We consider integrity to be one of the cornerstones of our DNA. Therefore, a whistleblowing system has been established that allows both employees and external parties to confidentially report breaches of internal policies and procedures, laws and regulations.
Making a report is not an easy decision. Within the Matexi entities, we are aware that the reporter is concerned about the possible implications and reprisals of a report. We have therefore drawn up a policy to ensure that a framework is defined within which stakeholders can raise their concerns without fear of reprisals.
Apart from its functionality in itself, the presence of a whistleblower channel also has a deterrent effect on misconduct within the organization.
The whistleblowing system is in line with EU Directive 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of individuals who report breaches of Union law (hereinafter the “Directive”).
This policy covers the following entities:
This policy also applies to reporters whose working relationship has ended or is about to begin, if they have obtained information about infringements during or after the termination of the working relationship or during the recruitment process or other pre-contractual negotiations.
The following topics fall within the scope of the whistleblowing procedure:
Consequently, the policy does not cover complaints about employment or interpersonal grievances between the whistleblower and another colleague. For these complaints, we refer you to the respective HR departments or confidants.
You are strongly encouraged to report your concerns through the internal channels below if you have knowledge or suspicion of a breach related to any of the above categories.
We provide the following reporting channels which are accessible to internal and external reporters. Reports can be submitted via:
for the attention of the Whistleblower Officer
Franklin Rooseveltlaan 180
For Sibomat NV
for the attention of the whistleblower
Oude Waalstraat 248
Matexi makes a platform available that makes it possible for whistleblowers to submit reports anonymously, as required by the European Whistleblower Directive. When making an anonymous report through the platform, it is important that the reporter notes or remembers the case number and the verification code, as this is the only way to access the report afterwards and to communicate with the case manager. As an organization we are obliged to give feedback to the reporter on the status of the report. To be able to give this feedback, it is important that we can contact the reporter via the platform. If a telephone or written report does not contain contact details, we are unable to provide the required feedback to the reporter.
Reporters who do not wish to use the internal whistleblower system can opt for an external channel. External reports can be made to the Federal Ombudsman.
In order to process a report in the best possible way, the following information must be provided with each report:
The report is received and handled by an independent external partner: BDO. Upon receipt of the report, BDO checks whether the report falls within the scope of the Whistleblower Policy. When this is not the case, BDO will inform the reporter and ask him/her to contact the appropriate department within the organization (e.g. HR) or external authorities. Within 7 days after receipt of the report, the reporter will be informed of the acceptance or refusal of the report by BDO, either by telephone, letter or via the platform. To the extent possible, all communication between the reporter and BDO will be done via the secure Whistleblower Platform.
When the report is accepted, an internal case handler is appointed who starts an investigation based on the content of the report. Within three months after acceptance of the report, BDO informs the notifier of the status of the investigation. The notifier has the right to be informed of the status of the investigation. However, the notifier has no right to be informed of the entire contents of the investigation.
The European Whistleblowing Directive requires that the persons named in the report must be given an opportunity to be heard in due time in order to explain their side of the facts, taking into account the anonymity and confidentiality of the report and where this would not be harmful to the investigation.
When the investigation is complete, the reporter is informed of the outcome.
The persons named in the report must be informed in due time of the termination of the investigation, taking into account the anonymity and confidentiality of the report.
If the reporter raises a concern, the confidentiality of the identity will be ensured in accordance with applicable laws and regulations. The identity will not be disclosed to persons other than those authorized to receive or follow up reports without your express consent. This also applies to all other information from which the identity can be (in)directly derived. The identity may only be disclosed if there is a necessary and proportionate obligation imposed by EU or national legislation in the context of investigations by national authorities or legal proceedings (for example, in order to protect the rights of the defense of the person concerned in a judicial investigation).
If the hearing of a person involved in the report may jeopardize the confidentiality of the report, the person making the report will be contacted in the first instance.
No whistleblower, as defined in the scope, who reports an incident can be punished or be the subject of any discriminatory measure because he or she made a report through the whistleblowing system. We do not permit any retaliation against those who report a breach or suspected breach of the rules or guidelines.
Matexi NV, Abacus Group NV and Sibomat NV as data controllers
With this declaration (hereinafter referred to as “Declaration”) we wish to inform you why and how the Matexi entities listed above (hereinafter referred to as “we”) collect and process your personal data within the framework of the whistleblowing system.
As the data controller, we are responsible for the processing of personal data that we retrieve and use for whistleblowing purposes.
In any case, we take measures to ensure that you:
By “personal data” we mean any information relating to living natural persons. When we receive a report from you, a file is created containing the details of your report. This file contains your identity, contact details and any other information you have given us about the person involved in the complaint. We will treat the information provided as confidential.
You can contact us anonymously if you wish, but the chances of us being able to investigate possible wrongdoing are greater if we can be sure that the person making the report is in a position to make an informed submission. It also means that we are better able to provide feedback on any action we have taken. In any case, we guarantee confidentiality and anonymity, should the person making the report wish to remain anonymous.
We will treat the information you provide as confidential and will not disclose it without legal justification. In the event of a further investigation and contact with other persons within or outside the organization, certain elements relating to the report may need to be disclosed. If certain information in the report may not be disclosed in the context of an investigation, please indicate this explicitly in the report.
Where possible, we will provide you with general feedback on the actions we take as a result of your report and the investigation carried out. We will also publish information in an annual report on all actions taken as a result of disclosures by whistleblowers. This report will only contain generic information in order to protect the identity of whistleblowers.
We only use your personal information to handle your complaint. We collect and publish statistics with information such as the number of complaints we receive, but not in a form that identifies anyone.
As a controller, we do not intend to collect and process personal data of minors or so-called sensitive data:
We need sufficient information from you to investigate your protected disclosure to us, including any evidence you may have to support it.
We need to know the details of your complaint so that we can make a decision on the organization’s compliance with the relevant legislation and fulfil our obligations.
Personal data contained in whistleblower reports on topics related to an incident are processed on the basis of legal obligation, as this information is necessary for compliance with the Directive 2019/1937, i.e. to assess whistleblower reports and conduct possible investigations.
By accessing and using the whistleblowing system in an identified manner, the whistleblower consents to the processing of his/her personal data for the purposes indicated in this Whistleblowing Policy.
In the first instance, only BDO has access to the personal data mentioned in the report, together with an internal back-up case manager. These personal data can be shared with designated case handlers in the context of an investigation.
In case of necessity (such as a technical problem), temporary access can be granted to Whistlelink, the external party that makes the whistleblowing platform available and that acts as (sub)processor. Both BDO and Whistlelink have taken technical, organizational and contractual measures to ensure that your personal data are only processed and used for the purposes mentioned in this document.
Only if we are legally obliged to do so may your personal data be disclosed to supervisory authorities, tax authorities and investigative bodies.
Your data will not be stored and processed outside the European Union and we will ensure that minimum legal requirements and security standards are met at all times.
Apart from the above-mentioned cases, your personal data will never be passed on or made available to third parties and will only be used for our purposes.
Personal data obtained in the context of whistleblowing services shall be retained for as long as necessary for the processing of the report, including any consequences thereof, and in line with internal retention periods.
We have implemented generally accepted technological and operational security standards to protect personal data from unauthorized loss, misuse, alteration or destruction.
The whistleblowing system has been set up so that only the persons designated to receive, analyze and process reports will be designated as data processors or persons specifically designated in accordance with Article 28 of the General Data Protection Regulation (GDPR), and will guarantee the full confidentiality of the personal data provided in accordance with the most appropriate security measures implemented for that purpose.
To exercise the above rights, please refer to the whistleblowing platform and your personal case number and verification code, where you can submit your request.
When exercising your right, please clearly indicate the right you are invoking and the processing(s) to which you object or wish to withdraw consent. Always be as specific as possible when exercising your rights.
This request is free of charge, except when we consider that the request is manifestly unfounded or excessive (as in the case of a repeated request).
For each additional copy requested, we may also charge a reasonable fee based on the administration costs.
The request for a copy of the data shall be handled within one month. This period may be extended by two months, taking into account factors such as the complexity and number of requests. In the event of an extension of the deadline, you will be notified and informed of the reasons for the extension.
If data is adjusted, changed or deleted, we will communicate this with the persons to whom this data has been provided (such as the case managers and case handlers of the whistleblowing report), unless this is not possible or involves a disproportionate effort. When the data is needed to fulfil a legal obligation, this data cannot be deleted.
For questions or complaints about our processing of personal data, about the exercise of your rights or about this Declaration, we also refer you to our whistleblower platform and your personal case number. In this way, we can ensure the confidentiality of communications.
We strive to find a fair solution to any complaint or concern about privacy. However, if you feel that we have not been able to help you with your complaint or concern, you have the right to lodge a complaint with the data protection authority of your country of residence via their website.
Belgian residents can lodge a complaint with the Belgian Data Protection Authority. All information can be found at https://www.dataprotectionauthority.be/ .
We may amend or supplement this statement as we deem necessary.
If any significant changes are made to this Declaration, the date on which it is amended will be updated.
We also recommend that you review this Statement regularly to understand how we process and protect personal data.