Marinetek Whistleblowing Channel

To promote an open, transparent, and safe organizational culture, we have implemented a reporting channel for suspicions of misconduct. The introduction of the whistleblowing channel is based on the Whistleblower Protection Act and the European Union Whistleblower Protection Directive. The whistleblowing channel provides a confidential platform to bring suspicions of potential misconduct or violations of principles to the attention of an internal investigation. Reports can be made anonymously.

Ideally, concerns or suspicions should first be addressed with your immediate supervisor or management. If discussing the matter internally is not a viable option or is ineffective, you can always use this channel to make a report.

The whistleblowing channel is designed to ensure the anonymity of the reporter if they choose to make a report anonymously. All reports are treated confidentially, protecting the privacy of both the reporter and the subject. The processing of personal data adheres to the obligations outlined in the Data Protection Act (1050/2018).

Reports can be made based on suspicion alone and without concrete evidence, as long as they are made honestly and in good faith.

Reports received through the whistleblowing channel are handled by the Group CEO, Group CFO and Group Controller, who initiate necessary investigations. The process is confidential, and this confidentiality is maintained even if the reporter reveals their identity. If a report involves one of the processors, that individual will not participate in the handling and investigation of the case.

After receiving your report, we will acknowledge its receipt within 7 days. If necessary, we may request additional information from you during the investigation. This communication will also take place through the channel, maintaining confidentiality and anonymity. We will inform you of the investigation’s outcome through the channel within 3 months of submitting the report. At the end of the reporting process, you will receive a personal code that allows you to track the progress of your report. If you have submitted a report and lose the case-specific code, please make a new report referencing the original one. This ensures that the investigation can continue in collaboration with you.

To make a report, you can access it here: www.firstwhistle.fi/marinetek

Additional information on reporting can be found on our service provider’s website at https://www.juuriharja.fi/whistleblowing-ilmoittajalle-faq

If our internal channel is not functional, you can make a report on misconducts covered by the Whistleblower Protection Act to the centralized external reporting channel of the Finnish Parliamentary Ombudsman.

Please note that irregularities in the organization’s operations should be reported primarily through our internal reporting channel to receive whistleblower protection. The external reporting channel can be accessed at https://turvaviesti.gov.fi/ilmoituskanava-rapporteringskanal

Protection of personal data

Processing Basis of the Personal Data

The processing basis for personal data is legal interest (Whistleblower Protection Act, Finland) and Article 6.1. c of the EU’s Data Protection Regulation, i.e. being compliant with legal obligations.

The purpose of processing personal data is related to the handling of reports in the Whistleblowing system, communication with reporters, information, and communication. The purpose of the Whistleblowing system is to provide an opportunity for anonymous reporting of misconduct. The reporter can decide what personal information to provide in their report. Through this channel, we enable legal reporting of misconduct.

Through the system, an individual can report illegal activities such as financial irregularities, conflicts of interest, bribery, misconduct, and other unlawful actions. Information is used for monitoring and investigating misconduct. Additionally, information may be used for the development, analysis, and statistics of monitoring, as well as internal reporting.

Processed Personal Data

The reporter can choose whether to provide their own personal information, such as name and email address, or remain anonymous when making a report. We may process the following personal information about the reporter:

Name
Email address
Phone number
Organization and position
Other information provided in the report
Information about the report, such as the submission date and processing details

We may process the following personal information about the reported individual:

Information provided in the report, including details of the misconduct, including time
This information may include, for example, name, organization, and position
Information about the report, such as the submission date and processing details
Matters related to the investigation of misconduct, including relevant documents such as tender documents and contract documents or relevant financial documents

The processing of personal data depends on the content of the personal data reported through the reporting channel.

Recipients of Personal Data

Personal data is not disclosed to third parties. Administrative users of the service provider have access to personal data, which is actually used only when necessary in exceptional situations. Internally, the number of individuals processing the submitted reports is limited. If a crime is involved, information related to the matter, including personal data, may be disclosed to authorities.

Cookie	Duration	Description
__hssrc	session	This cookie is set by Hubspot whenever it changes the session cookie. The __hssrc cookie set to 1 indicates that the user has restarted the browser, and if the cookie does not exist, it is assumed to be a new session.
_GRECAPTCHA	6 months	Google Recaptcha service sets this cookie to identify bots to protect the website against malicious spam attacks.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category .
cookielawinfo-checkbox-functional	1 year	The cookie is set by the GDPR Cookie Consent plugin to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Necessary" category .
cookielawinfo-checkbox-others	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Others".
cookielawinfo-checkbox-performance	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	1 year	The cookie is set by the GDPR Cookie Consent plugin to store whether or not the user has consented to the use of cookies. It does not store any personal data.
wordpress_test_cookie	session	This cookie is used to check if the cookies are enabled on the users' browser.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
__hssc	30 minutes	HubSpot sets this cookie to keep track of sessions and to determine if HubSpot should increment the session number and timestamps in the __hstc cookie.
pll_language	1 year	The pll _language cookie is used by Polylang to remember the language selected by the user when returning to the website, and also to get the language information when not available in another way.

Cookie	Duration	Description
__hstc	5 months 27 days	This is the main cookie set by Hubspot, for tracking visitors. It contains the domain, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_UA-*	1 minute	Google Analytics sets this cookie for user behaviour tracking.
_gat_UA-37465006-8	1 minute	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
hubspotutk	5 months 27 days	HubSpot sets this cookie to keep track of the visitors to the website. This cookie is passed to HubSpot on form submission and used when deduplicating contacts.

Marinetek Whistleblowing Channel

Protection of personal data

Processing Basis of the Personal Data

Processed Personal Data

Recipients of Personal Data

Marinetek Headquarters

Newsletter