Reports must only relate to violations that harm the public interest or the integrity of the private entity and consist of:

• administrative, accounting, civil or criminal offences
• relevant unlawful conduct pursuant to Italian Legislative Decree 231/2001 or violations of the organization and management model that may be adopted by your company
• offences falling within the scope of European Union or Italian acts
• acts or omissions that harm the financial interests of the European Union
• acts or omissions relating to the internal market.

Any report that does not fall within the scope of the law will not be taken into consideration. 

For unfounded reports, penalties of €500 to €2,500 are provided for against the whistleblower, as well as his liability for the crimes of defamation or slander or his civil liability in cases of wilful misconduct or gross negligence.

Through the Legality Whistleblowing platform, a cloud-based tool produced by an external provider, you will have the opportunity to send reports of unlawful conduct.

The platform guarantees the absolute confidentiality of the identity and data of the whistleblower, as well as the content of the report, which will therefore not be accessible by anyone except the person in charge of managing reports, an external subject bound by secrecy.

Access links to the platform for Group companies are available here.

The whistleblower's data is separated from the report, so the report is sent to the person in charge of managing reports anonymously. Only the Processor is able to associate the report with the whistleblower's data and thus view the identity of the whistleblower. The Processor will be able to view your identity if he deems it necessary: in this case you will be informed by a notice within the report.

All information is encrypted and protected by the platform. 

For the sake of confidentiality, we recommend that you do not use your corporate email address, devices, and networks.

Corporate mailboxes, devices and networks may have protections that allow only system administrators and for IT security purposes to access e-mails and information on the websites visited.

Therefore, if you want the report to be totally anonymous, as a further guarantee of confidentiality, it is advisable to access the reporting platform with an e-mail address, devices and networks not corporate.