Information on data protection
We take data protection and confidentiality very seriously and adhere to the current national data protection regulations. Please read this data protection information carefully before submitting a report.
Purpose of the whistleblowing system
The whistleblowing system (BKMS® System) serves the purpose of receiving and processing reports on certain criminal acts and legal violations, e.g. in the areas of white-collar crime and corruption, via a secure and confidential channel. More detailed information can be found in the BKMS® System itself.
The party responsible for data protection of the whistleblowing system is
Phoenix Contact GmbH & Co. KG
32825 Blomberg (Germany)
Tel. +49 5235 3-00
Fax +49 5235 3-41200
The whistleblowing system is operated by a specialised company, Business Keeper GmbH, Bayreuther Str. 35, 10789 Berlin in Germany, on behalf of Phoenix Contact GmbH & Co. KG (hereafter referred to as “Phoenix Contact”).
Personal data and information entered into the whistleblowing system are stored in a database operated by Business Keeper GmbH in a high-security data centre. Business Keeper GmbH does not have access to the data. This is ensured in the certified procedure through extensive technical and organisational measures. All data are stored encrypted with multiple levels of password protection so that access is restricted to a very small selection of persons expressly authorised by Phoenix Contact.
Communication between your computer and the whistleblowing system takes place over an encrypted connection (SSL). Your IP address will not be stored during your use of the whistleblowing system.
Type of personal data collected
Use of the whistleblowing system takes place on a voluntary basis. If you submit a report via the whistleblowing system, we collect the following personal data and information:
- your name, if you choose to reveal your identity or are obliged to do so (e.g. whistleblowers in Portugal),
- whether you are employed at Phoenix Contact, and
- the names and other personal data of persons whom you name in your report, if applicable.
Confidential handling of reports
Incoming reports are received in the BKMS® System by a very small selection of expressly authorised and specially trained lawyers from an internationally active, external law firm. These authorised lawyers evaluate the matter and carry out any further investigation that may be required by the specific case. If any further communication is needed between the lawyers, who have a professional obligation to secrecy, and you, the whistleblower, this will take place fully confidentially and – if you so wish – anonymously via the BKMS® System.
Upon consultation with you, the transmitted information will be forwarded to the Phoenix Contact corporate compliance management by the law firm under full protection of your anonymity, if you so wish, and examined thoroughly in order to determine further action. If the initial suspicion intensifies, further measures will be initiated. While processing a report or conducting a special investigation, it may be necessary to share reports with additional employees of Phoenix Contact or employees of other group companies of Phoenix Contact, e.g. if the reports refer to incidents in subsidiaries of Phoenix Contact. The latter may be based in countries outside the European Union or the European Economic Area with different regulations about the protection of personal data.
We always ensure that the applicable data protection regulations are complied with when sharing reports. All persons who receive access to the data are obligated to maintain confidentiality.
Use of the whistleblowing portal
You can set up a postbox within the whistleblowing system that is secured with an individually chosen pseudonym/ user name and password. This allows you to send reports to the competent lawyer either by name or in an anonymous, safe way. This system only stores data inside the whistleblowing system, which makes it particularly secure. It is not a form of regular e-mail communication.
In order to maintain the connection between your computer and the BKMS® System, a cookie is stored on your computer that contains only the session ID (a so-called session cookie). This cookie is only valid until the end of your session and expires when you close your browser.
No webtracking tools are used.
Note on sending attachments
When submitting a report or an addition, you can simultaneously send attachments to the responsible lawyer. If you wish to submit an anonymous report, please take note of the following security advice: Files can contain hidden personal data that could endanger your anonymity. Remove this data before sending. If you are unable to remove this data or are uncertain about how to do so, copy the text of your attachment into your report text.
Retention period of personal data
Personal data is retained for as long as necessary to clarify the situation and perform a concluding evaluation. After the report processing is concluded, the data are deleted in accordance with the statutory requirements, normally after a period of 3 months.
Right to information/ modification and deletion of personal data
Information on the processing of personal data
Version: June 2018