Whistleblowing Policy

 

1. General Information

1. Legal basis

2. Definitions

3. Reportable violations

4. Principles

2. Reporting procedure

1. Submitting a report

2. Reporting options

1. Reporting options for HEAD employees

2. Reporting options for external whistleblowers

3. Content of the report

4. Processing the report

3. Data protection

 

1. General information

1.1 Legal basis

The legal basis for the whistleblower protection provisions in the EU Member States is EU Directive No. 2019/1937 of 23.10.2019, which was adopted by the European Parliament and the Council on the protection of whistleblowers ("Whistleblowing Directive"). Each EU member state was obliged to transpose the provisions of the Whistleblowing Directive into its national law. In Austria, this has been implemented through the “HinweisgeberInnenschutzgesetz“ (HschG).
This Whistleblowing Policy applies to all companies of the HEAD Group that fall within the scope of EU Directive No. 2019/1937 of 23.10.2019 ("Whistleblowing Directive") (hereinafter referred to as "Company").

 

1.2 Definitions


• Whistleblower: Natural persons who report or disclose information on breaches obtained in connection with their work activities.
• Violation(s): Acts or omissions that are unlawful or contrary to the object or purpose of national legislation or directly applicable EU law.
• Reprisals: Direct or indirect acts or omissions in a professional context that are triggered by an internal or external report or disclosure and that cause or may cause unjustified disadvantage to the whistleblower.

 

1.3 Reportable violations


Reports may fall within the following scope of application (not an exhaustive list):


• Financial services, financial products and financial markets and prevention of money laundering and terrorist financing
• Product safety and compliance
• Transport safety
• Protection of the environment
• Consumer protection
• Protection of privacy and personal data, and security of network and information systems


The whistleblowing system serves exclusively to receive and process reports of actual or alleged violations of laws, national regulations and all internal company regulations (e.g. code of conduct) in connection with the Whistleblowing Directive. In particular, it is not available for general complaints ("grievance box") or for product and warranty inquiries.

 

1.4 Principles

Whistleblowers can be all employees (including part-time and temporary employees) but also applicants, interns, self-employed persons and all persons working for contractors, subcontractors and suppliers.

Whistleblowers must report violations in good faith, i.e. there must be reasonable grounds at the time of the report to believe that the information about reported violations was correct. Concrete knowledge of actual violations is not necessary - reasonable suspicions/concerns are sufficient.

A knowingly intentional false report is unacceptable and entitles HEAD to take action against such persons. False reports can therefore have negative consequences for the person concerned and can also lead to him/her being held liable for any damage suffered by someone as a result of such a false report.

Whistleblowers are protected from reprisals, such as dismissal, negative performance reviews, termination of fixed-term employment contracts, claims for damages, harassment, discrimination, etc., on the basis of justified reports.
Whistleblowers have the option of remaining anonymous with every report. The report must be treated confidentially if requested.

 

2. Reporting procedure

 

2.1 Submitting a report


HEAD encourages anyone with information about a suspected violation of law, national regulations or any company policy to report it using one of the reporting options listed below. Acting in good faith will protect the individual from any negative consequences, regardless of whether the information reported ultimately proves to be accurate or not.


2.2 Reporting options


HEAD offers Whistleblowers several ways to report a potential or actual violation. Any person who has knowledge of an actual or potential violation of applicable laws, as well as questions or concerns about an actual or potential violation, can report the matter promptly through one of the reporting channels. The available reporting channels differ for HEAD employees and external whistleblowers.

Under certain conditions, external reporting channels (national authorities) are also available to whistleblowers in addition to internal reporting channels.


2.2.1  Reporting options for HEAD employees


The following reporting channels are available to employees of the HEAD Group:

• Online reporting tool (“EQS”)
All reports can be submitted online via the whistleblowing reporting tool set up for HEAD. The reporting tool is secure and complies with applicable data protection and labor law. The reports are processed by the legal department on a confidential basis. Other departments may be involved if necessary for the processing of the report.

 

• By post
Alternatively, a report can be made by post. The address for this is:
HTM Sport GmbH
Attn.: Whistleblowing (Amanda Neil)
Tyroliaplatz 1
2320 Schwechat

 

• By email
A report can also be sent by e-mail to the following address: whistleblowing@head.com

 

• By phone
A report can be made by telephone on +43 1 70 179 204 (Amanda Neil)

 

• In person
A report can also be submitted in person to Amanda Neil, Tyroliaplatz 1, 2320 Schwechat

 

 

2.2.2Reporting options for external whistleblowers


I seguenti canali sono disponibili per le terze parti (fornitori, clienti etc.):


• By Post
A report can be made by post. The address for this is
HTM Sport GmbH
Attn.: Whistleblowing (Amanda Neil)
Tyroliaplatz 1
2320 Schwechat

 

• By Email
A report can also be sent by e-mail to the following address: whistleblowing@head.com

 

• By Phone
A report can be made by telephone on +43 1 70 179 204 (Amanda Neil)

 

• In person
A report can be submitted in person to Amanda Neil, Tyroliaplatz 1, 2320 Schwechat

 

2.3 Content of the report

 

When reporting a whistleblower incident, the whistleblower should disclose as much information as possible. If known, the whistleblower can provide the following information:


Where did the incident occur?
 What does the suspicion relate to?
 Are you an employee of the business unit concerned?
 In which company did the incident occur?
 Which department is affected?
 Which persons are involved in the incident?
 In which city did the incident take place?
 Name of the whistleblower (or request for anonymity)
 Date and time when the report was made


2.4 Processing the report
If the report was submitted via the online reporting tool or an alternative reporting option was selected in which contact details were provided, the whistleblower will receive an acknowledgement of receipt within seven days of receipt of a report.
Subsequently, the whistleblower will receive a response within three months of the report outlining the measures taken to resolve the matter or the reasons why the matter cannot be processed further.
In some cases, the whistleblower may be asked to provide additional information if this is necessary for the further processing of the report.

 

3. Data protection

Any processing of personal data in accordance with this policy and national laws is carried out in accordance with Regulation (EU) 2016/679 of April 27, 2016 (General Data Protection Regulation, hereinafter referred to as "GDPR") and the GDPR guidelines implemented within the company.
General information:
The processing of personal data by HEAD (controller) in connection with a whistleblower report (such as name, e-mail address, telephone number, address and other data to be collected for processing the report) is based on legal authorizations or obligations for the purpose of clarifying reports that have been made.


Transfer:
The personal data provided on the basis of a notification may be transferred to other companies of the HEAD Group (details at https://www.head.com/en-IC/about/locations/)within and outside the EU/EEA taking into account data protection regulations. HEAD may also have to transfer personal data to competent authorities e.g. law enforcement authorities, tax authorities, courts, consulting firms and legal representatives.
When reporting via the online reporting tool (“EQS”), personal data may also be passed on to EQS for technical implementation. Further information can be found in the privacy policy of the online reporting tool.

Storage period:
Personal data that is clearly not necessary for the processing of a specific report shall not be collected or, if it was collected inadvertently, shall be deleted immediately.
Otherwise, we only store personal data for as long as is necessary to process a notification or for as long as we have a legitimate interest in storing the personal data. In addition, data may be stored for as long as required by European or national legislation to fulfil legal obligations, such as retention obligations. All personal data will then be deleted, blocked or anonymized.


Rights of data subjects:
In principle, there is a right to information, deletion, correction of data, restriction of processing, revocation of consent to data processing (if such consent has been granted), data portability and objection. To exercise these rights, a message can be sent to privacy@head.com. Furthermore, there is also the right to lodge a complaint against the processing of personal data with the data protection authority.
The above-mentioned rights shall not apply to persons affected by a tip for the duration of administrative/judicial proceedings or investigative proceedings under the Code of Criminal Procedure, as long as and to the extent necessary to protect the identity of the whistleblower and other persons protected by law and to achieve the above-mentioned purposes. In particular, in order to prevent attempts to prevent, undermine or delay information or follow-up measures based on information.

 

Date version: July 2024