Whistleblowing

Pursuant to Legislative Decree 24/2023, Siser S.r.l. has implemented its platform to report behavior, acts or omissions that harm the public interest or the integrity of the public administration or private body, guaranteeing the confidentiality and protections provided for the whistleblower.

What you can report

Violations of national or EU regulatory provisions that harm the public interest or the integrity of the public administration or private entity of which it has become aware in the work context and which consist of:

• administrative, accounting, civil or criminal offences;
• significant unlawful conduct pursuant to Legislative Decree 231/2001, or violations of the organization and management models provided for therein;

• offences falling within the scope of European Union or national acts relating to the following areas: public procurement; financial services, products and markets and prevention of money laundering and terrorist financing; product safety and compliance; transport safety; environmental protection; radiation protection and nuclear safety; food and feed safety and animal health and welfare; public health; consumer protection; protection of privacy and protection of personal data and security of network and information systems;
• acts or omissions affecting the financial interests of the Union;
• acts or omissions concerning the internal market;
• acts or behaviour which defeat the object or purpose of the provisions contained in Union acts.

Reporting channels

• Internal channel provided by Siser S.r.l.;
• external (ANAC);
• public disclosure (through the press, electronic means or means of dissemination capable of reaching a large number of people) only under the conditions set out in Article 15 of Legislative Decree 24/2023;
• complaint to the judicial or accounting authority.

Whistleblowers are required to use the internal channel, developed according to the highest security standards available to guarantee the protection of the whistleblower’s rights, except in the cases expressly provided for by art. 6 in which the whistleblower may apply directly to ANAC

Anonymous reports are allowed by the decree, but their use is not recommended as they hinder both the dialogue with the whistleblower and the correct conduct of the procedure.

Content of the report

The whistleblower is required to provide all the useful elements to allow the competent offices to carry out the necessary and appropriate checks to verify the validity of the facts being reported. To this end, the alert should preferably contain the following elements:

• personal details of the person making the report with indication of the position or function carried out within the company, or other link with it;
• a clear and complete description of the facts reported;
• if known, the circumstances of time and place in which they were committed;
• if known, personal details or other elements (such as the capacity and the service in which he carries out the activity) that allow the identification of the person who carried out the fact or facts covered by the report;
• an indication of any other persons who may report on the facts being reported;
• an indication of any documents which may confirm the validity of those facts;
• any other information that can provide useful feedback on the existence of the facts reported.

How to manage reports by Siser S.r.l. 

• We give notice to the reporting person of receipt of the report within 7 days from the date of its receipt;
• We maintain the interlocutions with the reporting person and request from the latter, if necessary, additions and / or clarifications useful to better manage the report;
• We diligently follow up on the reports received, carrying out the related investigation;
• We shall notify the reporting person of the final outcome within three months of acknowledging receipt of the report.

Subjects whose confidentiality is protected

• The identity of the whistleblower may not be disclosed to persons other than those competent to receive or follow up on reports;
• The protection concerns not only the name of the whistleblower, but also all the elements of the report from which the identification of the whistleblower can be derived, even indirectly;
• The alert shall be removed from access to administrative documents and the right of generalised civic access;
• The protection of confidentiality is extended to the identity of the persons involved (reported) and of the persons mentioned in the report as well as to facilitators, persons from the same work context and work colleagues of the whistleblower, in compliance with the same guarantees provided in favor of the reporting person.

Protection is guaranteed if:

• At the time of reporting or reporting to the judicial or accounting authority or public disclosure, the reporting person or complainant had reasonable grounds to believe that the information on breaches reported, publicly disclosed or reported was true and fell within the objective scope of the report (Article 1 paragraph 1 of Legislative Decree 24/23);
• The report or public disclosure was made on the basis of the provisions of Chapter II of Legislative Decree 24/23, or with the channels and conditions identified therein.

Without prejudice to the specific limitations of liability provided for in Article 20 of Legislative Decree 24/23, when it is ascertained, even with a judgment of first instance, the criminal liability of the reporting person for the crimes of defamation or slander or in any case for the same crimes committed with the complaint to the judicial or accounting authority or his civil liability, For the same reason, in cases of willful misconduct or gross negligence, confidentiality protections are not guaranteed and a disciplinary sanction is imposed on the reporting person or complainant.

Protection of personal data

The processing of personal data relating to the receipt and management of reports is carried out by Siser S.r.l., as data controller, in compliance with European and national principles on the protection of personal data, providing appropriate information to reporting persons and persons involved in reports, as well as adopting appropriate measures to protect the rights and freedoms of the interested parties.

In addition, the rights of access, rectification and cancellation referred to in Articles 15 to 22 of Regulation (EU) 2016/679 are guaranteed, except for the limitations indicated in Article 2-undecies of Legislative Decree 30 June 2003, n. 196.

Internal and external reports and related documentation are kept for the time necessary to process the report itself and, in any case, no later than 5 years from the date of communication of the final outcome of the reporting procedure, in compliance with the confidentiality obligations set out in European and national legislation on the protection of personal data.

Read the information here