Kutzschbach Electronic GmbH & Co. KG
Due to EU Directive 2019/1937, Kutzschbach (hereinafter referred to as “Company”, “We”, “Us”, “Our”) is obliged to provide its employees, contractors, consultants and business partners with secure reporting channels and procedures for reporting irregularities to provide. In order to ensure that our company complies with the Directive and all the requirements set out therein, we have entered into a contract with DISS-CO GmbH, Winterhuder Weg 29, 22085 Hamburg (hereinafter referred to as “DISS-CO”), which is a company operated and operated by DISS-CO has developed an Internet-usable web-based platform “SMART INTEGRITY PLATFORM” which (together with the DISS-CO website, web services, development tools and other services, including training and support services) provides services under a whistleblowing system (hereinafter referred to as all). above and all DISS-CO services collectively referred to as “SIP”).
Using the SIP, a violation of the Code of Conduct can be reported, investigated and documented in accordance with the Whistleblower Policy.
This privacy policy explains how and why personal data is processed in the SIP, how we protect it and how long we keep it when you use this whistleblowing tool.
Kutzschbach determines the purposes and means of processing your personal data within the scope of the SIP. We have defined the respective responsibilities between us and DISS-CO in relation to this whistleblower tool in a separate agreement. Consequently, we act as a data controller, while DISS-CO acts as a processor. You may contact us at any time for further information regarding the nature of this Agreement.
In connection with the SIP, personal data will be used for the purpose of initially reporting and investigating reports of alleged violations of our Company's Code of Conduct and violations under the Whistleblower Policy and then reviewing those reports and reporting the relevant outcome to management and, if applicable, the processed by the responsible authorities.
Our company points out that there are common information channels within the company that enable employees to report any grievances, in particular to their superior or to the human resources department.
The SIP whistleblower system was introduced as part of the establishment of the internal reporting office to give people the opportunity to make reports if the usual reporting channels/other reporting channels cannot be used or are considered unsuitable in the situation in question.
In addition, the use of the SIP and the whistleblowing process is generally optional and failure to do so will have no consequences for employees or external persons working for/with/on behalf of the company.
However, a person who abuses this process (e.g. reporting maliciously, to harass, in bad faith, or with the intent to gain personally) may face disciplinary and legal action.
On the contrary, a person who uses this procedure in good faith will not face disciplinary action, even if the facts reported later prove to be inaccurate or do not result in any follow-up action. All necessary and appropriate measures will be taken to protect the whistleblower when the report is made in good faith and in compliance with this procedure, in particular to protect the whistleblower from retaliation, criticism or disciplinary action.
In connection with the use of the SIP, we will process your personal data primarily on the basis of one of the following legal bases:
Because it is necessary to comply with a legal obligation as whistleblowing systems are required in the country in which our company is based.
For the purposes of Our legitimate interests, in particular to monitor compliance with Our vision and values. In this regard, We will always decide on a case-by-case basis whether our interests are not overridden by the interests, fundamental rights and freedoms of the persons concerned.
Where we are required by law to obtain your free, informed, specific and unambiguous consent to process your personal data for certain purposes, we will only process your data for those purposes to the extent we have obtained such consent from you. Any unnecessary personal data we receive will be filtered and not processed further.
We will only process personal data that is strictly necessary for the purposes described above.
We may receive this data in connection with the use of the SIP. In particular, we may receive this information because you provide it to us (e.g. by submitting a report as a whistleblower), because others provide it to us (e.g. because you appear in a report as the person against an allegation has been made) or because they are generated through the use of the Platform (e.g. because you are acting as a witness or third party in the investigation of a report).
We may collect the following categories of personal information:
For the purposes set out above, we may collect and process the following personal data as part of the whistleblowing process: • Identity, professional status and contact details of the whistleblower;
If you register to use the SIP as a whistleblower system, you will be asked to provide us with the following personal data (only data marked with an (*) is mandatory):
We treat personal data confidentiallyWe do not provide access to your personal information to anyone other than you:
We also reserve the right to disclose your personal information if required to do so by law or if we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, request from a regulatory authority or to comply with any other legal process served on us.
All your personal data falls under the data protection principles of the GDPR.
We respect the retention periods
We only retain personal information for as long as necessary to fulfill the purposes for which we collected it. Therefore, we will apply different retention periods depending on the information contained in the report and the way the case is handled:
Your data is safe and protected with us!
We apply strict technical and organizational measures to ensure a level of security appropriate to the risks associated with the processing and the nature of the personal data obtained. We have taken the following security measures to effectively protect your personal data from access by unauthorized persons and from unlawful processing, accidental loss, destruction and damage, both online and offline.
You will receive a list of our technical and organizational measures to protect your data upon request.
We would also like to refer to the technical organizational measures of the DISS-CO and the Smart Integrity platform.
Although we take reasonable security measures, our liability is limited to circumstances beyond our control.
In certain circumstances you have the following rights in relation to your personal data under data protection laws:
Request access to your personal data (commonly known as a “personal data access request”). This allows you to request a copy of the personal data we hold about you, receive confirmation that we are processing your personal data and check that we are lawfully processing it. We assess the person's right to information and restrictions; We carry out a case-by-case assessment of each case, taking into account the status of the applicant and the current state of the investigation, the extent and sensitivity of the information held (and the associated risks of disclosure), and the information provided, and we document it Reasons underlying a decision to restrict a person's right to information.
to correct the personal data we hold about you via the communications section of the Smart Integrity platform. Please note that all submitted information is logged for security reasons and cannot be manipulated.
to request the deletion of the personal data we hold about you or to restrict the way in which we use that personal data if you believe that we no longer have a lawful reason to do so process;
withdraw consent to our processing of your personal data (where such processing is based on consent);
Request to restrict the processing of your personal data. This allows you to ask us to suspend the processing of your personal data in the following cases: (a) if you want us to check the accuracy of the data; (b) where our use of the data is unlawful but you do not want us to delete it; (c) where we need to retain the data even if we no longer need it because you need it to establish, exercise or defend legal claims; or (d) where you have objected to our use of your data but we need to verify whether we have compelling legitimate grounds for using it.
request the transfer of your personal data to you or to a third party. We will provide you, or a third party you choose, with your personal data in a structured, commonly used and machine-readable format. Please note that this right only applies to automated information that you originally agreed to use or where we used the information to perform a contract with you.
Automated individual decisions (including profiling). You have the right not to be subject to a decision based solely on automated processing (including profiling) that produces legal consequences or similarly significantly affects you. As a rule, we do not process your personal data solely on the basis of automated decision-making.
You can withdraw your consent at any time where we are relying on consent to process your personal data. However, this does not affect the lawfulness of the processing that took place before you withdraw your consent. If you withdraw your consent, we may no longer be able to fulfill the purposes for which we collected the information. We will inform you if this is the case if you withdraw your consent (e.g. if you have used the SIP as a whistleblower and the investigation has not yet been completed).
If you would like to exercise any of the above rights, please contact {insert name e.g. B. DSB} at {email address}.
We hope that this privacy policy explains the most important points to answer your questions and give you a good feeling about using the SIP. However, we are happy to provide you with further assistance if you require it. Please contact us at datenschutz@kutzschbach.de or 09081/2530-450.
Version of 07.11.2023/XNUMX
So that we can help you most easily via remote maintenance, please download it here Teamviewer program Download and contact our support.
Our support team will then support you directly in setting up the tool.