Marinetek Whistleblowing Channel

To promote an open, transparent, and safe organizational culture, we have implemented a reporting channel for suspicions of misconduct. The introduction of the whistleblowing channel is based on the Whistleblower Protection Act and the European Union Whistleblower Protection Directive. The whistleblowing channel provides a confidential platform to bring suspicions of potential misconduct or violations of principles to the attention of an internal investigation. Reports can be made anonymously.

Ideally, concerns or suspicions should first be addressed with your immediate supervisor or management. If discussing the matter internally is not a viable option or is ineffective, you can always use this channel to make a report.

The whistleblowing channel is designed to ensure the anonymity of the reporter if they choose to make a report anonymously. All reports are treated confidentially, protecting the privacy of both the reporter and the subject. The processing of personal data adheres to the obligations outlined in the Data Protection Act (1050/2018).

Reports can be made based on suspicion alone and without concrete evidence, as long as they are made honestly and in good faith.

Reports received through the whistleblowing channel are handled by the Group CEO, Group CFO and Group Controller, who initiate necessary investigations. The process is confidential, and this confidentiality is maintained even if the reporter reveals their identity. If a report involves one of the processors, that individual will not participate in the handling and investigation of the case.

After receiving your report, we will acknowledge its receipt within 7 days. If necessary, we may request additional information from you during the investigation. This communication will also take place through the channel, maintaining confidentiality and anonymity. We will inform you of the investigation’s outcome through the channel within 3 months of submitting the report. At the end of the reporting process, you will receive a personal code that allows you to track the progress of your report. If you have submitted a report and lose the case-specific code, please make a new report referencing the original one. This ensures that the investigation can continue in collaboration with you.

To make a report, you can access it here: www.firstwhistle.fi/marinetek

Additional information on reporting can be found on our service provider’s website at https://www.juuriharja.fi/whistleblowing-ilmoittajalle-faq

If our internal channel is not functional, you can make a report on misconducts covered by the Whistleblower Protection Act to the centralized external reporting channel of the Finnish Parliamentary Ombudsman.

Please note that irregularities in the organization’s operations should be reported primarily through our internal reporting channel to receive whistleblower protection. The external reporting channel can be accessed at https://turvaviesti.gov.fi/ilmoituskanava-rapporteringskanal

 

Protection of personal data

Processing Basis of the Personal Data

The processing basis for personal data is legal interest (Whistleblower Protection Act, Finland) and Article 6.1. c of the EU’s Data Protection Regulation, i.e. being compliant with legal obligations.

The purpose of processing personal data is related to the handling of reports in the Whistleblowing system, communication with reporters, information, and communication. The purpose of the Whistleblowing system is to provide an opportunity for anonymous reporting of misconduct. The reporter can decide what personal information to provide in their report. Through this channel, we enable legal reporting of misconduct.

Through the system, an individual can report illegal activities such as financial irregularities, conflicts of interest, bribery, misconduct, and other unlawful actions. Information is used for monitoring and investigating misconduct. Additionally, information may be used for the development, analysis, and statistics of monitoring, as well as internal reporting.

Processed Personal Data

The reporter can choose whether to provide their own personal information, such as name and email address, or remain anonymous when making a report. We may process the following personal information about the reporter:

  • Name
  • Email address
  • Phone number
  • Organization and position
  • Other information provided in the report
  • Information about the report, such as the submission date and processing details

We may process the following personal information about the reported individual:

  • Information provided in the report, including details of the misconduct, including time
  • This information may include, for example, name, organization, and position
  • Information about the report, such as the submission date and processing details
  • Matters related to the investigation of misconduct, including relevant documents such as tender documents and contract documents or relevant financial documents

The processing of personal data depends on the content of the personal data reported through the reporting channel.

Recipients of Personal Data

Personal data is not disclosed to third parties. Administrative users of the service provider have access to personal data, which is actually used only when necessary in exceptional situations. Internally, the number of individuals processing the submitted reports is limited. If a crime is involved, information related to the matter, including personal data, may be disclosed to authorities.