WHISTLEBLOWING
In order to protect all employees and/or contractors who report violations that have come to their knowledge within the scope of their jobs, the whistleblowing procedure has been introduced to Model 231, setting out the method for transmitting reports, with the guarantee of privacy as per the privacy policy statement.
PROCEDURE FOR TRANSMITTING REPORTS
Pellegrini has always been committed to observing rights, duties and ethics (hereinafter “Principles”) and demands the same observance from all of its employees, from all stakeholders, be they partners, customers or suppliers, and from all members of the company boards.
In order to better guarantee observance of the Principles, Pellegrini has adopted:
- the Code of Ethics;
- the Organisation, management and control model as per the Italian Legislative Decree 231/2001;
- the Anti-corruption Policy also including crimes as per Law 190/2012;
and has implemented Model 231/2001 with the whistleblowing measures as per Law 30 November 2017, no. 179 (§ Chapter 6 of the Abstract downloadable from the website page https://www.gruppopellegrini.it/la-sostenibilita/codice-etico/ ).
The abovementioned law requires that all companies establish special information channels which enable any reporting party (employee or otherwise) to submit, in order to protect company integrity, specific reports of illegal conduct, as per Model 231/2001, using tools that protect the identity of the reporting party.
The aim of this document is to remove the factors that may hinder or discourage recourse to the provision, such as doubts or uncertainties about the procedure to be followed and fears of recrimination or discrimination.
In implementing the aforementioned law, Pellegrini has thus adopted whistleblowing measures aimed at guaranteeing that each reporting party, by way of a confidential channel, can inform the company whenever they believe, in good faith, that a crime, a violation and/or conduct in breach of the Code of Ethics, Model 231 and the Anti-corruption Policy has occurred and is occurring or may possibly occur.
1. Events and actions that may be the subject of the report
Pellegrini requests and encourages reports aimed at highlighting conduct that may compromise its reputation and integrity on the market and in its relationship with its employees, customers and third parties in general.
There is no set list of the irregularities or crimes that can be the subject of whistleblowing.
Any reports about conduct, risks, irregularities or crimes, committed or attempted, to the detriment of Pellegrini’s interests, are considered relevant.
By way of mere example, the report may regard actions or omissions, committed or attempted, that are:
- criminal
- in breach of the Code of Ethics, of Model 231 or of the Anti-corruption Policy, or other in-house provisions, subject to disciplinary proceedings
- capable of causing damage to Pellegrini’s assets
- capable of causing damage to Pellegrini’s image
- capable of causing damage to the health and safety of employees or third parties.
Pellegrini is obliged to protect the reputation of all persons involved, therefore it does not accept falsities or injustices, mere suspicions or rumours, complaints or claims of a personal nature.
In fact, any forms of abuse of the whistleblowing procedure, such as reports that are clearly opportunistic and/or made for the sole purpose of damaging the person reported or another entity, and any other improper use or manipulation of this procedure, are a source of liability before tribunals or other competent authorities.
Therefore, the reporting party that reports in good faith what they believe to be a violation, shall not be the subject of any retaliation or discrimination by the company. The person who, however, acts to slander another person or, nonetheless, to report unfounded acts or in contrast with the principle of good faith, will be subject to disciplinary actions, as well as criminal provisions and/or claims for damages in the case of a libellous or defamatory report, pursuant to the Italian criminal code and to art. 2043 of the Italian civil code.
Whistleblowing does not regard personal grievances of the reporting party or claims and requests regarding the employment contract and/or relations with superiors and/or colleagues, for which reference should be made to the pertinent discipline or procedures.
2. Who receives the report
The reports are received by the Chairman of the Supervisory Board, who undertakes to send an initial reply to the reporting party as soon as possible.
3. Report transmission method
The reporting party may send their report:
- in hard copy to the following address:
Pellegrini Spa – Via Lorenteggio 255 – 20152 Milano
For the kind attention of the Chairman of the SB – Mr. Piero Calabrò - by e-mail to the SB at organismo.vigilanza@gruppopellegrini.it
- by e-mail to the Chairman of the SB, Mr. Piero Calabrò, at piero.calabro@legalmail.it
Alternatively, the company provides a special website at the link https://whistleblowing.gruppopellegrini.it, created to protect the anonymity of the reporting party. In this case the reporting party will receive a unique identification code for the report, with which they can converse anonymously through the site with the Chairman of the Supervisory Board. The reporting party must remember to carefully conserve the unique identification code of the report, since, in the case of loss, it cannot be recovered or duplicated in any way.
4. Content of the report
The reporting party must provide all of the elements to enable the proper checks and/or inquiries, to establish the legitimacy of the facts of the report, to be carried out within an appropriate timeframe. The following is required:
- a clear and complete description of the facts of the report
- if known, the time and place in which they were committed
- if known, the general information or other elements (like the reporting party’s position and the service) so as to identify the party/parties which has/have committed the reported acts
- indication of any other parties that can provide information about the facts contained in the report
- indication of any documents that can confirm legitimacy of such facts
- any other information that can provide useful input about the existence of the facts reported.
5. Verification of the report
The management and the verification of the truth of the circumstances contained in the report are entrusted to the Chairman of the Supervisory Board, which he/she provides in compliance with the principles of impartiality and confidentiality, carrying out activities deemed opportune, including hearing the reporting party and any other parties that can refer to the reported facts.
The Chairman of the Supervisory Board will duly reply, as per law, to all reports.
Should the report be valid, the Chairman of the Supervisory Board, with regard to the nature of the breach, shall see to communicating the result of the inquiries, where applicable:
- to the Manager of the pertinent department
- to the Human resources manager
- to the legal authorities.
All those who receive and/or are authorised by the Chairman of the Supervisory Board to manage reports and related documents must protect confidentiality.
Breach of confidentiality is subject to disciplinary action.
6. Identity of the reporting party
The reporting party can decide to submit information anonymously, confidentially or openly.
An anonymous report is one without any personal data of the reporting party and which, nonetheless, does not contain any of the elements necessary to identify the author.
A confidential report is one containing the personal details of the reporting party, specifying that the reporting party does not authorise their identity to be revealed within the scope of any disciplinary action, apart from legal objections or if knowledge of the identity of the reporting party is absolutely essential to the defence of the accused, and only if such circumstances are inferred and substantiated at a hearing or through the presentation of a defence brief.
Apart from the cases described above, the identity of the reporting party of a confidential report is known exclusively by the Chairman of the Supervisory Board and by the parties authorised by the same to receive and manage reports.
An open report bears the personal details of the reporting party, specifying that in the event of disciplinary procedures the reporting party authorises their identity to be revealed.
It is specified that, with the exception of the cases in which there is liability for defamation or slander pursuant to the provisions of the Italian criminal code or of art. 2043 of the Italian civil code and in the case in which anonymity is opposable by law (e.g. criminal, tax or administrative investigations, inspections by supervisory bodies), the identity of the reporting party is nonetheless protected in all circumstances following the report.
Therefore, apart from the exceptions described above, the identity of the reporting party may not be revealed without their express consent and all those that receive and are involved in the management of the report must protect the confidentiality of such information.
7. Prohibition of discrimination against the reporting party
As regards the employee who files a report pursuant to the procedure herewith, it is not permitted, or tolerated, any form of recrimination or discrimination, direct or indirect, with effects on working conditions for reasons directly or indirectly linked to the report.
Pellegrini undertakes to protect from any intimidation and recrimination those who have submitted a report in good faith.
The employee who believes they have suffered discrimination for having submitted a report, must give detailed information about the discrimination to the Chairman of the Supervisory Board who, having established the existence of such, reports the case of discrimination to the Manager of the department to which the author of the alleged discrimination belongs in order to verify the case and if possible rectify the situation and/or remedy the negative effects of the discrimination.
8. Privacy
Any personal and sensitive data contained in the report, including that regarding the identity of the reporting party or other individuals, are processed in compliance with the Italian Legislative Decree 196/2001, as amended with the Italian Legislative Decree 101/2018, and EU Regulation 2016/679. Pellegrini, as Data Controller, invites you to read the privacy policy statement available at the link: https://www.gruppopellegrini.it/gestione-della-privacy-in-pellegrini/
PRIVACY POLICY STATEMENT
As regards the processing of your personal data and details (as defined in article 4, numbers 1) and 15), articles 9 and 10, of the EU Regulation 2016/679, “Regulation”) acquired in relation to the reports of the irregularities described in the Whistleblowing Policy, carried out by Pellegrini, the Data Controller, in compliance with the regulations in force, we hereby provide the information referred to in articles 13 and 14 of the EU Regulation 2016/679.
1. – Origin of the personal data.
The personal data processed is provided by “reporting parties”, namely those from whom the report derives, to which data that may already be available to the Controller is added, together with that acquired within the scope of the actions carried out to verify the validity of the report and its contents, in compliance with the provisions of the law.
2. – Purpose of the data processing.
The personal data is collected and processed for purposes connected to or instrumental in the verification of the reports received about non-compliant actions and/or conduct with current procedures at Pellegrini, which may regard: Professional conduct regulations, ethical principles and/or illegal or fraudulent conduct regarding employees, members of company boards or third parties (customers, suppliers, consultants, contractors), which may cause – either directly or indirectly – economic, material and/or image damage to Pellegrini.
3. – Processing method, criteria and storage times
The processing is carried out using both electronic or nonetheless automated means, as well as in hard copy, and is carried out by Pellegrini directly or through specially appointed third parties.
The data processed shall be managed in such a way as to guarantee the security and confidentiality of the same with special reference to the data of the “reporting party”, which shall be protected by anonymity, apart from the cases indicated by the aforementioned policy in the event of actual or alleged libellous and/or defamatory reports, namely in the cases where anonymity is opposable by law and it is necessary to inform the competent authorities.
The data provided shall be processed and stored for a period of time no longer than that necessary for the purposes for which the data has been collected or subsequently processed. Once that period has passed, the data in the report shall be archived and stored for five years.
4. – The categories of parties to which the data can be communicated or which can learn of such data, as External Processors or as authorised parties.
For the abovementioned purposes, Pellegrini shall delegate the management of the reports to the Supervisory Board.
Your personal data may be processed either by parties authorised by Pellegrini, or by external Processors, pursuant to art. 28. In both cases the Controller shall provide the necessary instructions to the Processors and to the authorised parties.
5. – Nature of the consent
Providing personal data is optional, given that an “anonymous report” is possible.
6. – Further information
The reports should not contain data that is not strictly relevant to the report itself. Pellegrini shall see to the destruction – with the exception of cases authorised by law or by an order by the Data Protection Authority – any information not deemed strictly necessary to manage the report.
7. – Rights of the Interested Party
As the interested party, you have the right to exercise the rights referred to in articles 15 and 22 of the EU Regulation 2016/679.
More specifically, you have the right to ask Pellegrini to access your personal data, for it to be corrected or deleted, for restricted processing or to object to its processing, as well as the right to transfer the data.
You also have the right to make a complaint to the Data Protection Authority.
8. – Data Controller
The Data Controller pursuant to articles 4, number 7) and 24 of the EU Regulation 2016/679 is Pellegrini, with offices in Via Lorenteggio, 255 (20152 Milan). The controller may be contacted at its registered office or by sending an e-mail to the e-mail address privacy@gruppopellegrini.it.