Your report has been sent successfully and has been received by us.
Please make a note of your individual identifier. With the identifier and your chosen password, you can log in via the entry page and check the status of the processing.
Privacy policy
Welcome to FELD M (hereinafter also referred to as "FELD M", "we" or "us"). According to the Hinweisgeberschutzgesetz (Whistleblower Protection Act; hereinafter referred to as the "HinSchG" to set up and maintain a reporting office in accordance with §§ 12 to 18 HinSchG. To this end, we operate reporting channels through which you can contact our internal reporting office to report information about violations.
In the following, we will inform you about the purpose and legal basis for which we process your personal data, for how long and what rights you have with regard to data processing, provided that you use our reporting channels.
Please take the time to read this notice as it contains important information about how we handle your personal information.
Also please note:
This document is drawn up in German. The following English translation is provided for convenience only. In case of any discrepancies between the German version of this document (you can find under "Datenschutz" in the German version of this page) and the English version, the German version shall prevail.
If we use the term "data" in the text, only personal data within the meaning of the GDPR is meant, including those of the special category.
We are obliged to set up a reporting office in order to comply with the requirements of Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons who report violations of Union law ("Whistleblower Protection Directive") implemented by the Federal Republic of Germany with the Whistleblower Protection Act.
The aim of the Whistleblower Protection Directive is to improve the enforcement of European Union law in certain areas by providing special protection to persons who report breaches of Union law. Even if the HinSchG does not expressly mention this objective, it must be taken into account by way of an interpretation of the law in conformity with European law. The goal expressly enshrined in the HinSchG is the protection of natural persons who have obtained information about violations in connection with their professional activity or in advance of a professional activity and report or disclose it to the reporting office. The HinSchG also aims to protect persons who are the subject of a report or disclosure, as well as other persons affected by a report or disclosure.
In order to be able to report violations taking into account the aforementioned goals, we have therefore set up a reporting office and operate the corresponding reporting channels.
If you contact the internal reporting office to report or disclose information about violations to us, the reporting office will only process your data to the extent necessary to document the report and the respective state of affairs and to confirm receipt of the report to you. Furthermore, we process your data in order to check whether the reported violation falls within the material scope of application of the HinSchG and thus the responsibility of the internal reporting office is opened, to check whether the report is valid, and if it is necessary for the processing of the report, in particular for the processing of the report. the investigation of the facts is necessary to communicate with you regarding further information. In the process, we take notes and prepare minutes. We also process your data in order to take appropriate follow-up measures and to provide you with feedback on this and any actions still planned and the reasons for doing so. If the rights of persons associated with the report are affected by the internal investigations and investigations, no feedback will be given.
If you are named in a report or are the subject of a report, we will only process your data to the extent necessary to document the report and the respective state of affairs, to check whether the reported violation falls within the material scope of application of the HinSchG and thus whether the internal reporting office is responsible. We also process your data to check whether the report is valid. If it is established, we will process your data in order to carry out the investigations necessary for the investigation of the facts and to take appropriate follow-up measures.
If you are an agent of the internal reporting office, we process your data in order to provide you with an account in the whistleblower module of our DPMS data protection software (DPMS) and to give you access to the reporting channels. In addition, we process your data to the extent necessary to document the reports and the respective state of affairs.
The purposes of the processing are, with reference to the legally enshrined objectives of better enforcement of Union and national law
The legal basis for this is Art. 6 para. 1 letter c), Art. 9 para. 2 j GDPR in conjunction with § 10 HinSchG.
Access to or access to your data is only granted to persons entrusted with the processing of reports. As a rule, these are the reporting office officers and employees in the reporting office. If the disclosure of information that allows conclusions to be drawn about your identity as a whistleblower is necessary in the context of processing a report for follow-up measures, we will only pass on this information to competent authorities outside the reporting office if you have previously consented to the disclosure in accordance with § 9 (3) HinSchG. In the context of criminal prosecution or other obligations to authorities, your personal data may have to be disclosed to state investigating authorities or other competent state authorities as part of legal obligations. In this case, we will inform you in advance of this as well as the reasons for the disclosure. Refrain from providing information if the competent authority has informed us that this would jeopardise the relevant investigations, investigations or legal proceedings.
Our reporting channels are currently set up in the whistleblower module, of our DPMS data protection software (hereinafter referred to as "DPMS"). The DPMS data protection software is technically operated and provided by LegalInnovate Technologies GmbH, located at Issumer Tor 45 in 47608 Geldern, Germany. DPMS processes your data on our behalf and according to our instructions on servers in Germany. This means that they are not allowed to use or use your data for themselves, especially not for their own purposes or their own advertising measures. Any person who gains access to the data is bound by a duty of confidentiality.
We delete your data as soon as it is no longer necessary to achieve the purpose for which we collected it. This is usually the case three years after the end of the calendar year in which the proceedings were concluded.
They have the right to request information at any time about what data is stored about them. You can request correction, deletion and restriction of processing (blocking) of your personal data as long as this is legally permissible and possible within the framework of an existing contractual relationship. You have the right to lodge a complaint with any supervisory authority for data protection. You can object to data processing for reasons arising from your particular situation, if the data processing is based on our legitimate interests or is necessary for the performance of a public task.
Further information on data protection, in particular on your rights as a data subject, as well as information on the controller and data protection officer, can be found under the following link: https://www.feld-m.de/datenschutz/.
If you have any questions about the processing of your data, please contact the Data Protection Officer (datenschutz@feld-m.de).
Section 4 of the HinSchG guarantees protective measures for whistleblowers and other protected persons, such as exclusion of responsibility, prohibition of reprisals or obligations to pay damages.