Our whistleblowing system: Prevention instead of loss of trust

Who is the whistleblowing system aimed at?

The whistleblowing system is aimed at all BRZ employees as well as persons who are in contact with BRZ as part of their professional activities and who have obtained information about violations of the law in this way, such as customers or suppliers.

Why should I submit a report?

Compliance with statutory, social and internal company rules is part of a positive and open company culture.

Perhaps you are aware of damaging behaviour or risks that endanger BRZ. Your report will help us reveal financial and reputational risks or harm at an early stage and ensure the long-term success and reputation of the company.

What reports can be submitted?

The categories of our whistleblowing system are corruption, data protection violations, other criminal acts punishable by court (particularly offences against property) or violations of applicable law (such as copyright) and (other) violations according to the Austrian Whistleblower Protection Act (HSchG).

You will receive detailed information on the categories during the reporting process. Next to the respective category you will find an infobox. By clicking on this infobox, you will receive further details of the categories.

Please note that the whistleblowing system is not suitable for reports about emergencies.

What is the process for submitting a report? How do I set up a postbox?

If you wish to submit a report (either giving your name or anonymously), click the “Submit report” button at the top of our introduction page.

The reporting process consists of four steps:

1. First, you will be asked to read some information on the protection of your anonymity and answer a security query.
2. On the following page, you will be asked about the category of your report.
3. On the report page, you can elaborate on your report in your own words and answer simple multiple-choice questions about the case. You can enter up to 5,000 characters into the free text field, which corresponds to a full page. You may also submit a file of up to 5 MB to support your report. Please bear in mind that documents can contain information about the author. After submitting your report, you will receive a reference number to confirm that you have sent this report.
4. After this, please set up your own secured postbox. You will use this postbox to receive feedback, answer questions and find out about the progress of your report.

If you already have a secured postbox, you can go straight to it via the “Login” button. Here, too, you will have to answer a security query first.

As long as you do not enter any data that could reveal your identity, BKMS^® System will protect your anonymity.

Please rest assured that we are only interested in the case you are reporting. Abuses shall be uncovered and financial losses prevented.

How do I receive feedback and remain anonymous at the same time?

The BKMS^® System process used here places the utmost importance on protecting the whistleblower. The effectiveness of the anonymity protection function has been certified by an independent body.

When you set up your secured postbox, you choose your pseudonym/user name and password yourself. This login information is not visible to anyone except you. If you lose your login information, please submit a new report and set up a new postbox. If possible, please provide the reference number of your previous report. The new postbox will not contain anything associated with your previous report.

Your report is kept anonymous through encryption and other specialised security measures. You do not have to provide any personal information if you submit a report anonymously. Do not submit any information that can be traced back to you. Please do not use any device, such as a PC or smartphone, that has been provided by your employer to submit your report.

One of the persons responsible for handling reports will give you feedback via the secured postbox about the further processing of your report or ask you questions if some details are still unclear – you remain anonymous throughout the dialogue. We are interested in reports to avoid damage, not in you as a whistleblower.

How is my identity protected?

Our whistleblowing system is set up and operated by an external provider in a high-security data centre in Germany. Your report is encrypted and kept secured by other special security routines. You can also submit your report anonymously and do not have to provide any personal details at any point. The protection and security of your data are of the highest priority. In accordance with the need-to-know principle, only a very small number of people within BRZ have access to your report. Even the data processor does not have access to your data and information.

The whistleblowing system is certified both in terms of data protection (European Privacy Seal) and in accordance with ISO 27001.