Internal Information System
What is the internal information system?
It is the system implemented by our organization to receive and manage potential cases of irregular and undesirable behavior.
The Internal Information System (hereinafter, IIS) is the system implemented by FAGOR ELECTRÓNICA to receive and manage information regarding possible irregularities, guaranteeing protection against retaliation for reporting persons whenever the communication falls within the established legal framework.
The reference regulation is the Whistleblowing Directive (European Directive 1937/2019), transposed into Spanish legislation through Law 2/2023 on the protection of persons reporting regulatory infringements and combating corruption.
Through the internal channels provided, any person professionally or employment-related to our organization may report potential criminal, administrative (serious or very serious), or European Union law infringements, as well as breaches of our code of conduct, with full guarantees of security and confidentiality and without suffering any retaliation, provided they have acted in good faith.
These policies and procedures apply to all employees of the parent company and subsidiaries of the Fagor Electrónica Group, including inactive members and collaborating members, regardless of their responsibility, position within the organization, type of contract (employment or corporate relationship), or place where they carry out their activities.
The IIS is part of our Compliance System and consists of the following elements:
· Policy or fundamental principles of the Internal Information System
· A System Manager, specific and independent, legally appointed by the Governing Board, who has designated a natural person responsible for receiving and processing reports.
· Internal communication channels, designed and enabled to comply with legal security and confidentiality requirements.
· A mandatory communication management procedure that guarantees the requirements of protection, confidentiality, objectivity, and effectiveness throughout the process of receiving, handling, and resolving received reports.
· And an IT platform that enables both case reporting and internal management of the processing.
All of this is carried out securely, with access to data restricted exclusively to persons legally authorized to do so, and with a private web area available for monitoring and bidirectional exchange of information and documentation related to the case with the reporting person.
How to report?
We provide a secure web platform where you can report your information easily and confidentially. If desired, you may also access a private area for monitoring the reported case and communicating with the case manager.
Upon entering our internal reporting platform, you will arrive at a main page where the general aspects of the channel will be explained and where you may read detailed information about our privacy policies for reporting and affected persons.
From there, you may access the form that will allow you to provide the details of your report, either in writing, through a secure audio recording, and even by attaching additional documentation if desired. We apply technical measures to protect your identity, including removing metadata from files, distorting voices, and encrypting all information exchanges.
You may submit your report anonymously or by identifying yourself. Your personal data will be used exclusively for the intended purposes described in the privacy policy and will be processed by authorized personnel, without revealing your identity under any circumstances to the person concerned by the facts described in the report or to third parties.
In the form, you will have the option to request an appointment to present or expand upon the information personally with the case manager. This appointment will be arranged within a maximum period of 7 days from your request through the private web monitoring area described below.
Verbal communications must be documented, subject to the consent of the reporting person, through recording in a secure, durable, and accessible format or by means of a complete and accurate transcription of the communication. Without prejudice to the rights granted under data protection regulations, the reporting person will, whenever possible, be given the opportunity to verify, rectify, and approve the transcript of the conversation by signature.
Once the form has been completed, we will confirm the registration of your report and provide you with an access key to the private monitoring area, where you may, if desired, follow the progress of your case and communicate and exchange information and documentation with the case manager in an easy, secure, and confidential manner. It is essential to keep this access key safe because, for confidentiality reasons, it cannot be recovered, and in the event of loss or forgetfulness, you will need to resubmit the information.
During case management, you may be asked for additional information through this private monitoring area, so it is advisable to access it periodically to review the status of your case. If you wish, when the access credentials to the private monitoring area are provided, you will also be offered the possibility of providing an email address whose sole purpose will be to notify you of updates regarding your case.
The case manager will analyze the submitted information to determine whether it can be processed and will send the reporting person a notification regarding whether or not the report has been accepted for processing.
If your report is accepted for processing, the internal investigation will begin and you will be informed of the outcome of the final resolution within a maximum period of 3 months (extendable to 6 months due to the complexity of the case).
External channel of the Independent Whistleblower Protection Authority:
Although the preferred method for reporting potential breaches is through the internal channel, if the irregularity you wish to report falls within the scope of Article 2 of Law 2/2023 — that is, possible criminal, serious or very serious administrative infringements, or breaches of EU law — you may report it through the external channel of the competent Independent Whistleblower Protection Authority, either directly or after reporting through our internal channel.