Contact

Whistleblower Reporting Procedure

Rozmiar tekstu

Włącz lektora.

Wyłącz lektora.

SIMPLIFIED PROCEDURE FOR ACCEPTING REPORTS OF LAW VIOLATIONS FROM WHISTLEBLOWERS WITH INFORMATION CLAUSE

I. Method of submitting reports:

1. A report may be submitted:

a) by e-mail to: sygnalista@konsorcjumstali.pl

b) by letter on paper to the postal address of Konsorcjum Stali S.A. with its registered office in Zawiercie, ul. Paderewskiego 120 42-400

Zawiercie addressed to the Head of the Management Board Office with the note "for the attention of the Head of the Management Board Office";

c) in person by meeting with the Head of the Management Board Office or a Member of the Management Board;

2. In case the report concerns the Head of the Management Board Office or another person involved in the process of reviewing irregularities, reports may be sent to:

a) the President of the Management Board by letter on paper to the postal address of Konsorcjum Stali S.A. with its registered office in Zawiercie, ul. Paderewskiego 120, 42-400 Zawiercie, with the note "for the attention of the President of the Management Board" or by e-mail to: prezes@konsorcjumstali.pl;

b) if the report concerns the President of the Management Board, to the Chairman of the Supervisory Board by letter on paper to the postal address of Konsorcjum Stali S.A. with its registered office in Zawiercie, ul. Paderewskiego 120 42-400 Zawiercie with the note "for the attention of the Chairman of the Supervisory Board" or by e-mail to: przewodniczacyrn@konsorcjumstali.pl.

3. Reports cannot be submitted anonymously. Anonymous reports will not be considered.

4. With your consent, an oral report will be documented in the form of:

a) a recording of the conversation, enabling its retrieval,

b) or a transcript of the conversation, reflecting its exact course.

If you consent to the documentation of the oral report, you may review, correct, and approve the transcript or protocol of the conversation by signing it.

5. Content of the report:

The report should contain at least the following information:

a detailed description of the reported law violation;
evidence supporting the report (if available);
identification data of the reporting person;
contact details if you wish to be informed about the results of our actions related to the received report.

II. Whistleblower Protection

1. Any natural person who has obtained information about a law violation in our organization may submit a report.

2. As a Whistleblower, you are protected as specified in the provisions of the Whistleblower Protection Act, from the moment of submitting the report.

3. We ensure the protection of Whistleblowers by:

a) protecting your identity, unless we receive your explicit consent to disclose your data;

b) if the report concerns other persons, we will also ensure the confidentiality of their identities;

c) involving impartial persons in the review process, who are obliged to maintain confidentiality, also after the end of employment or cooperation;

d) ensuring that only authorized persons, who have been trained in Whistleblower protection, have access to your data and documentation related to the report;

e) protection against retaliation, including threats of such actions, in connection with the submitted report.

4. At your request, we will issue, within one month of receiving it, a certificate confirming that you are protected against retaliation as provided for in the Whistleblower Protection Act.

III. Law violations subject to reporting

1. You may provide us with information about a law violation concerning:

1) corruption;

2) public procurement;

3) financial services, products, and markets;

4) anti-money laundering and counter-terrorist financing;

5) product safety and compliance with requirements;

6) transport safety;

7) environmental protection;

8) radiological protection and nuclear safety;

9) food and feed safety;

10) animal health and welfare;

11) public health;

12) consumer protection;

13) privacy and personal data protection;

14) security of networks and ICT systems;

15) financial interests of the State Treasury of the Republic of Poland, local government units, and the European Union;

16) the internal market of the European Union, including public law principles of competition and state aid, and corporate taxation;

17) constitutional freedoms and rights of humans and citizens – occurring in relations between individuals and public authorities and not related to the areas indicated in points 1–16.

2. The report may concern a reasonable suspicion regarding an actual or potential law violation that has occurred or is likely to occur in our organization.

3. The procedure does not apply to law violations other than those indicated above, in particular, it does not apply to labor law violations.

IV. Feedback and contact regarding the acceptance of the report

1. We will confirm receipt of your report to the provided contact address. We will provide information immediately, no later than within 7 days from the date of receipt of the report, unless you have objected to receiving confirmation.

2. We will not provide information about the receipt of the report if we have reasonable grounds to believe that such action would endanger the confidentiality of your identity.

3. We may contact you at the provided contact address for explanations or additional information that you may have – providing them is voluntary.

4. If the initial verification shows that the report does not concern a law violation, we will inform you about the discontinuation of its review and the reason for discontinuation.

5. We will provide you with feedback within no more than 3 months from the date of receipt of the report,

6. We will inform you if we refrain from taking follow-up actions, stating the reason for refraining.

7. We will inform you about the final result of our follow-up actions taken as a result of the report.

V. Procedure for handling received reports:

1. Reports of law violations are verified by the Head of the Management Board Office and the appointed Commission in terms of the credibility of the report and our responsibility for its review and conducting follow-up actions.

2. As part of the proceedings, we may collect additional information, including contacting you for further explanations.

3. If the report is found to be justified and concerns a law violation in an area within our scope of activity, we will take further steps to investigate the matter and remedy the law violation. In particular, we may take one or more of the following actions:

Initiating disciplinary or other appropriate proceedings against the Employee who committed the law violation;
Modifying existing procedures to prevent similar law violations in the future
Conducting additional training
Intensifying control of the relevant area of activity
Reporting to the appropriate authorities;

4. We may refrain from taking follow-up actions if your report, concerning a matter already the subject of your previous report or a report from another Whistleblower, does not contain significant new information about the law violation compared to the previous report of that violation.

We will inform you of such discontinuation.

5. All reports are recorded in our internal register. The register contains information about the report, the date of its submission, actions taken, and the results of its review. Only authorized persons have access to the Register.

INFORMATION CLAUSE REGARDING THE PROCESSING OF PERSONAL DATA FOR THE PURPOSE OF ACCEPTING THE REPORT AND CONDUCTING AN INVESTIGATIVE PROCEDURE UNDER THE WHISTLEBLOWER PROTECTION ACT

1. The administrator of your personal data is Konsorcjum Stali S.A. with its registered office in Zawiercie, address ul. Paderewskiego 120, e-mail: biuro.zawiercie@konsorcjumstali.pl, tel. 32 67 216 92.

2. You may contact the Administrator regarding personal data processing and the exercise of rights under the GDPR using the above contact details or the Data Protection Officer appointed by the Administrator at: iodo@konosorcjumstali.pl

3. Your personal data will be processed for the purpose of accepting the report and conducting an investigative procedure based on the legal obligation imposed on the Administrator under the Act of 14 June 2024 on Whistleblower Protection.

4. Protection of the whistleblower's identity: If you provide identifying data, your personal data will not be disclosed to unauthorized persons (i.e., persons outside the team responsible for handling the reported case), unless with your explicit consent.

5. Special cases where data may be disclosed: In connection with investigative proceedings conducted by public authorities or preparatory or judicial proceedings conducted by courts, including to guarantee your right to defense, your data may be disclosed when such action is a necessary and proportionate obligation under the law. Before such disclosure, the relevant public authority or court will notify you, providing an explanation of the reasons for the disclosure of personal data in paper or electronic form. Notification will not be provided if it could endanger the investigative, preparatory, or judicial proceedings.

6. The Administrator ensures the confidentiality of your data in connection with the received report. Therefore, data may only be made available to entities authorized by law and entities to whom the administrator has entrusted data processing, i.e., entities that may provide organizational, legal, or technical support during the handling of the report.

7. Personal data processed in connection with the acceptance of the report or follow-up actions and documents related to this report are stored for 3 years after the end of the calendar year in which the report was submitted or follow-up actions were completed, or after the completion of proceedings initiated by these actions. Personal data that are not relevant to the review of the report are not collected, and if accidentally collected, are immediately deleted. The deletion of such personal data takes place within 14 days from the determination that they are not relevant to the case.

8. You have the right to request access to your personal data, as well as their rectification (correction). You also have the right to request deletion or restriction of processing, as well as to object to processing, but only if further processing is not necessary for the Administrator to fulfill a legal obligation and there are no other overriding legal grounds for processing.

9. You have the right to lodge a complaint about the processing carried out by the Administrator to the President of the Personal Data Protection Office (uodo.gov.pl).

10. Providing identifying data is mandatory and is a condition for us to accept your report. Providing other data, including contact details, is voluntary. If you do not provide contact details, we will not be able to inform you about the review of the report or confirm its receipt, nor inform you about the progress of our actions related to this report.

11. Your data will not be transferred to a third country or international organization.

12. Your data will not be subject to profiling or automated decision-making.

13. Anyone who believes that the state has violated their rights or has been treated unequally may contact the Ombudsman. Citizen information line: 800 676 676, e-mail: biurorzecznika@brpo.gov.pl, Correspondence address: Biuro RPO, al. Solidarności 77, 00-090 Warsaw