Tell Us - Information about data protection and consent
With its whistleblower system "Tell Us", provided through this application and a telephone dialogue system, Siemens AG1 provides a means for reporting specific indications of compliance violations. Compliance violations are violations of legal requirements or internal Siemens regulations, particularly the Business Conduct Guidelines. Using Tell Us allows you to report specific indications of corruption, violations of financial reporting and accounting rules, theft, fraud, forging of documents, embezzlement,antitrust violations, unfair competition, securities trading violations, insider trading, disclosure of trade secrets or proprietary information, conflicts of interest and other criminal conduct or penalized with an administrative fine.
The information you report will be evaluated by Siemens AG and, if necessary, their subsidiaries (collectively "Siemens"). It may result in the initiation of internal and external investigations conducted by the authorities and have other negative consequences for those affected. You should therefore give us only information which you assume to be correct to the best of your knowledge. Giving knowingly false or misleading information will have consequences for you. The intentional dissemination of false information is liable to criminal prosecution in many countries. In general, please do not provide us with information if this is subject to prosecution in your country.
Technical protection of the whistleblower system:
Technical maintenance of the Tell Us whistleblower system is performed by Business Keeper GmbH, an independent operator located in 10789 Berlin, Bayreuther Str. 35 (subsequently "BK"). The data is provided on protected servers of Telekom Deutschland GmbH in Germany. Only Siemens is responsible for processing the content of the reports.
Personal data that is entered in the whistleblower system is stored in a database operated by BK. All data is encrypted, password-protected and stored at a secure location so that access to the content of the data electronically stored in Tell Us is limited to a narrow circle of authorized persons of Siemens AG. BK cannot view the content of the data electronically stored in this database.
As long as you do not enter data which makes it possible to draw conclusions about your identity, this whistleblower system protects your anonymity automatically using a certified technical solution which is protected through numerous technical and organizational measures.
Processing and sharing your report within Siemens:
Once your report has been received, the Compliance Department checks whether an in-depth investigation is required. An investigation can be conducted by internal or external investigation specialists. External specialists whom we engage are bound to Siemens by contractual or legal confidentiality obligations to keep confidential the information provided by you.
Depending on the content of your report, the Siemens personnel responsible for further processing of the issue reported will receive the information provided by you. These are primarily the responsible members of the Compliance Department. The information will also be given to the management responsible within Siemens, which also has to correct the shortcomings that may have been discovered during processing of the report. The Audit, Legal and HR Departments are frequently also involved in processing compliance reports. If your report involves a subsidiary, the responsible units in these companies will be notified.
If the content of your report does not fall under any of the compliance categories listed above, we will forward your report to the responsible Siemens department provided we deem this to be necessary and appropriate. For personnel matters, for instance, this may be the HR Department in charge. The general rule, however, is that Tell Us is only used to record reports related to the report categories listed above.
Siemens can also involve external specialists such as attorneys, auditors or forensic experts who will examine your report as commissioned by Siemens.
Please let us know if you do not want us to share your personal data, particularly your name, with persons outside the Siemens Compliance Department (unless this is necessary for safeguarding the legitimate interests of Siemens). Please note, however, that, as a consequence, we may not be able to give full consideration to your report.
Access of government agencies:
Siemens may also be required by law to provide certain government agencies, including, without limitation, government investigative agencies or courts with information about compliance violations. If we are obligated to provide information, as well as in the event of confiscations, we are not able to withhold the information provided by you.
In some instances, Siemens is not obligated to share personal data with government agencies, but has the legal right to do so voluntarily. Please let us know if you do not want us to voluntarily share your personal data, including, without limitation, your name, with government agencies (unless this is necessary to safeguard the legitimate interests of Siemens). Please note, however, that, as a consequence, we may not be able to give full consideration to your report.
Sharing information with other countries:
Personal information that you may have provided in your report, may be transferred to other EU countries or countries outside the EU where the confidential treatment of personal data is not guaranteed by law to the same extent as it is in Germany. This applies particularly to countries which are not considered to have an adequate level of data protection as provided for in the EU provisions. Within Siemens, however, an adequate level of data protection is guaranteed through binding internal data protection guidelines also in countries other than Germany.
Please let us know if you do not want us to transfer your personal data, including, without limitation, your name, to countries other than Germany (unless this is necessary to safeguard the legitimate interests of Siemens). Please note, however, that, as a consequence, we may not be able to give full consideration to your report.
Notification of affected parties:
It is frequently required by law that the persons about which a report on indications of a compliance violation has been received have to be notified and heard. In the course of the investigation, these persons will have the opportunity to present their view about the report.
Please let us know if you do not want us to give your name as the whistleblower. Please note that the person affected may have legal rights to information which may require us to disclose your name. Government agencies may also have similar rights to information or confiscation which will result in disclosure of your name. This may be the case in particular if the person affected claims that the information brought forward against him/her is knowingly or negligently untrue and decides to file charges.
Storing personal data:
The personal information you provided will be retained as long as necessary for investigating and resolving the compliance report including the remediation of any shortcomings discovered and the handling of any ensuing litigation. Your personal data will be retained even longer if this is required due to legal, regulatory or contractual obligations to retain records or if it is permitted by law. Your personal data will be deleted as soon as this is required by law.
The data protection laws in the jurisdiction in which you reside may entitle you to specific rights in relation to your personal data.
In particular, and subject to the legal requirements, you may be entitled to
- Obtain from us confirmation as to whether or not personal data concerning you are being processed, and where that is the case, access to the personal data;
- Obtain from us the correction of inaccurate personal data concerning you;
- Obtain from us the erasure of your personal data;
- Obtain from us restriction of processing regarding your personal data;
- Data portability concerning personal data, which you actively provided; and;
- Object, on grounds relating to your particular situation, to further processing of personal data concerning you.
Our Data Privacy Organization provides support with any data privacy related questions, comments, concerns or complaints or in case you wish to exercise any of your data privacy related rights. The Data Privacy Organization may be contacted at: firstname.lastname@example.org.
The Data Privacy Organization will always use reasonable efforts to address and settle any requests or complaints you bring to its attention. Besides contacting the Data Privacy Organization, you always have the right to approach the competent data protection authority with your request or complaint.
Consent and voluntary nature:
Im Laufe der Abgabe Ihres Hinweises werden Sie vom Hinweisgebersystem um Ihre Einwilligung in die oben beschriebene Erhebung, Verarbeitung und Nutzung Ihrer darin enthaltenen personenbezogenen Daten gebeten. Bitte beachten Sie, dass Sie nur dann zum Meldeformular gelangen, wenn Sie die Box zur Einwilligung in die Datenverarbeitung anklicken.
As you enter information into the whistleblowing system, the system will ask for your consent to the collection, processing and use of your personal data included in the information as described above. Please note that you can only proceed to the report form after you have clicked on the data processing consent box.
If you do not want Siemens to collect, process and use your personal data as described, you may submit your report anonymously. The disclosure of your personal data is voluntary, as is the use of the whistleblower system. We would, however, appreciate it, if you could give us your name. Many investigations can be conducted more quickly and efficiently if the name of the whistleblower is known, since the person handling the report can get in touch with the whistleblower directly.
By using this whistleblower system, you agree that your personal data, to the extent provided by you, will be collected, processed and used as described above.
Siemens AG, Compliance Legal