Whistleblowing

Exprivia has always paid close attention to preventing risks that could compromise responsible and sustainable business management, and it is convinced that working in compliance with ethical principles is favourable to its business. Therefore, it combats the occurrence of phenomena deriving from the violation of all regulations governing fairness, honesty and reliability in all internal and external relationships, committing to zero tolerance for corruption in any form whatsoever, reaffirmed both in the Code of Ethics and in the Organisation, Management and Control Model adopted pursuant to Italian Legislative Decree 231/01 since 31/3/2008.

Therefore, Exprivia not only follows the guidelines set forth by the Corporate Governance Code for listed companies issued by Borsa Italiana, but it has also introduced a digital platform that can be used by all stakeholders to report possible unlawful or irregular conduct and violations of company procedures and instructions, through an online portal.

The reports are handled by the Exprivia Ethics Committee and the Supervisory Body. The Ethics Committee consists of Internal Audit, the Head of the Human Resources Office, the Head of the Legal Office and by the RGPC (person responsible for the Anticorruption Management System).

Reports can be sent through the system without the need to either register or provide personal information. If whistleblowers decide to provide their personal information, they can be assured that it will remain confidential.

All personal data will be processed pursuant to regulations in force on the protection of personal data, i.e., Regulation (EU) 2016/679 (GDPR), as well as any other regulation on the matter applicable in Italy, with full respect for the rights and fundamental freedoms of the data subjects, particularly with regard to the confidentiality of their identity and processing security.

REGULATIONS

• Italian Legislative Decree no. 24 of 10 March 2023 “Implementation of directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019, relating to the protection of people reporting violations of Union law and providing dispositions on the protection of people reporting violations of national regulatory provisions”
• Italian Law no. 179 of 30 November 2017 “Provisions for the protection of whistleblowers reporting offences or irregularities of which they become aware as part of public or private work relationships” 
• Italian Legislative Decree no. 231 of 8 June 2001 “Regulations on the administrative liability of legal entities, companies and associations, even without legal personality, in accordance with article 11 of Italian Law no. 300 of 29 September 2000“
• Exprivia Code of Ethics
• Exprivia Organisation, Management and Control Model pursuant to Italian Legislative Decree 231/2001
• Law SA 8000 – Social Responsibilities Management System
• Law ISO 37001 – Anticorruption Management System
• European Regulation 2016/679 - GDPR (General Data Protection Regulation) of 27 April 2016
• Italian Legislative Decree no. 196 of 30 June 2003 “Personal Data Protection Code” supplemented with the amendments introduced by Italian Legislative Decree no. 101 of 10 August 2018 “Provisions for the adaptation of national law to the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

FAQ

1. Who can send a report?
Anyone can send a report to Exprivia; aside from its employees in Italy and abroad, everyone working on behalf or in favour of the Exprivia Group or who engages in business relationships through any type of contract or engagement (customers, suppliers, partners, advisors, agents, interns, etc.).

2. What should the reports be about?
The reports should generally regard the reasonable and legitimate suspicion or awareness in good faith of unlawful or irregular conduct in working activities which can harm the integrity of the Exprivia Group. Therefore, they should be related to:

• violations of the Code of Ethics (discrimination, harassment, conflicts of interests, etc.);
• violations of the Organisation, Management and Control Model pursuant to Italian Legislative Decree 231/2001;
• in general, facts that may amount to offences or cause harm (financial or reputational) to the Exprivia Group;
• violations of internal provisions or procedures liable to disciplinary sanctions;
• violations/complaints relating to social responsibilities (e.g. discrimination, gender equality, fairness) and anti-corruption (e.g. active and passive corruption events, gratuities, gifts) issues.

The following should not be reported and, in any event, will be ignored by the system:

• information based on “rumours” or “word of mouth”;
• personal complaints.

3. Which channels can I use to send a report?
The following channels can be used:

• web portal: Whistleblowing
• email: ODV@exprivia.com 
• telephone number +39 080 3382070
• ordinary postal address of the Supervisory Body / Internal Audit Via Adriano Olivetti no. 11 70056 – Molfetta (BA)

The web portal is Exprivia’s primary reporting channel. 

4. What should be included in the report?
The report should contain all useful information to enable the bodies responsible for analysing and processing the report to conduct the appropriate investigations regarding its validity. Therefore, the report should contain a description of the facts (including places and dates), the parties involved and any names of other parties that can provide information about the facts; it may also contain attachments (documents, photos and audio and video recordings).

5. Can I send an anonymous report?
Yes, it is possible to send anonymous reports. Exprivia will take those reports into consideration only if the information provided is circumstantiated so as to indicate events and situations on which it is possible to conduct the necessary verifications.

6. Who will be responsible for handling by report?
Reports are received, analysed, checked and processed by Internal Audit, the Supervisory Body, the Head of the Legal Office, the Head of the Human Resources Office and by the RGPC (person responsible for the Anticorruption Management System). If it is deemed that one of the members of the assessment team is involved to any extent in the report or it is deemed necessary or even only appropriate for one of such members to refrain from managing the report, it is possible to specify that circumstance in the web portal and exclude specific parties from receiving the report.

7. Can I monitor the status of my report?
Certainly. The whistleblower may receive continuous updates on developments regarding his or her specific report by using the unique code provided by the web portal when the report was created.