Whistleblower system

1) Grievance / Complaints Mechanism

Purpose & Scope

Our grievance mechanism is open to all stakeholders: employees, applicants, contractors, suppliers, business partners, customers, and members of affected communities. It covers violations of laws or internal policies as well as human-rights, social, or environmental complaints connected to our operations and value chain.

Product/service feedback can be submitted via the same channels. Such cases are either handled within this procedure or transparently routed to Customer Service – with the same commitment to acknowledgment and outcome communication.

Reporting Channels

  • Externally operated whistleblowing portal (anonymous reporting available)
  • Email: profil-m-riskmanagement@ak-compliance.de
  • Phone / Hotline: +49 511 330603-70 (available 9 a.m. – 5 p.m.)
  • Postal mail: Profil M Beratung für Human Resources Management GmbH und Co. KG · Berliner Straße 131 · 42929 Wermelskirchen

All channels support confidential reporting; fully anonymous dialogue is possible (incl. anonymous inbox within the portal).

Acceptance & Non‑Acceptance

We accept grievances including, but not limited to:

  • violations of laws; breaches of internal policies/Code of Conduct
  • corruption, fraud, conflicts of interest
  • discrimination, harassment, health & safety, labor rights
  • data protection / information security
  • human-rights and environmental risks/impacts in own operations and supply chain

Non‑acceptance (with explanation and alternatives), e.g.:

  • manifestly abusive/defamatory submissions
  • purely personal disputes without business nexus
  • duplicates or insufficient information after clarification request

Process & Target Timelines

  1. Acknowledgment within 7 days
  2. Triage & risk assessment (typically ≤ 14 days)
  3. Investigation by competent functions; independent third parties engaged where appropriate
  4. Remediation/Corrective Action Plan (e.g., corrective actions, training, supplier requirements, remediation, contractual measures)
  5. Outcome/closure communication within 3 months from acknowledgment (with interim updates where needed)

If a submission is not accepted as a grievance, we explain why and outline alternative options (e.g., Customer Service, external authorities).

Confidentiality, Data Protection & Safeguards

  • Confidentiality and need‑to‑know access are ensured; identities are not disclosed without consent (unless legally required).
  • Data is purpose‑limited and retained only as necessary for handling, documentation, and legal obligations.
  • We assess retaliation risks and implement appropriate safeguards (e.g., anonymization, organizational measures, adjustments of responsibilities).

Transparency & Monitoring

We annually publish anonymized metrics (e.g., number of cases, average processing times, categories, actions) and continually improve the mechanism.

External Reporting Options

Reporters may at any time contact competent external reporting bodies/authorities. Information is provided on the portal.

2) Whistleblower Protection Policy

Principle (Anti‑Retaliation)

We maintain a zero‑tolerance stance toward any retaliation against whistleblowers, supporters, witnesses, or others involved in the process—regardless of whether reports are anonymous or named and whether they ultimately prove substantiated—provided they were made in good faith.

Safeguards

  • Confidentiality & Anonymity: secure channels; anonymous dialogue available via the portal
  • Risk Assessment & Protective Measures: case‑specific measures (e.g., extended confidentiality, organizational separation, task/environment adjustments, psychosocial support)
  • Fairness & Rights: persons concerned are informed with due regard to procedural integrity and have the opportunity to respond; the right to a fair process is upheld.

Consequences for Retaliation & Breaches

Proven retaliation, intimidation, obstruction, breaches of confidentiality, or other punitive actions will lead to appropriate measures—up to and including employment measures (e.g., disciplinary action up to dismissal) and/or business measures (e.g., contractual/supplier measures).

Responsibilities & Governance

  • The Compliance/Ombuds team oversees the process, documents actions, and reports regularly to management.
  • Independent third parties may be involved for risk assessment/investigations.

Abuse Disclaimer

Knowingly false allegations or bad‑faith reports may result in appropriate action. This does not apply to unintentional errors or good‑faith reports.