1 - Purpose and scope of the Whistleblowing platform

Any employee within the SOCOTEC Group or any third-party may report a proven or potential violation of laws and regulations or the Group's Code of Ethics. This report must be relevant, appropriate and directly connected with a violation in the aforementioned areas. Any report that does not fall within the scope of the aforementioned areas will not be taken into account.

2 - Optional nature of the whistleblowing platform

The use of the Whistleblowing platform is not mandatory. The employee may contact their line manager, the Legal Department or their Compliance Officer directly. No employee will be punished for having not used the Whistleblowing platform.  

3 - Data processed as part of the Whistleblowing Platform

 A report submitted via the internet portal may contain the personal data of the whistleblower or the subjects of the report. This data processing is carried out by SOCOTEC as data controller in order to fulfil its legal obligation under the European Data Protection Directive of 23 October 2019.

Data processed as part of the Whistleblowing Platform may contain:

• the contact details of the whistleblower;
• the contact details of subjects of the report;
• the reported violation;
• the information gathered in the course of the investigation;
• information on monitoring the report;
• any decision taken in relation to the report.  

The recipients of the alerts are the members of the Ethics Committee. The recipients of the alert will order an investigation to be made based on the evidence presented and additional information may be requested from the whistleblower. Such investigation may involve any employee or external service provider who can assist in the inquiry. These individuals must sign a confidentiality agreement. The recipients of the alert may also call upon local Compliance Officers to help carry out necessary investigations at a local level.

Once the investigations of the alert are completed and the whistleblower is informed of the results of the enquiry, the alert is closed in the platform and the information are kept if necessary in case of litigation. If not required, the alert is anonymized.

The data are stored in France.

4 - Confidentiality requirements and GDPR rights

Any information and data processed as part of the Whistleblowing Platform shall remain confidential.

The whistleblower has the right to access, rectify, erase, object to, limit the processing of its personal data.

To exercise the GDPR rights or for any questions relating to the use of data, the whistleblower can send an e-mail to the Data Protection Officer at the following address: dataprotection@socotec.com

If the whistleblower feel that its rights have not been respected, the whistleblower can submit a complaint to the competent authority. 

Each report has its own discussion system that allows messages to be sent and received. These exchanges take in account the choice of the notifiting party, if he/she has decided to remain anonymous. 

Only designated referents will receive the information contained in the form that you are going to complete and send us. You must complete all the mandatory fields on this form in order to submit your report (fields marked with an *). You will be able to track your report and communicate with the referent(s) with the confidential code that is generated by the platform when you submit your report. Each report will be subject to rigorous analysis and a detailed internal audit. The average processing time of an alert is 3 months from the date of receipt.