Whistleblowing

Reporting of Violations – General Information

Pursuant to the Act of 14 June 2024 on the Protection of Whistleblowers, implementing Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons who report breaches of Union law, and establishing provisions for the protection of persons reporting breaches of national law, IBSA Poland encourages the reporting of any violations of which individuals have become aware in a work-related context and which may concern:

  • the IBSA Group Code of Ethics and internal regulations of IBSA Poland and the IBSA Group;
  • the Anti-Corruption Guidelines and Policy compliant with ISO 37001:2016;
  • or other breaches of legal provisions indicated in the Whistleblowing Policy that could jeopardize the business operations or reputation of IBSA Poland or cause harm to third parties.

Requirements for Reports

Each report should include the following elements:

  • personal data of the reporting person, where the report is not submitted anonymously;
  • a clear and comprehensive description of the events subject to the report;
  • the time and place where the incident occurred (if known);
  • personal data or other identifying elements (such as qualifications and position) enabling identification of the person(s) responsible for the reported events (if known);
  • identification of any other persons who may provide information about the reported events;
  • indication of any documents that may confirm the occurrence of the reported events;
  • any other information that may provide useful feedback regarding the occurrence of the reported events.

Disclaimers

  • Reports that are unfounded or based on unverifiable rumors will not be considered;
  • Reports concerning individual employment-related matters, such as employment disputes or interpersonal conflicts between colleagues, will not be accepted.

Internal reporting channels

Reports may be submitted through one of the following channels:

  • By post: IBSA Poland sp. z o.o. – Al. Jana Pawła II 29, 00-867 Warsaw, marked “Confidential”, for the attention of the HR Department;
  • Website: https://ibsapl.whistlelink.com/ – possibility to submit written and oral reports;
  • Email: info.pl@ibsagroup.com – possibility to submit written reports;
  • Oral reporting: At the whistleblower’s request, it is possible to arrange a direct meeting with an HR Department employee. Meetings may be scheduled via the above channels.

Each report will be assessed in terms of its validity and the possibility of further processing.

Full confidentiality of the whistleblower’s identity is guaranteed, and any form of retaliation is strictly prohibited.

In the case of anonymous reports, the whistleblower may be requested to disclose their identity—always with full confidentiality and in accordance with the protections provided under Directive (EU) 2019/1937 on whistleblowing and the Act of 14 June 2024 on the Protection of Whistleblowers.

External reporting channels

A report may be submitted to the Commissioner for Human Rights (Ombudsman) or a public authority, in particular if at least one of the following conditions is met:

  • a report submitted through an internal channel has not been properly addressed;
  • there are reasonable grounds to believe that an internal report would not be effectively addressed or could result in retaliation;
  • the breach may constitute a direct or manifest threat to the public interest.

Public Disclosure

Disclosure of information through mass media (press, internet, etc.), enabling access to a wide audience, may take place only if one of the following conditions is met and duly substantiated:

  • the whistleblower previously made an internal and external report, or only an external report, but did not receive a response within the prescribed time limits;
  • there are reasonable grounds to believe that the breach constitutes a direct or manifest threat to the public interest;
  • there are reasonable grounds to believe that an external report could lead to retaliation, or that there is a low likelihood of effectively remedying the breach due to specific circumstances of the case, such as the risk of concealment or destruction of evidence, collusion between a public authority and the perpetrator, or involvement of a public authority in the breach.