Protection des données

Privacy policy

Data protection information on the whistleblower system

 
Note on data protection

 Via "Hinweisgeberexperte", employees, customers or business partners of Krause Automation can report violations of compliance regulations, such as antitrust or corruption law in particular ("Compliance" reporting channel), as well as certain violations of data protection regulations ("Data Protection" reporting channel) or human rights ("Human Rights" reporting channel).
 
The three reporting systems are strictly separated. The reporting channel "Compliance" is operated by the Corporate Compliance Department of Krause Automation and only employees of this department have access to the reports. The reporting channel "data protection" is provided by the data protection department of Krause Automation and only this department has access to the reports received via this channel. The reporting channel "Human Rights" is operated by the human rights department of Krause Automation and only employees of this department have access to this reporting channel. An exchange of information between the departments only takes place if this would be exceptionally necessary to process a specific case.

The infrastructure of the system including websites and database is operated by the service provider iComply GmbH, located in 55116 Mainz, Große Langgasse 1A. iComply GmbH is contractually obliged to maintain strict confidentiality and to comply with all data protection requirements.


What personal data and information is collected and processed?
When reporting violations via "iWhistle", personal data is collected: 

- of the person submitting a report (e.g. name, contact details) (optional/voluntary!) and
- of the persons affected by an incident (e.g. description of the actions of persons affected)


 entered in the respective reporting form or transmitted via the protected mailbox are collected and processed. The data is processed by the responsible department in order to review the reported incidents, to initiate and conduct investigations and to take remedial action where necessary. 


 As part of the reviews, investigations and remedial actions to be taken, it may be necessary to share information about a reported incident with employees of other departments, such as the legal department or management of Krause Automation, other Krause Automation companies, external advisors (e.g. legal advisors) or the relevant authorities. We may also be required to report a reported incident to the relevant authorities and to the individuals concerned.


How long will personal data be stored?
The personal data and information you provide will be retained for as long as knowledge of them is necessary to process the report and, if applicable, to initiate sanctions, or for as long as the data must be retained by law. If a report proves to be unfounded, the report and the personal data it contains will be deleted immediately.