BKMS System
BOSCH Group, Compliance
Файлы cookie отключены в вашем браузере.
Включите файлы cookie, чтобы пользоваться системой BKMS® System.
Чтобы ознакомиться с дополнительной информацией о файлах cookie, нажмите здесь.
 

Вопрос соблюдения требований комплаенс касается каждого сотрудника, поскольку нарушения прямо или косвенно затрагивают всех: с одной стороны, нарушение закона может привести к уголовному преследованию в зависимости от серьезности случая; с другой стороны, нарушение принципов комплаенс наносит как материальный ущерб, так и ущерб репутации группы компаний Bosch. В результате снижается эффективность компании и ее доход.

Соблюдение требований комплаенс также относится к отношениям Bosch со сторонними организациями: компания Bosch не должна быть вовлечена в нарушения требований комплаенс сторонними организациями.

Наряду с руководителями, каждый сотрудник и деловой партнер компании Bosch должен сообщать обо всех возможных нарушениях требований комплаенс, помогая таким образом ограничивать последствия таких нарушений и предотвращать возможность подобных случаев ненадлежащего поведения в будущем.

Для уведомлений по проблемам защиты данных

  • уведомление по происшедшим с защитой данных
  • передача запроса по субъекту персональных данных

воспользуйтесь следующей ссылкой.

Для отправки первого сообщения нажмите здесь:
Если у Вас уже есть свой почтовый ящик, то Вы можете войти в систему:
Информация о передаче сообщения по телефону:
  • Каким образом будет происходить обработка моего сообщения? Что такое защищенный почтовый ящик и как его создать?

    Если Вы желаете отправить сообщение от своего имени или анонимно, нажмите кнопку «Отправить сообщение» вверху слева на нашей вводной странице.

    Процесс отправки сообщения состоит из 4 шагов:

    1. Прежде всего Вам будет предложено прочитать информацию о защите Вашей анонимности и ответить на запрос подтверждения.
    2. На следующей странице Вас спросят о категории Вашего сообщения.
    3. На странице сообщения изложите информацию своими словами и выберите ответы на предложенные вопросы по ситуации, о которой Вы сообщаете. Вы можете использовать до 4 096 символов в поле для свободного ввода текста, что соответствует целой странице формата A4. В качестве подтверждения Вы также можете приложить к сообщению файлы общим размером до 2 МБ. Помните о том, что в электронных документах может содержаться информация об их авторе. После передачи сообщения Вы получаете номер сообщения (контрольный номер) как подтверждение того, что это сообщение Вами передано.
    4. И наконец, Вам будет предложено создать свой​ собственный защищенный почтовый ящик. На этот почтовый ящик Вы будете получать от нас обратную связь, включая ответы на вопросы и информацию о ходе рассмотрения Вашего сообщения.

    Если у Вас уже имеется защищенный почтовый ящик, Вы можете открыть его, нажав кнопку «Войти». Здесь Вам тоже нужно будет прежде всего ответить на запрос подтверждения.

    Пока Вы не введете или не приложите какие-либо данные, позволяющие установить Вашу личность, система BKMS® будет защищать Вашу анонимность посредством сертифицированного технического решения.

  • Каким образом я могу получить ответ и в то же время сохранить анонимность?

    Важнейшим принципом используемой системы BKMS® является защита информатора. Действующая в системе функция защиты анонимности сертифицирована независимым органом.

    При создании защищенного почтового ящика Вы сами выбираете себе имя пользователя и пароль. Ваше сообщение остается анонимным благодаря шифрованию и другим специальным процедурам обеспечения безопасности. В ходе процесса отправки сообщения Ваши персональные данные ни на каком из этапов запрашиваться не будут. Не отправляйте никакой информации, с помощью котрой можно раскрыть Вашу личность.

    Через защищенный почтовый ящик сотрудник, производящий расследование, направит вам ответное сообщение по поводу того, что происходит с предоставленной Вами информацией, или может задать дополнительные вопросы, если нужно будет уточнить определенные подробности – во время этого диалога ваша анонимность также сохранится. Мы заинтересованы только в сообщениях, позволяющих предотвратить ущерб, а не в раскрытии личности информатора.

  • Положение о защите данных

    Bosch respects your privacy

    The protection of your privacy throughout the course of processing personally identifiable information, like the security of all business data, is a very important concern for us that we take into consideration in all of our business processes. We process personal data, when you report a violation of the compliance requirement ("compliance report"), confidentially and only in accordance with statutory regulations.

    Controller

    The controller as defined by the European General Data Protection Regulation ("GDPR") for the BKMS® System used for your compliance report (available at https://www.bkms-system.net/bkwebanon/report/clientInfo?cin=18RB2) is Robert Bosch GmbH, Post Office Box 10 60 50, 70049 Stuttgart as the parent company (hereinafter referred to as "Robert Bosch GmbH", "Bosch", "we" or "us").

    Our contact details are:

      • Robert Bosch GmbH
      • Department Corporate Compliance Management (C/CM)
      • Post Office Box 10 60 50
      • 70049 Stuttgart
      • GERMANY
      • Email: Compliance.Management@de.bosch.com

    Processing of personal data

    The term personal data means all information related to an identified or identifiable natural person, thus – for example – names, addresses, telephone numbers, e-mail addresses, contractual master data, contract accounting and payment data, insofar as this is an expression of a natural person's identity.

    We process personal data only when there is either a statutory legal basis to do so or you have given your consent to the processing of personal data.

    Processed categories of data

    The use of the BKMS® System for a compliance report is voluntary. When you use the system, we will ask you to provide data related to the following data categories:

    • Communication data (e.g. name, telephone, email, address)
    • Employee data of Bosch employees and
    • Where applicable, names of persons and other personal data relating to the persons you name in your notification

    If you answer all the questions asked in the context of the compliance report completely, this will help us to process your report. If you provide incomplete data, we might not be able to process your report or might be able to process it only with delay.

    Purposes of processing and legal bases

    The aim of the BKMS® System is to provide a communication channel for your compliance report and to ensure that your report is handled by Robert Bosch GmbH in accordance with the processes of the Compliance Management System as implementation of the requirements of company law and of the German Regulatory Offences Act (OWiG).

    Your personal data is processed for the following purposes, in particular:

    • Compliance report: Indications and tracking of reports concerning a potential violation of the compliance requirement. You can report such violations to the responsible Bosch department using your name or anonymously and securely via the BKMS® System.

      Legal basis: Legitimate interest of Robert Bosch GmbH to prosecute criminal offences, to enforce civil claims, for the further progress or the termination of an employment relationship or rather to detect criminal offences related to the employment relationship and to avoid violations of requirements of OWiG (Article 6 (1) f) GDPR , Section 24 (1) German Data Protection Act (BDSG); Article 88 GDPR, Section 26 (1) BDSG and Sections 30, 130 (OWiG).

    • Compliance management: Central administration and allocation of group-wide compliance issues.

      Legal basis: Legitimate interest of Robert Bosch GmbH in obtaining a central overview of compliance reports as part of the governance function (Article 6 (1) f) GDPR) and for exercising and defending our rights.

    Storage of log files/use of cookies

    In order to maintain the connection between your computer and the BKMS® System, a cookie is stored on your computer that contains only the session ID (a session cookie). This cookie is valid only until the end of your session and will be invalid when you close your browser.

    It is possible to set up a postbox for further communication within the BKMS® System that is secured with an individually chosen pseudonym/user name and password after making the compliance report.

    Transfer of data to Bosch employees, to potentially suspected persons and to other controllers

    When processing a compliance report, it is necessary to share the report in whole or in part with the Robert Bosch GmbH employees responsible for working on it or employees of those subsidiaries that are affected by the report. Your information is made available only to those employees who need to have it in order to handle your report.

    If you provide your identity in the compliance report, we are due to GDPR obliged to inform potentially suspected persons about your identity as source of the personal data received (Article 14 (3) a) GDPR). If there is a serious risk that providing this information would jeopardize our ability to conduct an effective investigation of the allegation or to collect necessary evidence, the needed information of the suspected person can be postponed as long as that risk exists (Article 14 (5) b) GDPR).

    Your personal data shall only be transferred to other controllers to the extent this is necessary to satisfy further legal obligations.

    In addition, data can be transferred to other controllers (e.g. authorities) if we should be required to do so due to statutory regulations or enforceable orders issued by authorities or courts.

    Service provider (general)

    Robert Bosch GmbH has commissioned the company Business Keeper AG, Bayreuther Str. 35, 10789 Berlin (the "Service Provider") to operate the system for compliance reports on behalf of Robert Bosch GmbH; the data entered into this system are stored in a database operated by Business Keeper AG in a high-security data center located in the European Union.

    Robert Bosch GmbH has selected the Service Provider with care and monitors it on a regular basis, particularly its careful handling and securing of the data it stores. Only selected Bosch employees have access to the data (see above "Transfer of data to Bosch employees and to other controllers"). The Service Provider has no access to the data. This is ensured by a certified procedure utilizing extensive technical and organizational measures.

    Robert Bosch GmbH has imposed an obligation on the Service Provider to keep the data confidential and to comply with the statutory regulations.

    Transfer to recipients outside the EU and/or the EEA

    We can transfer personal data also to Bosch legal entities or authorities located outside the European Union or the European Economic Area in third countries. In such cases, we make sure prior to the transfer either that the data recipient provides an appropriate level of data protection (e.g. due to a adequacy decision by the European Commission for the respective country or due to an agreement on EU standard data protection clauses with the recipient) or that you have consented to the transfer.

    You can obtain a list of the recipients in third countries and a copy of the specifically agreed provisions securing the appropriate level of data protection from us. To request a list, please use the statements made in the Contact section.

    Duration of storage; retention periods

    In principle, we store your data for as long as necessary in order to investigate the compliance incident that is subject of your report.

    After completing all work relating to the compliance report, we delete your personal data, except for the data that must be stored and processed further so that we can exercise and defend our rights.

    When we delete personal data that we store and process further so that we can exercise and defend our rights depends on the end of the maximum limitation period for regulatory offences and criminal offences or rather for enforcement of civil claims (Sections 31 (2), 33 (3) OWiG, Sections 78 (3), 78c (3) StGB, Sections 195 et seq. German Civil Code (BGB)).

    Security

    Our employees and our service providers have an obligation to keep our dealings confidential and to comply with the applicable data protection regulations.

    Any incoming reports are received by a small selection of explicitly authorized and especially trained Bosch employees and are always handled confidentially. The Bosch employees examine the facts and perform any further investigation required by the specific case.

    All of these persons who are given access to the data are required to maintain confidentiality.

    We implement all necessary technical and organizational measures to warrant an appropriate level of security and to protect your data that are administrated by us especially against the risks of unintended or unlawful destruction, manipulation, loss, change or unauthorized disclosure or unauthorized access. Our security measures are regularly improved in accordance with technological developments. The communication between your computer and the BKMS® System for the report of a violation of the compliance requirement takes place via an encrypted connection (TLS).

    Right to information and access

    You have the right to obtain information from us about whether or not your data is being processed and, if this is the case, to access your personal information that we process.

    Right of rectification and erasure/deletion

    You can demand that we rectify inaccurate data and complete or erase your data if the statutory requirements are met. This does not apply to any data required for payroll and accounting purposes or subject to a statutory retention duty. If access to such data is not required, however, the processing of such data is restricted (see below).

    Restriction of processing

    You can demand that we restrict the processing of your data if the statutory requirements are met.

    Objection to data processing

    In addition, you have the right to object to the data processing by us at any time, on grounds relating on your particular situation, as long as this processing is carried out on the legal basis of "legitimate interest". We will then terminate the processing of your data unless we are able – in accordance with the statutory requirements – to demonstrate compelling legitimate grounds for further processing which override your rights or for the establishment, exercise or defense of legal claims (Article 21 GDPR).

    Right to lodge complaint with supervisory authority

    You have the right to lodge a complaint with a data protection authority. In this context, you may approach the data protection authority competent for your place of residence or your German state or the data protection authority competent for us. The latter is:

      • Der Landesbeauftragte für Datenschutz und Informationsfreiheit

      • Street address:
      • Königstrasse 10a
      • 70173 Stuttgart

      • Postal address:
      • Post Office Box 10 29 32
      • 70025 Stuttgart
      • GERMANY

    Changes to the Data Protection Notice

    We reserve the right to change our security and data protection measures. In such cases, we will also adjust our information on data protection notice accordingly. Therefore, please take note of the latest version of our data protection notice, as this is subject to changes.

    Contact

    You can contact us at the address provided in the "Controller" section.

    To assert your rights and to report data protection incidents, use the following link: https://www.bkms-system.net/bosch-datenschutz

    If you have any suggestions or complaints regarding the processing of your personal data, we recommend that you contact our data protection officer:

      • Data Protection Officer
      • Department Information Security and Privacy (C/ISP)
      • Post Office Box 30 02 20
      • 70442 Stuttgart
      • GERMANY
      • Email: DPO@bosch.com


    Effective date: 25 May 2018