Digital complaints system for the LkSG

This complaints system can be used to report human rights and environmental risks or violations. Reports of human rights violations and environmental risks have a high priority and enable those responsible to respond quickly. Only in this way can abuses be corrected and prevented in the future. The complaints system offers any person or organization that is directly affected or represents the interests of a directly affected person or group, or has knowledge of a risk or violation, the opportunity to report grievances or violations via a secure online platform. Incoming reports are seriously examined and treated accordingly. For complainants (persons or organizations) who act in good faith and try to contribute to the clarification of grievances or violations, the law guarantees a high level of protection and confidentiality. Complaints can also be submitted anonymously. Communication with the company is also guaranteed for anonymous complainants. After submitting the report, create your own anonymous access to the report with the option of communicating with the company and exchanging information or data. All complaints and reports are processed neutrally, objectively, appropriately and in compliance with the presumption of innocence.

Submit message Login

System & Security

The complaints platform used by our company is the White Sparrow System from MKM Compliance GmbH. The system ensures that submitted reports are only transmitted in encrypted form. They are processed in a highly secure environment and - if requested by the reporting party - anonymously. This means that in the case of anonymous reports, no e-mail address, telephone number or other technical data that could be used to identify the reporter is recorded and stored. The metadata required for the transmission is subsequently deleted. The IT systems, servers and data centers are certified in accordance with DIN ISO 27001/2, ISO 22301 and 27018, are located in Germany and are maintained exclusively by German companies. The processing of all data naturally complies with the provisions of the General Data Protection Regulation (GDPR). The data is stored in a database in which only the persons designated by the company have access to the data. With the White Sparrow system, reports can be submitted online around the clock, seven days a week worldwide in several fruages.

Why should I submit a report?

Human rights violations and breaches of environmental protection regulations must be detected, tracked and remedied in a targeted manner. By reporting such violations or infringements, you enable the company to respond to them promptly and specifically. The protection of human rights, environmental protection, integrity and compliant behavior are fundamental values of companies that not only have an impact on sustainable economic success, but also on the well-being of each individual in the team. By using the complaints platform, companies fulfill the legally required framework conditions in accordance with the Supply Chain Due Diligence Act and thus create a confidential and protected environment that provides the complainant with control and transparency. The complainant is informed about the measures taken via the platform and can enter into an exchange with the company, even anonymously.

Submit message

Frequently asked questions

Who can submit a report?

Any person or organisation that is directly affected or represents the interests of a directly affected person or group, or has knowledge of a risk or violation, can submit a complaint. Irrespective of the position of the complainant (person or organisation), all these groups enjoy the confidentiality and protection afforded by the law.

Is my report really confidential?

The companies must treat your identity and the reported offence confidentially. The information will only be shared with a small group of people for the purpose of clarifying the facts. You can choose whether to reveal your identity or remain anonymous. Depending on the legal situation, anonymous reports may not have to be processed legally. However, serious information will usually always be taken into account. As the information you disclose can lead to investigations and (possibly criminal) consequences for the persons concerned, you must be convinced that the information you report is true. Deliberately stating false facts or false suspicions may result in criminal prosecution for the complainant. In this case, you as the complainant are not protected. However, you will not face any consequences if you provide your information to the best of your knowledge and belief and in good faith, even if the information later turns out to be false. The reasons for your report are irrelevant as long as you believe them to be truthful. Please note that, as the complainant, you may not disclose any information if you yourself are subject to a statutory professional duty of confidentiality, e.g. as a doctor or tax consultant. In addition, under certain circumstances, those who become aware of the report may be legally obliged to disclose all reported information to government agencies. This may be the case, for example, if there are legal obligations to involve the authorities in areas affected by a report. The company may also be forced by investigating authorities (e.g. as part of a search) or a court to disclose information and the identity of the whistleblower.

How do I submit a report?

In order for a report to be checked and processed correctly, it is important that you provide as much specific information as possible and describe the offence as precisely as possible. The best way to do this is to answer the questions ‘Who’, ‘What’, ‘Where’, ‘How’ and ‘When’. - In order to ensure that the facts of the case are clarified quickly, it would be helpful if you were available to answer any questions. Whether directly via the complaints system, by telephone or via an e-mail address is up to you. When communicating via the digital complaints system, you remain anonymous. To do this, you create an anonymous account yourself after submitting the report. You will be automatically instructed to do so after submitting the complaint. Two-way communication with the company can then take place via this account. You should also be aware that your report will be reviewed by people who may not have any expertise in your area. Therefore, please endeavour to describe the facts as clearly and objectively as possible. If you have any further questions about the procedure or the White Sparrow complaints system, you can email the White Sparrow team at incident@mkm-compliance.de with your questions. We will be happy to provide you with non-binding and confidential information about the reporting process.

How does the reporting process work?

1. On the following pages, you will first be asked to describe the offence in as much detail as possible and to provide important information. Information such as your name or position is not mandatory. 2. If you provide your name and a contact option, you will receive a response from the company after a reasonable period of time. 3. Please understand that processing may take some time depending on the extent of the complaint. We take your concern seriously and would like to examine it with due diligence. However, queries can also be sent to you in advance. These can be addressed to you directly via the system without having to disclose your identity. 4. The complaint will be examined and processed in accordance with the legal requirements and taking into account the BAFA guidelines and instructions. The reported facts will be examined by the company. 5. If the complaint proves to be justified, a proposal for a solution will be drawn up on the basis of the facts ascertained. The company will determine the necessary remedial measures and consistently follow up on their implementation. The complainant is informed accordingly.

What safety standards are met?

The White Sparrow complaints system is provided by MKM Compliance GmbH as an independent partner. The reports are recorded with the help of software developed in a highly secure banking environment and stored in technically highly secure data centres in Germany without access from abroad. The reported information is stored exclusively on servers in data centres that are certified in accordance with DIN ISO 27001/27002, ISO 22301 and 27018, SOC 1, SOC 2 and SOC 3. The metadata required for transmission, such as IP addresses or network and device specifications, is only stored on these servers for a short period of time and then deleted without the companies or employees of MKM Compliance having access to it. In addition, the system is set up in such a way that an IP address cannot be linked to a submitted report. This means that even if the data is accessed, it is no longer possible to link it to a report. You decide whether you want to remain anonymous or provide personal details. In any case, the content of the report is transmitted securely in encrypted form.

What other reporting channels are there?

A report can be made in text form here in the complaints system. If the company has set it up, reports can also be submitted by e-mail or voice via a telephone mailbox. If necessary, please visit the website of the company concerned. All incoming reports are entered into this digital complaints system and processed there in a protected environment. If the company concerned offers further options for submitting a report, it may have publicised this itself.