Privacy

Privacy

iWhistle is our whistleblowing system. Employees, customers, business partners or other whistleblowers can use iWhistle to report suspected violations of laws and internal rules to the internal reporting office. iWhistle is part of our compliance management system.

Who is responsible for data processing?
The person responsible for processing your personal data is (hereinafter also organisation):
SLV GmbH, Compliance Office, Daimlerstr. 21-23, DE-52531 Übach-Palenberg.

Which data is processed?
The use of iWhistle is on a voluntary basis. In the case of hints, the following personal data is processed
a) Whistleblower: name (if you disclose your identity), contact details (if you provide them).
b) Persons affected by incidents: First name and surname, information about incidents and suspicions of violations of laws and regulations
c) Witnesses and/or third parties named in the notice (e.g. customers, suppliers, colleagues or business partners): first and last name, contact details.

What do we process your data for and on what legal basis?
The above-mentioned data is processed for the purpose of uncovering and preventing serious wrongdoing and avoiding and defending against particularly drastic or existence-threatening legal consequences and damages both for our organisation (criminal prosecution, claims for damages, damage to our image, supervisory measures) and for our employees.
The legal basis for the processing is a legal obligation pursuant to Art. 6 para 1 lit b GDPR to comply with the requirements under the EU Whistleblower Directive of 23.10.2019 (EU 2019/1937) as well as the national implementing laws in this regard.

Who receives my data?

In the course of audits, investigations and remedial actions to be taken, it may be necessary to transfer information about a reported incident to external advisors (e.g. legal advisors) or to the competent authorities. iWhistle is operated by the specialised software service provider iComply GmbH, Große Langgasse 1a, DE-55116 Mainz, on our behalf.

What data protection rights do you have?
You have the right, upon request and free of charge, to receive information about the personal data stored about you, its origin and recipient and the purpose of the data processing. If we process your data on the basis of our legitimate interest, you have the right to object to the processing if there are legitimate grounds arising from your particular situation (right of objection). In addition, you have the right to correct incorrect personal data, the right to delete personal data, the right to restrict the processing of personal data, the right to data portability. You can contact us at any time about this and other questions on the subject of personal data. Finally, you have the option of lodging a complaint at the supervisory authority if you believe that the processing of your data violates data protection law or your data protection rights have otherwise been violated in any way.

How long will personal data be stored?
Personal data is stored for as long as clarification and final assessment requires or as required by law. Afterwards, this data will be deleted in accordance with the legal requirements. If a hint proves to be unfounded, the hint together with the personal data it contains will be deleted immediately. The hints and reports are regularly deleted after 6 months. For documentation purposes a final assessment is also stored.