• Αρχική
  • Whistleblowing and Complaint Management Policy

Whistleblowing and Complaint Management Policy

Preamble

Geniki Taxydromiki is committed to maintaining the highest standards of ethical and professional conduct, adopting a zero-tolerance approach to illegal actions that are detrimental to the public interest and which may additionally negatively affect its reputation and credibility. For this reason, it ensures that its employees, Board of Directors, and executive management comply with the requirements of the law, regulations, policies, and procedures established by the European Union, the Hellenic Parliament, delegated legislative authorities, national authorities in general, and the Company itself, and that their actions are characterized by honesty, integrity, and high ethical values.

This Whistleblowing Policy aims to promote accountability, transparency, and problem resolution through the reporting of criminal offenses, civil violations, and unethical conduct within the Company.

The purpose of this Policy is to ensure a comprehensive framework for the protection of persons reporting breaches of Union law and to implement Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons who report breaches of Union law (L 305). The objective of the relevant law is to establish an internal reporting system for violations and to protect persons reporting such violations, regulate the process for the submission, receipt, and follow-up of reports, and define the sanctions imposed in cases of violation of its provisions.

The specific objectives of this Policy are:

  • To provide a secure and confidential mechanism through which employees, customers, and business partners can report misconduct.
  • To ensure that reports (both internal and external) are taken seriously and that appropriate action is taken in cases of misconduct.
  • To protect reporting persons from retaliation or adverse treatment as a result of making a report.

This Policy establishes the principles and framework through which the Company receives, assesses, and investigates reports concerning irregularities, omissions, or offenses brought to the attention of employees, customers, suppliers, or any other interested party.

 

I. Reporting Receipt and Follow-up Officer (R.R.F.O.)

The Company appoints one of its executives as the Reporting Receipt and Follow-up Officer (R.R.F.O.) and duly notifies the competent authorities, employees, business partners, and third parties of such appointment. The following persons may not be appointed as R.R.F.O.; a) employees against whom criminal proceedings are pending for any felony, or for the offenses of theft, embezzlement, fraud, extortion, forgery, forgery of certificates, breach of trust by an attorney, breach of trust, bribery, unlawful certification or collection of public revenues, breach of duty, defamation, slanderous defamation, false certification, obtaining false certification, false accusation, unlawful removal of documents, any offense related to public service, offenses against sexual freedom, dignity, or the economic exploitation of sexual life, as well as violations of legislation concerning narcotic drugs, smuggling, and gambling; or b) employees who have been convicted of any felony or any of the offenses referred to in case (a).

 

II. Matters Covered by Reports Examined by the R.R.F.O.

The reports examined by the R.R.F.O. concern:

a) Violations of European Union law in the fields of:

  • public procurement;
  • financial services, products and markets, as well as the prevention of money laundering and terrorist financing;
  • product safety and compliance;
  • transport safety;
  • environmental protection;
  • radiation protection and nuclear safety;
  • food and feed safety, animal health and animal welfare;
  • public health;
  • consumer protection;
  • protection of privacy and personal data, as well as the security of network and information systems.

b) Violations affecting the financial interests of the European Union referred to in Article 325 of the Treaty on the Functioning of the European Union (TFEU) and as further specified in the relevant EU measures.

c) Violations relating to the internal market, as referred to in Article 26(2) of the TFEU, including breaches of EU competition and State aid rules, as well as violations concerning the internal market in relation to acts that infringe corporate tax rules or arrangements aimed at securing a tax advantage that defeats the object or purpose of the applicable corporate tax legislation.

 

III. Method of Submitting a Complaint / Report

A complaint/report may be submitted either verbally or through an electronic platform accessible to persons with disabilities, which operates on the Company’s website. A verbal report may be submitted by telephone or through other voice messaging systems, as well as through a personal meeting with the Reporting Receipt and Follow-up Officer (R.R.F.O.) within a reasonable period of time, upon the request of the reporting person. All employees and any business partners of the Company, regardless of the form of their cooperation with the Company, are hereby informed that they may submit a report/complaint verbally by calling telephone number 2104851250, mobile number 6948054680, or via email at kataggeliavh@taxydromiki.gr.

 

IV. Handling of Complaints / Reports

The R.R.F.O. shall have the following responsibilities:

  • providing appropriate information regarding the possibility of submitting reports within the Company and communicating any updated relevant information in a visible location within the Company;
  • receiving reports concerning violations;
  • acknowledging receipt of the report to the reporting person within seven (7) working days from the date of receipt;
  • taking the necessary actions to ensure that the report is handled by the competent bodies of the Company and/or the competent authorities, as applicable, or closing the procedure by archiving the report if it is manifestly incomprehensible, submitted abusively, does not contain facts constituting a violation of Union law, or where there are no serious indications of such a violation, and communicating the relevant decision to the reporting person. If the reporting person considers that the matter has not been effectively addressed, they may resubmit the report to the National Transparency Authority (N.T.A.), which, as an external reporting channel, exercises the powers provided under Article 12 of Law 4990/2022;
  • ensuring the protection of the confidentiality of the identity of the reporting person and of any third party named in the report, by preventing access to such information by unauthorized persons;
  • monitoring reports and maintaining communication with the reporting person and, where necessary, requesting additional information from them;
  • providing feedback to the reporting person regarding the actions taken within a reasonable period, not exceeding three (3) months from the acknowledgment of receipt or, if no acknowledgment has been sent, within three (3) months from the expiry of the seven (7) working days following the submission of the report;
  • providing clear and easily accessible information regarding the procedures under which reports may be submitted to the N.T.A. and, where appropriate, to public authorities, institutions, bodies, offices, or agencies of the European Union;
  • designing and coordinating training initiatives relating to ethics and integrity and participating in the development of internal policies aimed at strengthening integrity and transparency within the Company.

Where the appointed R.R.F.O. performs additional duties, it shall be ensured that the exercise of such duties does not affect their independence and does not give rise to any conflict of interest in relation to their responsibilities as R.R.F.O.

For the purposes of this Procedure, the Company and the Reporting Receipt and Follow-up Officer (R.R.F.O.) act as data controllers pursuant to Article 15(3) of Law 4990/2022 and shall therefore implement appropriate technical and organisational measures to ensure that, during the submission and follow-up of reports, only personal data that are necessary and proportionate for the purposes of this Procedure are collected. Personal data that are manifestly irrelevant to the handling of a specific report or excessive in relation thereto shall not be collected or, if inadvertently collected, shall be deleted without undue delay. By way of derogation from Article 5(1)(a), Articles 12 and 13, Article 14(1)–(4), and Article 34 of the General Data Protection Regulation (GDPR), the Company shall not provide information regarding the processing of personal data to the reported person or to any third party identified in the report as a data subject, including information concerning the source of the data pursuant to Article 14(2)(f) GDPR, in accordance with Article 14(5) GDPR and in conjunction with Article 23 GDPR, for as long as necessary and where deemed essential for the purposes of preventing and addressing attempts to obstruct reporting, hinder, frustrate, or delay follow-up actions, particularly investigations, or attempts to identify reporting persons.

The data controller may restrict the exercise of the rights provided under Articles 15 to 22 GDPR when such rights are exercised by reported persons or third parties identified in a report or whose personal data arise from follow-up measures as provided above. In cases where the rights of data subjects are restricted, the data controller shall take all necessary technical and organisational measures to safeguard the rights and freedoms of the persons concerned. Where the data controller refuses to satisfy a data subject’s request without disclosing the reasons for such restriction, the data subject shall have the right to lodge a complaint with the Hellenic Data Protection Authority (HDPA), which may investigate whether the conditions for the restriction are met and inform the data subject accordingly, provided that such information would not prejudice the purposes of the restriction.

In the event of a personal data breach, the data controller shall not communicate the breach to the data subject pursuant to Article 34(1) GDPR where such communication may be detrimental to the objectives of this Procedure. In such cases, the data controller shall notify the HDPA, which may, after examining the grounds invoked, require the communication of the breach if it determines that the conditions for omitting such communication are not satisfied. The R.R.F.O. shall maintain records of every report received, in accordance with the applicable confidentiality requirements. Reports shall be retained for a reasonable and necessary period to ensure their retrievability and compliance with the requirements of this Procedure and applicable Union or national law, and in any event until the completion of any investigation or judicial proceedings initiated as a consequence of the report against the reported person, the reporting person, or any third party.

Where reports are submitted through a telephone line or other voice messaging system, conversations may be recorded, provided that the reporting person has lawfully consented thereto. The competent bodies may document oral reports either by recording the conversation in a durable and retrievable form or by preparing a complete and accurate transcript of the conversation. The reporting person shall be given the opportunity to review, correct, and approve the transcript by signing it.

Where a report is submitted through a telephone line or other voice messaging system without recording the conversation, the R.R.F.O. may document the oral report through accurate minutes of the conversation. The reporting person shall be given the opportunity to review, correct, and approve the minutes by signing them.

Where a person requests a meeting with the R.R.F.O. for the purpose of submitting a report, and subject to the reporting person’s consent, complete and accurate records of the meeting shall be maintained in a durable and retrievable form, either by recording the conversation or by preparing accurate minutes of the meeting. The reporting person shall be given the opportunity to review, correct, and approve the minutes by signing them. In the event that the reporting person refuses to sign the transcript or minutes referred to above, the R.R.F.O. shall make a relevant note to that effect in the record.

 

V. Protection Against Retaliation

Any form of retaliation against the persons referred to in Article 6 is prohibited, including threats and attempts of retaliation. In particular, the following forms of retaliation are prohibited:

  • suspension, dismissal, or equivalent measures;
  • demotion or withholding of promotion;
  • reassignment of duties, change of workplace, reduction of salary, or modification of working hours;
  • withholding of training opportunities;
  • negative performance assessment or negative employment reference;
  • reprimand, disciplinary action, or any other penalty, including financial penalties;
  • coercion, intimidation, harassment, or ostracism;
  • discrimination or unfair treatment;
  • failure to convert a temporary employment contract into a permanent one where the employee had legitimate expectations that such conversion would occur;
  • non-renewal or early termination of a temporary employment contract;
  • intentional harm, including damage to reputation, particularly through social media, or financial loss, including loss of business opportunities and income;
  • blacklisting on the basis of a formal or informal sectoral or industry-wide agreement, resulting in the person being unable to secure employment in the sector or industry in the future;
  • early termination or cancellation of a contract for goods or services;
  • revocation or cancellation of a licence or permit;
  • referral for psychiatric or medical assessment;
  • refusal or denial of reasonable accommodations for persons with disabilities.

The Company receives, investigates, and handles all reports and complaints with professionalism and impartiality. The Company maintains a zero-tolerance approach to incidents of violence and harassment and operates a reporting system founded on trust, impartiality, confidentiality, and protection for both the reporting person and the Reporting Receipt and Follow-up Officer (R.R.F.O.).

This Policy forms an integral part of the Company’s corporate governance framework.

This Policy has been communicated to all employees of Geniki Taxydromiki and is available to all interested parties.
Any matter not expressly regulated by this Policy shall be governed by the provisions of Law 4990/2022, as well as by any regulations, decisions, and implementing measures issued or to be issued pursuant thereto.