This policy is drafted by Artes Group plc, with registered office at 9150 Kruibeke, Burchtstraat 89 and with company number 0421.570.314 and for current and future companies belonging to the group (hereinafter referred to as "the Company").
The Company wants to act with integrity and ethics in its activities and therefore wants to ensure that its collaborators have the possibility, in accordance with the modalities and conditions set out below, to report in the most serene and confidential manner any actual or potential breaches of statutory and regulatory rules as referred to in section 2.2 of this policy at the Company.
Often, the collaborators of the Company are the first to know about actual or potential breaches occurring at the Company. They might possibly be discouraged from reporting their concerns or suspicions for fear of reactions or retaliation.
However, this potential fear could ultimately result in the Company being kept in the dark about potential breaches and unable to take the necessary steps to address those breaches. This could therefore undermine the interests of the Company, pursuing high standards of good governance and business ethics.
The purpose of this policy is to prevent this potential problem by strongly encouraging all employees and other persons who have a contractual relationship with the Company to report any breach or illegal, unethical or fraudulent activity related to the Company's business without fear of sanctions or other measures.
This policy is adopted in accordance with the Belgian Act of 28 November 2022 concerning the protection of reporting persons of breaches of Union or national law within a legal entity in the private sector, transposing the European Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons who report breaches of Union law, hereinafter referred to as "the Act".
This policy aims to:
This policy is available on the Company's website www.artesgroup.be and can be amended from time to time.
Of course, this policy in no way excludes direct dialogue and communication of information beyond this reporting procedure. The Company emphasizes that employees with concerns or suspicions may, at all times, contact their immediate superiors and the Human Resources Department. Other collaborators can also contact the Human Resources Department at any time.
This policy applies to the following persons:
Only breaches that relate to any of the following areas as defined in the Act can be reported:
In addition, breaches that may harm the financial interests of the Union can be reported as well as breaches relating to the internal market, including the Union rules on competition and state aid.
Breach means acts or omissions that are unlawful or defeat the object or the purpose of the rules in the above-mentioned areas. It refers to any breach of the statutory or regulatory provisions on the matters or the provisions taken in the execution of the aforementioned provisions.
Any breach relating to the areas referred to in section 2.2 as well as any information about such breaches, including reasonable suspicion, about actual or potential breaches which occurred or are very likely to occur within the Company, and about attempts to conceal such breaches at the Company, may be reported in writing or orally through any of the channels referred to in section 4.
The report must be made in good faith and must not be based on unsubstantiated rumours or hearsay nor must the report have the object/purpose of harming the Company.
The reporting person must have reasonable grounds to believe that the information about breaches reported was true at the time of reporting.
If the report contains false, unsubstantiated or opportunistic allegations, or is made with the sole purpose of disadvantaging or damaging others, the Company can take appropriate disciplinary and/or judicial actions against the reporting person, including imposing sanctions in accordance with the Company's work rules with regard to its employees.
Any person covered by this policy who has information about actual or potential breaches referred to in section 2.2 is encouraged to report it to the Company as soon as possible, as far as it is made in good faith and in accordance with the principles set out in section 3.2.
All collaborators or other persons covered by this policy can use the internal reporting channels provided by the Company.
1-
A report of a breach can be made by e-mail: klokkenluider@artesgroup.be .
The report should preferably be drafted in Dutch, French or English. Any report drafted in another language will have to be translated first. This can affect the accuracy of the content of the report.
These reporting channels are accessible at all times, 24 hours a day 7 days a week.
It is also possible to request a face-to-face meeting with the Reporting Officer as mentioned below in section 4.1.5 of this policy.
Each of the above mentioned channels is managed in a confidential and secure manner that ensures the confidentiality of the identity of the reporting person and any third parties mentioned in the report. Access to the channels is strictly limited to persons who have access to them based on responsibilities and/or capacities.
1-
A report shall include a brief description of the reasonable suspicions about an actual or potential breach of any of the areas listed in section 2.2 that has occurred or is very likely to occur as well as any attempts to conceal or disguise such breaches.
The report should be sufficiently detailed and documented and should include the following information (when the relevant information is known):
2-
The Company does not encourage reporting in an anonymous manner, as this prevents the Company from properly investigating and treating the report. However, if the reporting person would feel uncomfortable nonetheless, the reporting person can choose to remain anonymous. The Company will of course respect this choice of the reporting person and an anonymous report will be taken just as seriously as a non-anonymous report.
The report can be done anonymously by creating an e-mail address through an e-mail provider (Outlook, Gmail etc.), from which the identity cannot be deducted.
When receiving anonymous reports, the Company will face certain limitations in the follow-up of the report. For example, it may not be possible for the Company to proactively monitor possible retaliation.
1-Acknowledgment of receipt
The reporting person will receive an acknowledgement of receipt of the report within 7 days of that receipt.
2-Follow-up
Follow-up means any action taken by the recipient of a report to assess the accuracy of the allegations made in the report and, where relevant, to address the breach reported, including through actions such as an internal enquiry, investigation, prosecution, an action for recovery of funds or the closure of the procedure.
The Reporting Officer follows up on reports, maintains communication with the reporting person, requests additional information if necessary, provides feedback to the reporting person and receives possible new reports.
3-Investigation
The Reporting Officer may decide whether or not to investigate a report after consulting the management of the Company.
The report will be investigated diligently and carefully in accordance with this policy. All investigations will be conducted thoroughly with due regard to the principles of confidentiality, impartiality and fairness to all persons involved. The Reporting Officer will put together an investigation team, if necessary. The Reporting Officer and the eventual investigation team will be given investigative powers in accordance with existing policies at the Company, including the ICT policy.
Persons involved in actual or potential breaches reported by the reporting person will be excluded from the investigation team and shall not be allowed to participate in the assessment of the report or the determination of the actions to be taken regarding the report.
Conflicts of interest are reported to the board of directors if the management/executive board is targeted in the report. If the board of directors appears to be involved, the general meeting of the Company is notified.
4-Feedback
The Reporting Officer will provide appropriate feedback to the reporting person within a reasonable timeframe, not exceeding three months from the date of the acknowledgement of receipt of the report. This feedback shall include information for the reporting person on the planned and/or taken actions and the reasons for these. The Reporting Officer shall inform the reporting person through the chosen internal reporting channel.
5-Investigation report
After the investigation, the Reporting Officer or a member of the investigation team, if any, will prepare an overview report describing the investigation measures taken. Besides with the Reporting Officer and the eventual investigation team, a redacted, confidential and anonymised version of this overview report may be shared with the management of the Company, on a need-to-know basis only, in order to reach a final decision.
The Reporting Officer or a member of the investigation team, if any, prepares a final report describing the facts and the final decision:
The reporting person will be informed of the closure of the report and the decision taken via the chosen internal reporting channel.
As the Company's Reporting Officer is appointed:
General Director of the firm
The Reporting Officer shall perform his/her duties independently and without any conflict of interest. He/she is subject to a duty of confidentiality.
1-
The Company keeps records of all reports received, in compliance with the confidentiality requirements provided in section 5.1 of this policy.
Reports and related information shall be stored for at least as long as the contractual relationship between the reporting person and the Company exists.
2-
In the event of a face-to-face meeting with the Reporting Officer and/or a member of the investigation team, if any, the Company will ensure that, subject to the consent of the reporting person, a complete and accurate record of the meeting will be kept in a durable and retrievable form. The Company has the right to document the meeting in one of the following ways:
1-Reporting persons can use an external reporting channel after having first reported through the internal reporting channels or can go directly through the external reporting channels if they consider it more appropriate.
2-The Federal Coordinator is designated by the Belgian legislator with coordinating reports introduced via external channels.
He/she is responsible for receiving external reports, checking their admissibility and forwarding them to the competent authority for investigation, which will be different depending on the subject of the report.
In exceptional cases, the Federal Coordinator may also conduct the investigation in depth.
The Federal Coordinator's contact details are as follows:
Address: Leuvenseweg 48 bus 6, 1000 Brussels
Online reporting: https://www.federaalombudsman.be/en/disclosure-reporting-form
Email: integrity@federalombudsman.be
Telephone: 02 289 27 04
3-
A report can also be sent directly to the following authorities:
1° the Federal Public Service Economy, SMEs, Self-Employed and Energy;
2° the Federal Public Service Finances;
3° the Federal Public Service of Public Health, Food Chain Safety and Environment;
4° the Federal Public Service Mobility and Transport;
5° the Federal Public Service Employment, Labour and Social Dialogue;
6° the Programming Public Service Social Integration, Poverty Reduction, Social Economy and Metropolitan Policy
7° the Federal Agency for Nuclear Control;
8° the Federal Agency for Medicines and Health Products;
9° the Federal Agency for the Safety of the Food Chain;
10° the Belgian Competition Authority;
11° the Data Protection Authority;
12° the Financial Services and Markets Authority;
13° the National Bank of Belgium;
14° the Audit Oversight College;
15° the authorities reported in article 85 of the Law of 18 September 2017 on the prevention of money laundering and terrorist financing and on the restriction of the use of cash
16° the National Committee for the Security of Drinking Water Supply and Distribution;
17° the Belgian Institute for Postal Services and Telecommunications;
18° the National Institute for Health and Disability Insurance;
19° the National Institute for Social Insurance of the Self-Employed;
20° the National Employment Service;
21° the National Office for Social Security;
22° the Social Intelligence and Investigation Service;
23° the Autonomous Anti-Fraud Coordination Service (CAF);
24° the Maritime Inspectorate.
The Company is committed to making every effort to provide appropriate and adequate protection to the persons covered by this policy as far as the report is made in good faith and the report meets the conditions of the Act, in particular by taking the following measures:
The Company guarantees to take the necessary measures so that employees and other persons covered by this policy can file a report with the Company in all confidence.
The Company commits itself to foresee the necessary measures so that the identity of the reporting person is not disclosed to persons other than those authorised to receive or follow up on reports without his/her explicit consent.
This also applies to any other information from which the identity of the reporting person may be directly or indirectly deduced.
By way of derogation from the abovementioned, the identity of the reporting person may be disclosed where this is a necessary and proportionate obligation imposed by special legislation in the framework of an investigation by national authorities or in the context of judicial proceedings, in particular to safeguard the rights of defence of the person concerned.
In the latter case, the reporting person will be informed of the disclosure of his or her identity before it takes place, unless such information would jeopardise the running investigations or judicial proceedings. This is the case, for example, if the reporting person represents an important witness in court or in cases of unjustified or unlawful reporting to protect the person's defence rights.
Any act of retaliation against the persons referred to in section 2.1 who enjoy protection under this policy, including threats of retaliation and attempts of retaliation, is prohibited, particularly in the following acts:
In the framework of the internal reporting procedure, the Company is considered the data controller for the processing of personal data.
Any processing of personal data carried out pursuant to this policy will be carried out in accordance with the applicable personal data protection laws, including the European General Data Protection Regulation ("GDPR").
The following personal data may be processed in the context of a report: name, function, date of employment (or start date of the collaboration on a self-employed basis), contact information and e-mail address of the reporting person and of persons, involved in the breach, any identified or identifiable information provided by the reporting person and collected in the context of the internal investigation. This processing of data is done in the context of complying with a legal obligation and/or the legitimate interest of the Company, to the extent that the internal reporting channel exceeds legal objectives, in particular the detection of breaches, ensuring the security and ethical conduct of the Company.
Personal data which are manifestly not relevant for the handling of a report shall not be collected or, if accidently collected, shall be deleted without undue delay. Relevant data will be kept until the breach reported is expired and in any case for a period of five years after the report.
The identity of the reporting person can only be disclosed with the consent of the reporting person. Other information also remains strictly confidential and can only be shared on a strict need-to-know basis.
This data will not be transmitted outside the European Economic Area and/or will not be accessible from countries outside the European Economic Area.
All individuals whose personal data are processed in the context of reports of breaches have, within the applicable legal conditions, the right to access and copy, right to rectification, right to data erasure, right to object and the right to lodge a complaint with the supervisory authority in accordance with applicable law. However, these rights may be limited by the rights and freedoms of others, in particular the reporting person’s right to confidentiality and the Company's right to follow-up on the report properly.
For more information on the processing of personal data, we refer to the Privacy Notices for Employees, Job Applicants, Independent Service Providers and Temporary Workers and the Privacy Policy of the Company who are transferred at the start of the contractual relations and are also available on the Company's intranet.
This policy is effective from 17 december 2023 for an indefinite period.
The Company reserves the right to amend this policy at any time, including but not limited to changes in relevant legislation and/or operational needs.