Data protection information for the ‘GF Transparency Line’ whistleblowing system at GF
‘GF Transparency Line’ is the web-based whistleblowing system of Georg Fischer AG, Amsler-Laffon-Strasse 9, 8201 Schaffhausen, Switzerland, and of the companies directly or indirectly held by it (hereinafter referred to individually or also collectively as ‘GF’). The ‘GF Transparency Line’ allows whistleblowers inside and outside GF to report, anonymously if they wish, any irregularities worth mentioning in a confidential environment. The ‘GF Transparency Line’ operates outside the IT infrastructure of GF. Only the whistleblower themself and the Corporate Compliance Officer of the Georg Fischer Group along with a few employees selected by them, who are sworn to absolute secrecy towards everyone, have access to the data and information transmitted via the ‘GF Transparency Line’. Everyone who submits a report via the ‘GF Transparency Line’ is protected from any form of repression. Only deliberately incorrect reports and false accusations will be prosecuted if necessary. The ‘GF Transparency Line’ is the safest way to share your concerns with GF completely confidentially. We invite you to utilise the postbox function of the ‘GF Transparency Line’.
You can use the ‘GF Transparency Line’ in the following languages: German, English, Chinese, French, Italian, Portuguese, Romanian, Spanish and Turkish. The choice is yours. You will find the corresponding button at the top right of the first ‘GF Transparency Line’ page.
You can find out below how data in connection with the ‘GF Transparency Line’ is processed and used. Please read this data protection information carefully before submitting a report via the ‘GF Transparency Line’. Alternatively, you can also send your report directly to the Corporate Compliance Officer of the Georg Fischer Group instead of submitting it via the ‘GF Transparency Line’.
- Personal / Confidential / Unopened -
Corporate Compliance Officer
Georg Fischer AG
Amsler-Laffon-Strasse 9
8201 Schaffhausen, Switzerland
compliance@georgfischer.com
‘GF Transparency Line’ – what to use it for
The ‘GF Transparency Line’ serves to securely and confidentially submit, process, manage and communicate about reports concerning (suspected) violations of laws or regulations. If you wish, you can remain completely anonymous!
We process personal data that we receive in connection with your report to combat wrongdoing and the associated harm to GF, its employees and business partners. If a report concerns an employee of GF, the processing of the information also serves to prevent criminal acts or other infringements in connection with the employment relationship.
‘GF Transparency Line’ – collected personal data
Use of the ‘GF Transparency Line’ takes place on a voluntary basis. If you submit a report via the ‘GF Transparency Line’, we collect the following personal data and information:
- Your name if you do not remain anonymous;
- The fact that you submitted a report via the whistleblowing system if you do not remain anonymous;
- Your contact details if you provide them;
- Your relationship with GF (employee, business partner, third party) if you provide information on this;
- The names and other personal data of persons whom you list in your report, if applicable.
‘GF Transparency Line’ – what happens to the data
Data and information entered into the ‘GF Transparency Line’ are stored in a database operated by EQS Group AG in a high-security data centre subject to the rules of the GDPR. Only Corporate Compliance at GF can see the ‘GF Transparency Line’ data. EQS Group AG and other third parties do not have access to the data. This is guaranteed by a certified procedure through comprehensive technical and organisational measures.
In the ‘GF Transparency Line’, all data are stored encrypted with multiple levels of password protection. All access is subject to an authorisation concept. In this way, access to the data is restricted to a very small selection of expressly authorised persons at GF. These persons report to the Corporate Compliance Officer and are sworn to absolute secrecy.
‘GF Transparency Line’ – your rights
GF complies worldwide with the provisions of European data protection regulations, currently the strictest rules for the protection of personal data. According to this, everyone has the right to access information from GF about stored data concerning them, its rectification, erasure or restriction of processing as well as, in specific cases, a right to transfer this data.
Within the framework of applicable law, you may object to the processing of data concerning you or revoke consent given previously at any time and with future effect. In this regard, please note the information under ‘‘GF Transparency Line’ – what we have to tell third parties’ and ‘‘GF Transparency Line’ – what traces you leave behind and how to avoid that’.
An objection or revocation, whether directed at GF or third parties (e.g. authorities), can be made without any formalities. If it concerns data that are (also) processed by GF, you should send your objection/revocation to the Corporate Compliance Officer if possible; you will find the address above in the introduction (‘GF Transparency Line’ – the web-based whistleblowing system at GF).
You can also complain directly to a competent supervisory authority at any time.
‘GF Transparency Line’ – how long personal data are kept
Personal data are only retained for as long as there is a legitimate interest in doing so (e.g. until the final assessment of a report) or as long as GF is legally obliged to do so and will then be deleted immediately in accordance with legal requirements.
‘GF Transparency Line’ – all reports are handled by GF confidentially
Incoming reports are received by a small selection of expressly authorised and specially trained employees of GF Corporate Compliance and always handled confidentially. These employees evaluate the matter and carry out any further investigation that may be required by the specific case.
In the course of processing or investigating a report, it may be necessary to pass on information to individual GF employees, to international law firms and auditing companies commissioned by GF, as well as to law enforcement agencies, antitrust authorities, or other administrative authorities and courts. If data needs to be transferred to a recipient in a country outside of the European Union or the European Economic Area (‘third countries’), this is done with the protection of the data subjects (in particular the whistleblower) only on the basis of appropriate and adequate guarantees under data protection law:
- Data will only be transferred to a recipient country without an adequate level of data protection if it is clear that the specific recipient can ensure an adequate level of data protection themselves (e.g. where there is an adequacy decision by the EU Commission or through the prior agreement of so-called EU standard contractual clauses of the European Union with the recipient) or if you have previously given your express consent to the transfer.
- We will always ensure that the applicable data protection regulations are complied with when sharing reports.
- Those who have access to the data are obligated to maintain confidentiality as far as possible (as a rule, we cannot impose such obligations on authorities and courts; however, we will try to).
‘GF Transparency Line’ – what we have to tell third parties
As soon as it no longer jeopardises the investigations, we are generally obligated to inform an accused person that we have received a report concerning them. Furthermore, we have to inform authorities and courts in the cases provided for by law. Your identity as a whistleblower will not be disclosed unless we are legally bound to do so.
You can ensure that you always remain anonymous if you use the postbox function of the ‘GF Transparency Line’. You can communicate with us via the secured ‘GF Transparency Line’ postbox, without leaving traces and remaining anonymous, even if we have to provide information to authorities and courts.
‘GF Transparency Line’ – what traces you leave behind and how to avoid that
The ‘GF Transparency Line’ allows you to remain completely anonymous!
Communication between your computer and the whistleblowing system does not reveal your identity. It takes place over an encrypted connection (SSL). Your IP address will not be stored during your use of the whistleblowing system. In order to maintain the connection between your computer and BKMS® System, the system used to operate the ‘GF Transparency Line’, a cookie is stored on your computer that merely contains the session ID (a so-called session cookie). This cookie is only valid until the end of your session and expires when you close your browser.
If you also use the postbox function of the ‘GF Transparency Line’, you can set up a secured postbox within the whistleblowing system that is secured with an individually-selected pseudonym/user name and password. You can send reports to Corporate Compliance at GF via the secured postbox, either by name or in an anonymous and always secure way. When using the ‘GF Transparency Line’, data will only be stored inside the ‘GF Transparency Line’ itself, which makes it particularly secure. It is not a form of regular email communication.
If you use your postbox under a pseudonym, nobody will be able to identify you. If you do not use a pseudonym, i.e. you reveal your identity when submitting a report, we take this as your consent to the processing of the data concerning you. You can clarify or revoke this at any time. However, your clarification or revocation should reach us immediately, at the latest within one month of your report. Why? We can only reliably delete data completely when no one else has it yet. The time span for this can be very short. Please note: Depending on the type and severity of the circumstances reported to us, we may, for example, have to inform the authorities immediately (for example, in the case of environmental crimes). If necessary, the authorities may also receive data that allows them to draw conclusions about you. However, even in less serious cases, an accused person must be informed about the allegations made against them, investigations carried out and the processing of personal data concerning that accused person, as soon as this no longer jeopardises the success of the investigation (see above). This is often the case within one month of receipt of the report.
Caution when sending attachments
When submitting a report or an addition, you can simultaneously send attachments. If you would like to submit a report anonymously, please note that files can contain hidden personal data that compromise your anonymity. Please remove all such information before sending these files. If you are unable to remove this data or are uncertain about how to do so, copy the text of your attachment into your report text or print the relevant document and send it anonymously by post to the Corporate Compliance Officer, citing the reference number received at the end of the ‘GF Transparency Line’ reporting process; you will find the address above in the introduction (‘GF Transparency Line’ – the web-based whistleblowing system at GF).
‘GF Transparency Line’ – the responsible party
The party responsible for data protection within the ‘GF Transparency Line’ whistleblowing system is Georg Fischer AG, Amsler-Laffon-Strasse 9, 8201 Schaffhausen, Switzerland, and the companies directly or indirectly held by it. The ‘GF Transparency Line’ whistleblowing system is operated by EQS Group AG, Bayreuther Str. 35, 10789 Berlin, Germany, on behalf of GF.
‘GF Transparency Line’ – more information about personal data protection at GF
GF has appointed a data protection officer. Inquiries regarding data protection at GF can be sent to dataprotection@georgfischer.com.
Version: 25 October 2021