WHISTLEBLOWING MANAGEMENT POLICY

WHISTLEBLOWING MANAGEMENT POLICY

(In accordance with Law 4990/2022 titled: “Protection of persons reporting breaches of Union law – Transposition of Directive (EU) 2019/1937 of the European Parliament and Council of 23 October 2019 (L 305) and other urgent regulations” and the Protected Disclosures Act 2014 as amended by the Protected Disclosures (Amendment) Act 2022)

Konnektable Technologies Ltd

Last Modification Date: 30/10/2024

  1. Purpose and Policy Statement

Konnektable Technologies Ltd (“the Company”) is committed to conducting all business activities in compliance with the highest standards of integrity, ethics, and accountability. In alignment with whistleblowing legislation in Ireland and Greece, as well as the EU Directive on Whistleblower Protection (Directive 2019/1937), this Policy establishes a secure, confidential, and structured process for reporting illegal or inappropriate behaviors. The Company ensures that anyone may report concerns without fear of retaliation or discrimination.

Scope of Policy
This Policy applies to:

  • All Company employees (and job applicants)
  • Contractors, consultants, interns, and volunteers associated with the Company
  • Members of the Board of Directors and Company Partners
  • Clients, suppliers, and any third parties the Company engages with in its business operations,

who wish to report a Reportable Behavior.

  1. Legal Framework and Compliance
    This Policy complies with:
  • Directive (EU) 2019/1937 on the protection of persons reporting breaches of Union law, which sets minimum protection standards across the EU.

Irish Protected Disclosures Act 2014 as amended by the Protected Disclosures (Amendment) Act 2022 and the Protected Disclosures Act 2014 as amended by the Protected Disclosures (Amendment) Act 2022), governing protections and procedures for whistleblowers in Ireland.

  • Greek Law 4990/2022, aligning Greek whistleblower protection standards with the EU Directive, safeguarding whistleblowers from retaliation.

Together, these laws reinforce the Company’s commitment to protecting whistleblowers, encouraging good faith reporting, and ensuring transparency and accountability in all business practices.

  1. Definitions
  • Whistleblower: Any person this Policy applies to. Specifically, a whistleblower may indicatively include any individual associated with the Company, including employees, contractors, or third parties, who discloses information regarding potential violations or misconduct within the Company.
  • Reportable Behavior: Any act or omission that violates legal, ethical, or policy standards, which may include but is not limited to:

Violations of EU and national law in the following areas;

        1. Public Procurement;
        2. Financial services, products and markets, and prevention of money laundering and terrorist financing;
        3. Product safety and compliance;
        4. Trasport safety;
        5. Protection of the environment;
        6. Radiation protection and nuclear safety;
        7. Food and feed safety, animal health and welfare;
        8. Public health;
        9. Consumer protection;
        10. Protection of privacy and personal data, and security of network and information systems;
        11.  Breach regarding internal EU market;
        12. Breach regarding financial interests of the EU;
        13. Illegal or improper behaviors regarding corruption and influence-related offences;

Designated Person: The person responsible for managing reported behaviors. Specifically, the Designated Person’s duties include:

  • Receipt of complaints: Ensures that all complaints are received securely, without any leaks or breaches of the Whistleblower’s confidentiality.
  • Evaluation and preliminary review: Assesses the validity and severity of complaints, determining if further investigation is required.
  • Investigation: Coordinates or conducts necessary investigations, collaborating with other competent authorities or internal departments where needed.
  • Whistleblower protection: Ensures that whistleblowers are protected from retaliation as required by law and this Policy.
  • Reporting and recommendations: Prepares reports on investigation outcomes and recommends corrective actions or policy improvements.
  • Record-keeping and compliance: Maintains records of Reported Behaviors and investigation outcomes, ensuring compliance with relevant legislation and internal Policy procedures.
  1. Reporting Channels

4.1 Internal Reporting

Whistleblowers are encouraged to report Reportable Behaviors in good faith through one of the following Reporting Channels:

  • Email: [email protected]
  • Mail to the physical address: Dervenion 30, Metamorfosi Attikis, Postal Code 14451, Attn: Papaioannou Georgia (Designated Person)

 

4.2 External Reporting

Whistleblowers may also refer to competent external authorities if:

  • Internal channels fail to address their concerns satisfactorily, or
  • The Whistleblower reasonably believes external reporting is necessary due to the severity of the issue.

Ireland: Reports can be submitted to the Data Protection Commission (DPC) (https://www.opdc.ie/en/).

Greece: Reports can be submitted to the National Transparency Authority (https://aead.gr/submit-complaint).

Anonymous Reporting: While anonymous reports are accepted, providing contact details is encouraged to facilitate follow-up on the cases.

  1. Confidentiality and Protection Against Retaliation

5.1 Ensuring Confidentiality

The Company will take all necessary steps to ensure the confidentiality of the Whistleblower’s identity and any disclosed information. Confidentiality extends to:

  • The identity of the Whistleblower
  • Details of the report
  • The process of any ensuing investigation up to the point it is disclosed (at the discretion of the Designated Person) to the reported party
  • The results of any subsequent investigation

Exceptions to confidentiality may arise if legally required to disclose information to enforcement or regulatory authorities.

5.2 Protection Against Retaliation

The Company strictly prohibits any form of retaliation against Whistleblowers acting in good faith. Retaliation includes but is not limited to:

  • Employment-related actions: such as dismissal, demotion, suspension, or any adverse impact on terms of employment.
  • Discrimination or harassment: including intimidation or pressure.
  • Other retaliation: against third-party Whistleblowers (e.g., suppliers, customers).

Retaliatory behavior will be subject to disciplinary actions, including termination or legal action, in accordance with employment, civil, and criminal law in Ireland and Greece.

  1. Investigation Process

6.1 Initial Assessment

Upon receiving a report, the Designated Person will conduct a preliminary assessment to determine the credibility, relevance, and severity of the Reportable Behavior.

6.2 Formal Investigation

If the report is deemed credible, a formal investigation will commence, ensuring:

  • Independence and Objectivity: The Designates Person will act impartially, maintaining confidentiality and compliance with applicable laws.
  • Documentation: All findings will be documented and securely retained in accordance with GDPR and the Company’s data protection protocols.
  • Due Process: Individuals involved in the report will have the opportunity to respond to the allegations.

6.3 Outcome and Corrective Action

Based on the findings, appropriate corrective or disciplinary actions will be taken under the supervision of the Designated Person. The Whistleblower will be informed within seven (7) days of report receipt and within three (3) months of this receipt about the investigation outcome.

  1. Rights and Obligations of Whistleblowers
  • Right to Information: Whistleblowers will be informed about the process to the extent allowed by confidentiality and law.
  • Good Faith Obligation: Whistleblowers are expected to report concerns with a sincere belief. False reports or abuse of the whistleblowing channel negate the protections provided by law and this Policy.
  • Appeal: If a Whistleblower faces retaliation, they have the right to report it to the relevant authorities (e.g., DPC in Ireland, National Transparency Authority in Greece) for further legal action.
  1. Record-Keeping and Data Protection
  • Data Management: All reports, investigation records, and personal data are securely stored in compliance with GDPR and applicable national data protection laws. Data retention is minimized and strictly monitored to prevent unauthorized access or data breaches. The Company’s Privacy Policy applies.
  • Retention Period: Reports will be retained for the minimum required period, generally aligned with regulatory retention requirements, after which they will be securely deleted.
  1. Policy Review and Amendments

This Policy will be reviewed annually or as needed due to significant regulatory changes in Ireland, Greece, or the EU. Any amendments will be uploaded on the Company’s Policies.

Konnektable Technologies Ltd is dedicated to maintaining the highest standards of ethical conduct. This Whistleblowing Management Polict reflects our commitment to transparency, accountability, and the protection of whistleblowers, in compliance with Irish and Greek legislation, as well as the EU Directive on the Protection of persons reporting breaches of Union law.