Data protection information
We take the subject of data protection and confidentiality extremely seriously, and follow the applicable national and European data protection regulations. Please read this data protection information through carefully before submitting a report.
Information on the Incident Reporting System
The Incident Reporting System is operated in Germany by the Business Keeper AG in the name of Schaeffler AG (hereinafter referred to as: "company").
Personal data and information which is entered in the Incident Reporting System is saved in a database operated by Business Keeper AG, Bayreuther Str. 35, 10789 Berlin. Only Schaeffler AG is able to view this data. Neither Business Keeper AG or any other third parties have access to this data.
All data is encrypted, password-protected and saved in a protected location so that access is restricted to a very small circle of explicitly authorized Schaeffler AG personnel.
Usage of the Incident Reporting System takes place on a voluntary basis. Please note that we can only accept and process reports if you confirm that you have read and understood these data protection regulations, and have agreed to processing of all personal data which you may have entered in accordance with the above data protection information.
If you submit a report via the Incident Reporting System, we ask you to provide the following personal data and information:
- your name, if you wish to disclose your identity,
- whether you are employed at Schaeffler and
- if necessary the name of persons or other personal data of persons who you are named in your report.
Incoming reports will be accepted by specially trained employees in Schaeffler AG's Compliance Department, and always treated confidentially. The employees in the Compliance Department will check the contents and then, if necessary, carry out a case-based investigation into the facts of the matter.
It may be necessary during the course of processing a report or in the course of a special investigation to pass on information to other Schaeffler AG employees or to other employees in Schaeffler group companies, for example if the information refers to procedures in Schaeffler AG subsidiary companies. The latter may be located in countries outside the European Union or European Economic Area, and these countries may have differing regulations about the protection of personal data. We continuously ensure that the relevant data protection regulations are observed when passing on information.
All persons who receive access to the data are obliged to maintain confidentiality.
Principles of data protection
Specified purpose
The company may only use personal data for the purposes for which they were originally collected or for which the person concerned has subsequently given his or her approval. Furthermore, the company must ensure by appropriate measures that personal data are used exclusively for the specified purpose and are correct, complete and up-to-date.
Information of the accused person
Upon request, the company must provide the persons concerned with information about the personal data that is stored about them. In addition, such persons must be given the opportunity to correct, change or delete data that are incorrect. Your identity, i.e. the identity of the whistleblower, will not be disclosed. Furthermore, these rights can only be utilized if this does not endanger measures to clarify the situation.
Information, correction, deletion and blocking
You, and the person named in your information, have the right to information, correction, deletion and blocking of your personal data and can cancel saving of your data at any time without stating a reason. In this case, an immediate check will be carried out to establish to what extent the saved data is still necessary for processing the report. Any data which is no longer required will be deleted immediately.
Storage
The company saves information for as long as this is necessary for further processing or where the company has a justifiable interest or where it is necessary for statutory reasons. After this, information will be deleted or made anonymous, i.e. any references to your identity as an information provider and to the person you named in your report will be finally and irreversibly removed.
Agreement
I have read and understood the data protection information. I agree to the collection, processing and utilization of my personal data and information in accordance with the data protection information.