addition, you have the right to lodge a complaint with a supervisory authority.
Retention period for personal data
Personal data are retained for as long as necessary to clarify the situation and make a final assessment or as long as there is a legitimate interest on the part of the company or retention is required by law. After completion of the processing of the report, the personal data are deleted in accordance with regulatory requirements.
Use of the whistleblowing system
Communication between your computer and the BKMS® System platform takes place via an encrypted connection (SSL). The whistleblowing system does not enable IP addresses to be traced. To maintain the connection between your computer and the BKMS® System platform, a cookie is stored on your computer which merely contains the session ID (a so-called “null cookie”). This cookie is valid only until the end of your session and expires when you close your browser.
You can set up a postbox within the whistleblowing system which is protected with a personally chosen user name and password. You can submit either a nominative or an anonymous report to the compliance and ethical report examiners. In this system, the data are stored only within the BKMS® System platform, which makes it particularly secure. This is not a traditional communication by exchange of e-mails.
Note on the sending of attachments
When you submit a report or provide additional information to an existing report, you can also send attachments to the SILAB compliance and ethical report examiner. If you chose to submit an anonymous report, please note the following safety instructions: the files may contain hidden personal data that could compromise your anonymity. Remove these data from the files before sending them. If you are unable to remove these data, or if you are unsure how to do so, please copy the text of your attachment into the text of your report message or send a printed copy of the document anonymously to the address given in the footnote, specifying the reference number assigned to you at the end of the reporting process.
Date: May 2024