Internal channel policy
INTERNAL POLICY OF THE COMPLAINT CHANNEL
I. INTRODUCTION, PURPOSE AND APPLICATION
This policy applies to ASTHOR AGRÍCOLA, SA with CIF A33057936 and registered office at C/MG La Pondala, nº 41, PI Somonte, 33393, Gijón (Asturias); and aims to establish an internal channel for reporting possible regulatory violations, violation of internal and/or ethical policies and establish a whistleblower protection regime, in compliance with Law 2/2023, of February 20, regulating the protection of people who report regulatory violations and the fight against corruption.
This Channel is a mechanism that allows company employees and other interested parties to report any type of illegal conduct or conduct contrary to our values and ethical principles, without fear of reprisals, strengthening the information culture and integrity infrastructures. of organizations and the promotion of the culture of information or communication as a mechanism to prevent and detect threats to the public interest. In this way, we seek to promote a culture of transparency, integrity and responsibility in our organization, while protecting those employees who decide to make a complaint in good faith.
II. COMPLAINTS CHANNEL
The complaints channel is the preferred channel for reporting planned actions or omissions as long as the infraction can be dealt with effectively and if the complainant considers that there is no risk of retaliation.
The complaints channel is in charge of the person responsible for the Channel’s internal system, and has various managers depending on the scope of the information received.
The person responsible for the system will be in charge of:
• Reception, registration and management of complaints received through the complaint channel.
• Designation of the person or team in charge of investigating the complaints received.
• Ensuring the protection of whistleblowers and the confidentiality of the complaints received.
• Evaluation of the veracity and credibility of the complaints received.
• Decision making on appropriate measures based on research results.
• Monitoring and periodic review of the complaint management process and the company’s internal policy.
• Preparation of reports and recommendations for senior management on complaints received and measures taken.
Informants within the scope of application of the law can make their complaints through the following means:
• Link to the online reporting channel:
https://compliance.legalsending.com/canal/?C=48601379019012467
• QR code:
• Sending an email to the following address: canaldedenuncias@asthor.com
• Postal mail addressed to C/MG La Pondala, nº 41, PI Somonte, 33393, Gijón (Asturias), to the Head of the Internal Information System, Mario Pérez Ricoy .
• At the request of the reporting person, through a request addressed to the System Manager, communication may be carried out through a face-to-face meeting
III. REPORTING SUBJECTS – INFORMANTS
The channel may be used by:
1. People who have the status of employees or workers.
2. Self-employed collaborators (freelance).
3. Shareholders, participants and persons belonging to the administrative, management or supervisory body of the company, including non-executive members.
4. Any person who works for or under the supervision and direction of contractors, subcontractors and suppliers.
5. Informants who communicate or publicly reveal information about violations obtained within the framework of an employment or statutory relationship that has already ended, volunteers, interns, workers in training periods regardless of whether or not they receive remuneration, as well as those whose employment relationship has not yet begun, in cases where information about infringements has been obtained during the selection or pre-contractual negotiation process.
It is important to highlight that complaints made through the complaints channel must be in good faith, that is, they must be supported by evidence and concrete facts.
IV. REPORTABLE FACTS
The channel will only be used to warn the company of the following aspects:
A. Any actions or omissions that may constitute violations of European Union Law provided that:
1. They fall within the scope of application of the acts of the European Union listed in the Annex to Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons who report infringements of Union law, regardless of the qualification that the domestic legal system makes of them;
2. Affect the financial interests of the European Union as contemplated in article 325 of the Treaty on the Functioning of the European Union (TFEU); either
3. Affect the internal market, as contemplated in Article 26, paragraph 2 of the TFEU, including infringements of the European Union rules on competition and aid granted by States, as well as relative infringements to the internal market in relation to acts that infringe corporate tax rules or practices whose purpose is to obtain a tax advantage that undermines the object or purpose of the legislation applicable to corporate tax.
B. Actions or omissions that may constitute a serious or very serious criminal or administrative offense*.
*In any case, all serious or very serious criminal or administrative infractions that imply economic loss for the Public Treasury and Social Security will be understood to be included.
The reporting person must provide at least a reference to the subjective scope of the infraction (matter or regulation violated: European Union Law; criminal infraction; or administrative infraction); and a description of the facts being communicated (relevant information about what happened), as detailed as possible, attaching the documentation that may be available, if applicable.
Likewise, you can provide your name and surname, and a contact telephone number, if you do not choose to make this communication anonymously.
If you know the identity of the person responsible for the reported irregularity, or have made these facts known to another body or entity through some external channel, you may also provide this information.
V. REPORTING PROCEDURE
The company undertakes to investigate all reports of possible infringements or non-compliance that are received through the reporting channel.
The company will designate a person or team as responsible for the information system or complaints channel in charge of receiving, recording and managing complaints received through the complaint channel.
The System Manager will carry out his functions independently and autonomously with respect to the rest of the bodies of the entity or organization, he will not be able to receive instructions of any kind in his exercise, and he will have all the personal and material means necessary to carry them out.
All allegations will be investigated impartially and confidentially and appropriate measures will be taken based on the results of the investigation to protect the whistleblower.
The company undertakes to inform the complainant about the status of the investigation and the measures adopted, whenever possible and without compromising the confidentiality and protection of the complainant, and may request additional information to the facts communicated through the channel.
At the request of the informant, they may also appear through a face-to-face meeting within a maximum period of seven days to make a communication. Said meeting will be recorded in the terms established by law. Without prejudice to their rights in accordance with data protection regulations, the informant will be offered the opportunity to verify, rectify and accept the transcription of the conversation by signing.
Additionally, the company is committed to tracking all complaints received and measures taken to ensure the effectiveness of this policy and continually improve the process.
Communications through the information system may be anonymous.
Communications received will be accepted within a maximum period of 7 days and managed during a maximum period of 3 months, except in cases of special complexity that require an extension of the period, in which case, this may be extended up to a maximum of another three additional months.
Any information when the facts could indirectly constitute a crime will be sent to the Public Prosecutor’s Office immediately. In the event that the events affect the financial interests of the European Union, it will be referred to the European Public Prosecutor’s Office.
In addition to this Internal Channel, there are other external channels enabled by the competent authorities to also communicate actions or omissions that may constitute violations in the areas indicated above. Among these channels are:
State or Regional Channels:
• National Anti-Fraud Coordination Service.
• Prosecutor’s Office against Corruption and Organized Crime.
• National Police.
• Independent Whistleblower Protection Authority*:
* Law 2/2023 establishes the specific creation of this external information channel, and the appointment of an Independent Whistleblower Protection Authority. The aforementioned persons (“informants”) may communicate to said Authority, or to the corresponding authorities or autonomous bodies, the commission of any actions or omissions included in the “communications” section, either directly, or after having made said communication through of this Internal Information Channel. (INFORMATION ON ACCESS TO THIS EXTERNAL CHANNEL NOT YET AVAILABLE)
European Channels
• European Anti-Fraud Office (OLAF)
VI. PROTECTION OF INFORMANTS
The company is committed to protecting people who report infractions or non-compliance, in accordance with Law 2/2023.
Persons who report or reveal violations will have the right to protection against retaliation provided that the following circumstances apply:
1. They have reasonable grounds to believe that the information referred to is true at the time of communication or disclosure, even when they do not provide conclusive evidence, and that the aforementioned information falls within the scope of application of the law.
2. The communication or disclosure has been made in accordance with the requirements provided by law.
Acts constituting retaliation, including threats of retaliation and attempted retaliation against persons who submit a communication in accordance with the law, are expressly prohibited.
Retaliation is understood as any act or omission that is prohibited by law, or that, directly or indirectly, involves unfavorable treatment that places the person who suffers it at a particular disadvantage with respect to another in the work or professional context. only because of their status as informants, or for having made a public disclosure.
By way of example, reprisals are considered to be those adopted in the form of:
a) Suspension of the employment contract, dismissal or termination of the employment or statutory relationship, including the non-renewal or early termination of a temporary employment contract once it has expired. the trial period, or early termination or cancellation of contracts for goods or services, imposition of any disciplinary measure, demotion or denial of promotion and any other substantial modification of working conditions and the non-conversion of a temporary employment contract into one indefinite, in the event that the worker had legitimate expectations that he would be offered an indefinite job; unless these measures were carried out within the regular exercise of management power under the protection of labor legislation or legislation regulating the status of the corresponding public employee, due to proven circumstances, facts or infractions, and unrelated to the presentation of the communication.
b) Damage, including reputational damage, or economic loss, coercion, intimidation, harassment or ostracism.
c) Negative evaluation or references regarding work or professional performance.
d) Inclusion in blacklists or dissemination of information in a certain sectoral area, which hinders or prevents access to employment or the contracting of works or services.
e) Denial or cancellation of a license or permit.
f) Denial of training.
g) Discrimination, or unfavorable or unfair treatment.
The person who sees their rights violated due to their communication or disclosure after the two-year period has elapsed may request protection from the competent authority which, exceptionally and in a justified manner, may extend the protection period, after hearing the persons or organs that could be affected. The denial of the extension of the protection period must be motivated.
Administrative acts that are intended to prevent or hinder the presentation of communications and disclosures, as well as those that constitute retaliation or cause discrimination after the presentation of those under this law, will be null and void and will give rise, where appropriate, to disciplinary or liability corrective measures, which may include the corresponding compensation for damages to the injured party.
During the processing of the file, the persons affected by the communication will have the right to the presumption of innocence, the right of defense and the right of access to the file in the terms regulated in this law, as well as the same protection established for informants, preserving their identity and guaranteeing the confidentiality of the facts and data of the procedure.
The Independent Authority for the Protection of Informants, AAI may, within the framework of the sanctioning procedures that it instructs, adopt provisional measures in the terms established in article 56 of Law 39/2015, of October 1, of the Common Administrative Procedure of the Public administrations.
Those persons who communicate or reveal are expressly excluded from the protection provided by law:
1. Information contained in communications that have been inadmissible through any internal information channel or for any of the causes provided for in the law.
2. Information linked to claims about interpersonal conflicts or that affect only the informant and the people to whom the communication or disclosure refers.
3. Information that is already completely available to the public or that constitutes mere rumors.
4. Information that refers to actions or omissions not included in the scope of the law.
VII. CONFIDENTIALITY AND DATA PROTECTION
The personal data being processed, the documents provided and any other information provided in the complaint that contains personal information, will be treated confidentially by those responsible for the complaints channel in order to comply with the obligation to investigate. and manage the complaint filed as well as to comply with the legal obligations established in Law 2/2023, of February 20, regulating the protection of people who report regulatory infractions and the fight against corruption.
Personal data that is not clearly relevant to processing specific information will not be collected or, if collected by accident, will be deleted without undue delay.
The processing of personal data will be carried out ensuring compliance with Law 2/2023, of February 20, regulating the protection of people who report regulatory infractions and the fight against corruption, Regulation (EU) 2016/679. of the European Parliament and of the Council, of April 27, 2016, of Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights and of Organic Law 7/2021, of December 26 May, protection of personal data processed for the purposes of prevention, detection, investigation and prosecution of criminal offenses and execution of criminal sanctions.
Access to personal data contained in the internal information system will be limited to:
a) The person responsible for the system and whoever manages it directly.
b) The person responsible for Human Resources or the duly designated competent body, only when disciplinary measures could be adopted against a worker.
c) The person responsible for the legal services of the entity or organization, if the adoption of legal measures is appropriate in relation to the facts reported in the communication.
d) Those in charge of the treatment that may eventually be designated.
e) The data protection delegate. The data may be brought to the attention of the Legal Department, Lawyers, Judicial Bodies and State Security Forces and Bodies in the event that any of the information received is likely to be considered a crime or legal infraction of some type.
Legal basis for processing: The processing of personal data, in cases of internal communication, will be understood to be lawful under the provisions of articles 6.1.c) of Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 of April 2016, 8 of Organic Law 3/2018, of December 5, and 11 of Organic Law 7/2021, of May 26, when, in accordance with the provisions of articles 10 and 13 of the law , it is mandatory to have an internal information system. If it is not mandatory, the treatment will be presumed to be covered by article 6.1.e) of the aforementioned regulations. The processing of personal data in the cases of external communication channels will be understood to be lawful under the provisions of articles 6.1.c) of Regulation (EU) 2016/679, 8 of Organic Law 3/2018, of December 5. , and 11 of Organic Law 7/2021, of May 26.
Rights of the interested party: access, rectification, deletion, limitation, portability and opposition, free of charge by email to: canaldedenuncias@asthor.com in the cases legally provided for.
Conservation: The data will be kept for the legal period established for the processing of the file and for the time necessary for the exercise of legal actions or if it is necessary to leave evidence of the management of the channel. The interested party in turn has the right to submit a claim to the AEPD at www.aepd.es to request protection of their rights.
VIII. COMMUNICATION AND AWARENESS
The company will carry out regular training and awareness campaigns to foster a culture of integrity and transparency, and to inform employees and other stakeholders about the whistleblowing channel.
The company will also provide information on the rights and protections offered to whistleblowers under Law 2/2023.
The company undertakes to disseminate this policy to all employees and interested parties, and to update it regularly to ensure its compliance with applicable laws and regulations.