Whistleblower Protection

1. Whistleblower FAQ 

This FAQ serves to clarify all open questions regarding whistleblower protection at BREDEX.

What are the aims of whistleblower management in my company?

In addition to the legal requirements under the ´Hinweisgeberschutzgesetz´(HinSchG), whistleblower management serves to protect whistleblowers. Whistleblowers should be able to submit information directly via the whistleblowing channel. The aim is to sustainably improve the company and eliminate weaknesses.
It is important that the information is treated confidentially and that these reports are processed professionally by the whistleblowing officers.

Who can be a whistleblower?

A whistleblower can be any person who has obtained information about violations in connection with their professional activities. This can be, for example, employees, trainees, customers, suppliers, interns or members of the Supervisory Board.

Which breaches can be reported?

All violations of Union regulations as well as violations of national regulations, such as criminal offenses, certain administrative offenses and violations of the law (e.g. product safety, environmental protection, food and feed safety regulations, money laundering, bribery, misappropriation of funds, antitrust violations, audits and internal financial controls).

Which principles are considered when processing the report?

We are committed to confidentiality, impartiality and protection of the whistleblower when processing the report. This procedure extends throughout the entire reporting process.
Confidentiality is the top priority when processing reports. To this end, the internal reporting channel is only staffed by a maximum of 2 people to ensure continuous processing and a deputy in the event of absences. The persons entrusted with the tasks of an internal reporting office are independent in the performance of their duties and have the necessary expertise to handle the reports confidentially and professionally.
In addition to confidentiality, adverse treatment of whistleblowers in the form of reprisals should also be prevented. We are committed to continuously improving this reporting channel and to constantly monitoring the optimization of work processes.

How can information be reported?

It is possible to contact the internal and external reporting office. Whistleblowers should prefer to report to an internal reporting office in cases where effective internal action can be taken against the violation and they do not fear reprisals. This is because internal reporting is often the best way to get information to the people who can investigate and remedy the breach most quickly.

How can I report a tip to an internal reporting office and what happens afterwards?

You can find the BREDEX internal reporting channel on the website ( under “whistleblower protection”. After completing the whistleblower form, you will receive a notification that the report has been received. You will also receive login data that you can use to log in to the system to communicate with the reporting officers and answer further questions. This helps the reporting officer to obtain the best possible picture of the process and the content of the report. You will receive feedback on any follow-up measures planned or taken no later than 3 months after confirmation of receipt.

What powers does the reporting officer have?

The reporting officers are responsible for communicating with the whistleblower. After receiving the report, the internal reporting office checks whether the material scope of the reported violation pursuant to § 2 HinSchG applies. In addition, the internal reporting office checks the validity of the report and requests further information if necessary. Once the investigation has been completed, the internal reporting office will initiate follow-up measures, such as further internal investigations, referral to a competent internal office, closure of the procedure or transfer of the procedure to a competent unit at the employer or a competent authority.

Which external reporting bodies can also be contacted?

If an internally reported violation has not been remedied, the whistleblower is at liberty to contact an external reporting office.
The following external reporting offices exist:

Under what conditions do whistleblowers receive protection?

The whistleblower is protected by the whistleblowing law (HinSchG) if they have contacted an internal or external reporting office or disclosed information in accordance with § 32 HinSchG. In addition, the whistleblower must have reasonable grounds to believe at the time of the report that the reported information is true and that the information falls within the scope of § 2 HinSchG or that there are at least sufficient grounds for this assumption.

How does the protection of whistleblowers manifest itself?

A whistleblower cannot be held legally responsible for obtaining or accessing information that they have reported or disclosed unless the access itself constitutes an independent criminal offense. Thus, contractual obligations, e.g., non-disclosure agreements or confidentiality clauses, cannot prevent a justified report.
In addition, reprisals against the whistleblower are prohibited. Reprisals are any disadvantages suffered by a whistleblower in connection with their professional activities, such as dismissal, warnings, non-promotion or bullying. If reprisals are taken against the whistleblower, the employer must prove that the discrimination is not related to the whistleblowing.
If a reprisal is nevertheless taken against the whistleblower, the whistleblower has a claim for damages under the Whistleblower Protection Act (HinSchG).

Is my information protected as a whistleblower?

The top priority is to ensure the confidentiality of the identity of the whistleblower and all other persons named in the report. Please also note that the protection of the HinSchG only applies if you had reasonable grounds to believe that the information you reported was true at the time of reporting. As soon as it can be proven that the whistleblower has intentionally or grossly negligently made a false report, they are obliged to pay compensation for the damage incurred. Deliberately false information may also result in criminal prosecution.
The person making the report must therefore have factual evidence to support the assumption of a violation, for example because they have noticed the violation themselves or have made reliable inquiries. Pure speculation is not covered by whistleblower protection. Therefore, if possible, name all evidence available to you (e.g. witnesses, certificates, other documents, photo files, etc.) as the whistleblower.
Only the responsible reporting office officers have access to the data in the reporting channel.

How will my data be managed as a whistleblower?

We are aware that data from whistleblowers and their reports are extremely sensitive data. For this reason, we have taken further technical and organizational measures to protect your data.

Organizational measures:

  • Authorization concept
  • Work instructions/guidelines
  • Whistleblower Directive
  • Regular training for the reporting office officers
  • Training of all employees and managers
  • Documentation of incoming information in the restricted access folder
  • Deletion concept
  • Data protection impact assessment
  • Adaptation of the list of processing activities
  • Reporting office officers are obliged to maintain confidentiality

Technical measures:

  • Access restrictions to whistleblower protection folder and Akarion
  • Encryption of the data
  • Password protection
  • Prevention of third country transfers through local server storage

The documentation is deleted three years after completion of the procedure in accordance with § 11 Abs. 5 HinSchG. The documentation may only be kept for longer to meet the requirements of this Act or other legal provisions as long as this is necessary and proportionate.