1 Linde Integrity Line Process and Data Protection Policy 1 July 2007
2 Page 2 of 10 Table of Contents Preamble 3 1 Scope of application 3 2 Definitions 3 3 Submitting Reports Regular Channels 3 4 Submitting Reports - Integrity Line 4 5 How Integrity Line Reports are handled 6 6 Processing Personal Data collected through the Integrity Line 7 7 Special precautions for processing of sensitive data 8 8 Protecting the reporting Stakeholder 8 9 Protecting the incriminated person and third parties 9 10 Access, rectification and deletion of personal data 9 11 Notification to data protection officer Qualification of LCF and Linde IC Information requirements Final provisions 10
3 Page 3 of 10 Preamble (A) (B) (C) (D) (E) This Process and Data Protection Policy Integrity Line (the Policy ) shall provide guidance in respect of reporting processes regarding incidents of vital interest to Linde, its employees and shareholders and the wider community. The Policy will also describe the Linde Group Integrity Line (the Integrity Line ) as referred to in the Code of Ethics of Linde Group ( CoE ), in particular its purpose and operation. Employees of Linde Group are requested to comply with existing statutory obligations and high ethical standards. The CoE reflects the increasing requirements of all internal and external groups of interest ( Stakeholders ) with a view towards the integrity and appropriate business conduct of Linde Group. The purpose of this Policy and the Integrity Line is to provide for means of submitting and processing reports voluntarily made by Stakeholders in respect of matters addressed in the CoE, this Policy or statutory rules. The Group-wide uniform and sanction-free notification system operated under the CoE and this Policy is necessary to effectively support the management of each Linde Group entity and the Linde Group in respect of the detection, prevention and protection against impairing and unlawful activities against the financial interests and the reputation of Linde Group. In order to secure a group-wide uniform reporting system and in order to also allow less sizeable Linde Group entities participation in an effective reporting system, a centralized Integrity Line shall be established and be operated by Linde AG acting both for itself and on behalf of the other Linde Group entities. 1 Scope of application This Policy shall apply to reports submitted by any internal or external Stakeholder of any Linde Group entity world-wide through the means provided for in this Policy. In particular, the Policy shall provide guidance for reports to be made via the Integrity Line. 2 Definitions Unless stated otherwise herein, the terminology of the EC Data Protection Directive (Directive 95/46/EC of 24 October 1995) shall apply to this Policy. 3 Submitting Reports Regular Channels 3.1 Reports are generally made through the regular information and reporting channels, in particular to line managers and supervisors, quality control personnel and internal auditors. While this Policy acknowledges the regular information and reporting channels as a main pillar, it does not regulate or limit how such reports are handled and/or processed.
4 Page 4 of Reports through regular channels can be made on any Linde business related matters involving risks to the Linde Group, its employees or the wider community. For example, reports can be made in particular in respect of the following matters: Violations of financial recording and reporting requirements Criminal activities in relation to Linde property (e.g. theft, embezzlement, fraud); Violations of anti-trust, unfair competition and international trade laws; Accepting forbidden advantages / granting forbidden advantages (acts against free competition); Violations of safety, health and environmental laws and policies, of product and service quality control rules; Violations of data protection laws; Violations of confidentiality obligations; Violation of the integrity of business relations; Violations of intellectual property; Unlawful discrimination of people; Unlawful harassment of people; Conflicts of interests between Linde and its employees. 4 Submitting Reports - Integrity Line 4.1 In the fields of accounting, internal accounting controls, auditing matters, bribery, banking and financial crime, where the interests not only of the local Linde entity but of several Linde entities or of the entire Linde Group are affected, reports may also be made through the Integrity Line, i.e., through the following means ( Integrity Line Reports ). Using the Integrity Line is voluntary, and any decision not to use the reporting means provided for by the Integrity Line is not sanctionable Telephone: Reports can be made 24 hours / 7 days by phone. The telephone lines are operated by a third party service provider operating in the European Union. Local freephone numbers will be made available by the third party service provider with an EU based interpreter service available. For countries where a local freephone number is unavailable, the service provider has established a dedicated phone number for receiving reverse-charges calls from stakeholders. All calls are directed to the service provider in the first instance. The service provider acts as a data processor on behalf of Linde AG, pursuant to a data processor agreement in accordance with the requirements of both the EC Data Protection Directive and German data protection laws.
5 Page 5 of 10 The third party service provider logs the calls, enters the report into a summary and forwards the summaries by way of secured to the address which is maintained by the Linde Compliance Facilitator. The third party service provider will immediately delete all details of the report upon receiving confirmation of receipt from the Linde Compliance Facilitator Mail and Telefax: Written reports can be sent to the attention of the Linde Compliance Facilitator (by mail service to Leopoldstrasse 252, Munich, Germany, or by telefax to +49 (0) ) Reports can also be made via to a dedicated inbox operated by the Linde Compliance Facilitator Only the Linde Compliance Facilitator and the members of the Linde Integrity Committee have access to this mailbox Internet Portal: Reports can be made through a secure connection, which is in accordance with state of the art technology, onto a dedicated Internet portal designated to receive concerns of Stakeholders (web address to be confirmed). The Linde Compliance Facilitator will receive the report by way of a secured system-generated which is sent to the mailbox. Providing for an additional (non-exclusive) opportunity to report alleged irregularities in the areas of accounting, internal accounting controls, auditing matters, bribery, banking and financial crime, the Integrity Line is not intended to replace Linde Group s regular information and reporting channels. Stakeholders remain encouraged to report any incidents directly to their line managers, supervisors, quality control personnel or internal auditors, and to submit reports via the Integrity Line only after they have concluded this to be the more appropriate means in respect of the incident being reported (in particular if the incident reported bears relevance for several Linde entities or the Linde Group). 4.2 The Stakeholder submitting an Integrity Line Report through the Telephone or the Internet Portal will be informed, at the time of establishing the first contact with the Integrity Line, about the purpose of the Integrity Line and the scope of issues on which reports can be made, that reports on matters other than accounting, internal accounting controls, auditing, bribery, banking and financial crime shall be made through the regular information and reporting channels, that Linde encourages identified reports in order to be able to review a matter and to protect the involved persons; the reporting Stakeholder, therefore, will be asked to disclose his or her identity, that his or her identity will be kept confidential at all stages of the process and will not be disclosed to third parties,
6 Page 6 of that his or her identity may need to be disclosed to people conducting the inquiry into his or her report as well as to the relevant people involved in any subsequent judicial proceedings or law enforcement investigations instigated as a result of the inquiry conducted, that the reporting Stakeholder shall maintain confidentiality of the content of the report made via the Integrity Line, that false reports made in bad faith may lead to disciplinary actions. 4.3 Linde does not encourage anonymous reports, regardless of the means through which the report is submitted. If the Stakeholder has expressed an intention to remain anonymous, he or she will be informed that reporting anonymously may have effects on the level of the investigation undertaken in respect of the reported incident. Where the reporting Stakeholder has remained anonymous, the Linde Compliance Facilitator will first make a determination as to whether the report merits further review or inquiry. 4.4 Any abuse of the Integrity Line, including but not limited to the reporting of alleged irregularities in bad faith, may result in disciplinary action or legal proceedings against the employee who abused the Integrity Line. The use of the Integrity Line in good faith, including where subsequent determinations are made that the allegations reported are not true or accurate or where allegations do not trigger any particular further action, shall not expose the reporting Stakeholder to sanctions and shall not affect his position in any way. 4.5 Following applicable requirements, a review was undertaken to limit the number or type or categories of persons (internal or external Stakeholders) eligible for reporting alleged misconduct through the Integrity Line and / or the number or type or categories of persons who may be reported through the Integrity Line. Any such limitation or exclusions are specified in Country or Entity Annexes to this Policy, which Annexes apply to the respective Country or Local Linde group entity referred to in the Annex. 5 How Integrity Line Reports are handled 5.1 Reports are first processed by the Linde Compliance Facilitator ( LCF ), in this function acting for all Linde Group entities. The LCF shall be a dedicated employee working for Linde Group. 5.2 The Linde Integrity Committee ( Linde IC ) has been set up with a view towards further safeguarding the integrity of the processing of reports. The Linde IC consists of up to four (4) members formed of representatives of the following Group divisions: Group Internal Audit; Group Legal; Group Corporate Responsibility; and Group HR. The Linde IC will oversee the processes, including the review of reports and determinations on further process. To the extent that the Group divisions belong to different legal entities within the Linde Group, notifications (and the respective personal data which they contain) will be transferred not only within one Group entity but also (within the limited number of persons forming the Linde IC) from one Group entity to another Group entity. 5.3 The LCF will record all reports on a case management system software operated by Linde AG; this case management software can be accessed only by the LCF and the members of the Linde IC. Following a
7 Page 7 of 10 determination about the future processing of a report, the LCF will execute the determinations as follows: Irrelevant or unsubstantiated reports will be deleted from the system without undue delay All other reports will be forwarded to the appropriate local level. The report will be deleted from the case management software, except for the data required for verification with appropriate local levels that the report is being dealt upon and any necessary action taken Where the contents of a report merits further processing on a central level, the report will continue to be processed under the authority of the LCF and the Linde IC Where a report submitted through the Integrity Line does not relate to the areas of accounting, internal accounting controls, auditing matters, bribery, banking and financial crime, the facts reported can be forwarded to the appropriate local levels, unless prohibited by applicable law, when the vital interests of the data subject or moral integrity of employees are at stake, or when, under national law there is a legal obligation to communicate the information to public bodies or authorities competent for the prosecution of crimes. 5.4 The LCF and the members of the Linde IC are bound by appropriate confidentiality obligations, including vis-à-vis the management, other personnel, and third parties (except where immediate conservatory measures would be required and except for legally prescribed disclosure requirements). 5.5 Notwithstanding the subsequent involvement, where required, of competent personnel of the respective Linde Group entity which employs an internal Stakeholder / reported employee; public authorities in the event of criminal / administrative prosecutions or civil proceedings; Linde Group management in exceptional cases where the notified activity is of substantial interest to the Linde Group as such, incoming notifications will be handled only by the Linde IC. 5.6 All data processing systems used in connection with the Integrity Line will provide for adequate technical and organisational precautions to preserve security and confidentiality of personal data. 6 Processing Personal Data collected through the Integrity Line 6.1 Personal data shall only be collected, stored, transferred or otherwise used in the event the reporting Stakeholder himself or herself provides respective personal data relating to himself or herself or to the reported person. Where certain personal data (e.g. if telephone numbers of incoming calls are not suppressed) are brought to the attention of the Integrity Line through its technical systems, such personal data will not be stored without the explicit consent of the reporting Stakeholder. 6.2 Personal data of the following individuals may be collected, stored, transferred and otherwise used in line with this Policy:
8 Page 8 of 10 Reporting internal/external Stakeholder: name, address, contact details (telephone, , facsimile), personal details provided as part or in relation to the report, relation to Linde Group (internal/external), employment position, department within Linde Group entity; Reported person: personal details provided as part or in relation to the report and the reported incident; Third parties that are named in a report: personal details provided as part or in relation to the report and the reported incident. 6.3 All personal data received through the Integrity Line are deleted at the latest within four (4) weeks following completion of the review process. To the extent disciplinary or court action or law enforcement investigations follow completion of the review process, this period may be prolonged for such period as required for the respective actions. Where disciplinary actions have been taken, a record of the action may be taken to the personnel file as customary. 7 Special precautions for processing of sensitive data 7.1 Unless personal data relating to suspicions in matters of criminal or administrative offences is concerned (in which case Section 7.2 shall apply), data relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, health or sexual orientation (sensitive data) will not be collected, stored, used or processed; where a report contains such information, the respective data will be immediately and irrevocably deleted from the system. 7.2 To the extent reports contain personal data relating to suspicions in matters of criminal or administrative offences, such personal data shall only be processed (i) if this is allowed under the local laws applicable for the reported person, or (ii) as far as this is necessary for the preparation of Linde Group s or the relevant Group entity s potential litigation in this matter. Personal data concerning criminal or administrative offences shall be deleted immediately if Linde Group is not able to prove their correctness within a reasonable time frame. 8 Protecting the reporting Stakeholder 8.1 Linde AG as the operator of the Integrity Line guarantees to the reporting Stakeholder the confidentiality of his or her report and to protect him or her against retaliation if he or she has made a report in good faith. 8.2 A reporting stakeholder s identity shall only be disclosed to the LCF and to the Linde IC. However, if reports are made via the Integrity Line outside the scope of accounting, internal accounting controls, auditing matters, bribery, banking and financial crime or do not have group-wide relevance, taking into account all circumstances, and are, thus, passed on to the appropriate local level, the Stakeholder s identity may also be disclosed to the local line manager/supervisor. Any disclosure of the Stakeholder s identity to other persons shall be subject to the reporting Stakeholder s prior consent or the fulfilment of legal obligations. The reporting Stakeholder s identity may need to be disclosed to the relevant
9 Page 9 of 10 people involved in any further investigation or subsequent judicial proceedings initiated as a result of the report. 9 Protecting the incriminated person and third parties 9.1 This Policy undertakes to balance interests between the rights of all parties concerned, including Linde Group s legitimate investigation needs. Each reported person will be informed without undue delay about the entity responsible for operating the Integrity Hotline; the facts he or she is accused of; the departments or services which might receive the report within his or her own company or in other entities or companies of the Group of which the company is part (including Linde Group); and how to exercise the rights of access and rectification. However, where there is substantial risk that such information would jeopardise the ability of Linde Group to effectively investigate the allegation or gather the necessary evidence, notification to the incriminated individual or third party will be delayed as long as such risk exists. Notifications will not be made in respect of irrelevant or unsubstantiated allegations which are immediately deleted from the system. 9.2 After the reported person has been informed of a report, he or she will be given the opportunity to present his or her view of the facts on which the report is based. 10 Access, rectification and deletion of personal data 10.1 The reporting Stakeholder, the reported person and, if applicable, a third party whose personal data has been processed, shall have the right to access all personal data registered on him or her with a view towards the respective report in order to check its accuracy and rectify it if it is inaccurate, incomplete or outdated. All such requests shall be directed to the LCF. Linde AG shall have the right, subject to applicable law, to restrict the exercise of these rights on a case-by-case basis in order to ensure the protection of the rights and freedoms of others involved in the scheme, in particular the reporting Stakeholders The reporting Stakeholder, the reported person and, if applicable, a third party whose personal data has been processed while accepting and investigating a report, shall have the right to rectify or erase their data where the processing of such data does not comply with the provisions of the German Federal Data Protection Act or with the provisions of his or her local data protection laws, in particular because of the incomplete or inaccurate nature of the data.
10 Page 10 of The reported Stakeholder has a right to object to the processing of personal data in relation to a report on compelling legitimate grounds relating to his particular situation, if his or her interests outweigh the interests of Linde Group towards a processing Replies to a request for access, correction or removal of data shall be provided as soon as reasonably practical but in any case no later than four weeks after the request. To the extent local laws require replies to be made within shorter periods, the local law provisions shall prevail. 11 Notification to data protection officer This Policy shall be notified to the data protection officers of Linde AG and, where applicable, of Linde Group entities. 12 Qualification of LCF and Linde IC Linde Group shall ensure that the LCF and the members of the Linde IC are adequately trained in the operation of the Integrity Line, i.e. in the handling of reports, and are also made aware of the respective statutory framework and the recommendations embodied in Opinion 1/2006 on the application of EU data protection rules to internal whistleblowing schemes in the fields of accounting, internal accounting controls, auditing matters, fight against bribery, banking and financial crime, adopted by the Article 29 Data Protection Working Party on 1 February Information requirements This Policy shall be made available on Linde Group s intranet or by other means which allow employees to easily access it, and as required by applicable law. 14 Final provisions 14.1 This Policy has a complimentary character and has no prejudice to any applicable national legislation. Where the terms of the Policy are stricter than the applicable national legislation or provide additional safeguards, rights or remedies for employees, the terms of the Policy shall apply Personal data will not be transferred into jurisdictions other than EU member countries unless an appropriate level of data protection, either in the respective country (e.g. safe countries) or within the local Linde Group company (e.g. implementation of EC model clauses or Binding Corporate Rules), has been adequately secured This Policy shall come into force on 1 July 2007 to the extent that required approvals have been obtained and mandatory processes been complied with. (President and Chief Executive Officer) (Employment Director and Executive Board Member)
Corporate Policy. Data Protection for Data of Customers & Partners. 02 Preamble Ladies and gentlemen, Dear employees, The electronic processing of virtually all sales procedures, globalization and growing
Data Protection Processing and Transfer of Personal Data in Kvaerner Binding Corporate Rules Public Document 1 of 19 1 / 19 Table of contents 1 Introduction... 4 1.1 Scope... 4 1.2 Definitions... 4 1.2.1
Data Protection Policy. Data Protection Policy Foreword 2 Foreword Ladies and Gentlemen, In the information age, we offer customers the means to be always connected, even in their cars. This requires data
Align Technology Data Protection Binding Corporate Rules Controller Policy Contents INTRODUCTION 3 PART I: BACKGROUND AND ACTIONS 4 PART II: CONTROLLER OBLIGATIONS 6 PART III: APPENDICES 13 2 P a g e INTRODUCTION
Guidelines on Data Protection Draft Version 3.1 Published by National Information Technology Development Agency (NITDA) September 2013 Table of Contents Section One... 2 1.1 Preamble... 2 1.2 Authority...
PRESIDENT S DECISION No. 40 of 27 August 2013 Regarding Data Protection at the European University Institute (EUI Data Protection Policy) THE PRESIDENT OF THE EUROPEAN UNIVERSITY INSTITUTE, Having regard
Binding Corporate Rules ( BCR ) Summary of Third Party Rights This document contains in its Sections 3 9 all provision of the Binding Corporate Rules (BCR) for Siemens Group Companies and Other Adopting
Processor Binding Corporate Rules (BCRs), for intra-group transfers of personal data to non EEA countries Sopra HR Software as a Data Processor Sopra HR Software, 2014 / Ref. : 20141120-101114-m 1/32 1.
1 AIRBUS GROUP BINDING CORPORATE RULES 2 Introduction The Binding Corporate Rules (hereinafter BCRs ) of the Airbus Group finalize the Airbus Group s provisions on the protection of Personal Data. These
Opinion on a Notification for Prior Checking received from the Data Protection Officer of the European Training Foundation Regarding the Processing Operations to Manage Calls for Tenders Brussels, 22 April
Data Protection Standard Processing and Transfer of Personal Data in Aker Solutions (Binding Corporate Rules) Aker Solutions www.akersolutions.com Table of contents 1 Introduction... 3 1.1 Scope... 3 1.2
Corporate Guidelines for Subsidiaries (in Third Countries ) *) for the Protection of Personal Data *) For the purposes of these Corporate Guidelines, Third Countries are all those countries, which do not
Akzo Nobel N.V. Executive Committee Rules 7.08.2 Privacy Rules for Customer, Supplier and Business Partner Data Source Directive Content Owner Directive 7.08 Protection of Personal Data AkzoNobel Legal
Page 1 sur 155 Proposal of regulation Com 2012 11/4 Directive 95/46/EC Conclusion Legal nature of the instrument Règlement Directive Directly applicable act in internal law 91 articles 34 articles Art.
UNIVERSITY OF MARYLAND WHISTLEBLOWER POLICY ON REPORTING FISCAL IRREGULARITIES, ILLEGAL ACTIVITY, AND VIOLATIONS OF POLICY UM Policy VIII-7.11(B) Effective Date: June 1, 2011 I. Purpose and Scope of Policy
Corporate Data Protection Code of Conduct for the Protection of the Individual s Right to Privacy in the Handling of Personal Data within the Deutsche Telekom Group 2010 / 04 We make ICT strategies work
Information Governance Policy 1 Introduction Healthwatch Rutland (HWR) needs to collect and use certain types of information about the Data Subjects who come into contact with it in order to carry on its
PART I: INTRODUCTION AND BACKGROUND Purpose This Data Protection Binding Corporate Rules Policy ( Policy ) establishes the approach of Fluor to compliance with European data protection law and specifically
Safeguarding Personally Identifiable Information A Summary of GSK s Binding Corporate Rules The Issue The processing of Personally Identifiable Information (PII) 1 and Sensitive Personally Identifiable
Act CLXV of 2013 on Complaints and Public Interest Disclosures The National Assembly, committed to increasing public confidence in the functioning of public bodies, recognising the importance of complaints
AlixPartners, LLP General Data Protection Statement GENERAL DATA PROTECTION STATEMENT 1. INTRODUCTION 1.1 AlixPartners, LLP ( AlixPartners ) is committed to fulfilling its obligations under the data protection
AGREEMENT BETWEEN THE UNITED STATES OF AMERICA AND THE EUROPEAN UNION ON THE PROTECTION OF PERSONAL INFORMATION RELATING TO THE PREVENTION, INVESTIGATION, DETECTION, AND PROSECUTION OF CRIMINAL OFFENSES
Data protection compliance checklist What is this checklist for? This checklist is drawn up on the basis of analysis of the relevant provisions of European law. Although European law aims at harmonizing
FIRST DATA CORPORATION SUMMARY: BINDING CORPORATE RULES FOR DATA PRIVACY AND PROTECTION SUMMARY: BINDING CORPORATE RULES FOR DATA PRIVACY AND PROTECTION v 1.3 Supersedes: v 1.2 Summary Owner: Corporate
Supplier Instructions for Processing of Personal Data 1 PURPOSE SOS International has legal and contractual obligations on the matters of data protection and IT security. As a part of these obligations
Ryanair Holdings PLC Code of Business Conduct & Ethics 2012 1 TABLE OF CONTENTS 1. INTRODUCTION 3 2. WORK ENVIRONMENT 3 2.1 Discrimination & Harassment 3 2.2 Privacy of Personal Information 3 2.3 Internet
GENERAL ELECTRIC COMPANY EMPLOYMENT DATA PROTECTION STANDARDS December 2005 2 GENERAL ELECTRIC COMPANY EMPLOYMENT DATA PROTECTION STANDARDS I. OBJECTIVE... 1 II. SCOPE... 1 III. APPLICATION OF LOCAL LAWS...
Page: 1 di 16 CODE OF ETHICS Previous version: n. 00 Issued and approved: Board of Directors of DSN Date: 29 Maggio 2008 Page: 2 di 16 INTRODUCTION d'amico Società di Navigazione S.p.A. (hereinafter the
Fraud Risk Management Procedures 1. Introduction KCE Electronics Public Company Limited ( KCE or the Company ) is committed to achieving the highest levels of business integrity, morals and transparency
Personal Data Act (1998:204); issued 29 April 1998. Be it enacted as follows. General provisions Purpose of this Act Section 1 The purpose of this Act is to protect people against the violation of their
Management Circular No: GCSL/01.2013 Revised: 01/2014 WHISTLE BLOWING POLICY & PROCEDURES All rights reserved. No part contained in this Policy may be reproduced or copied in any form without the written
Data Protection A Guide for Users EUROPEAN PARLIAMENT Contents Contents 3 Introduction 4 Data protection standards making a difference in the European Parliament 5 Data protection the actors 6 Data protection
Privacy Rules for Customer, Supplier and Business Partner Data Contact details Philips Privacy Office c/o Philips International BV, Amstelplein 2, 1096 BC, the Netherlands. E-mail: Philips_Privacy_Office@philips.com
The University of Chicago Medical Center Compliance Manual (UCHHS;BSD;UCPP) Reports of Compliance Concerns and Violations Issued: November 1, 1999 Reports of Compliance Concerns and Violations Revised:
SUPPLEMENTARY INTERNAL RULES IMPLEMENTING REGULATION (EC) N 45/2001 IN RELATION TO THE DATA PROTECTION OFFICER 10 September 2009 page 1 / 8 SUPPLEMENTARY INTERNAL RULES IMPLEMENTING REGULATION (EC) N 45/2001
Code of Conduct for Evonik s employees Table of Contents Scope and Objectives 4 Business Conduct 6 Managing Business Transactions 6 Business Relations 8 Conflicts of Interest 10 Insider Trading 11 Maintaining
Align Technology Data Protection Binding Corporate Rules Processor Policy Confidential Contents INTRODUCTION TO THIS POLICY 3 PART I: BACKGROUND AND ACTIONS 4 PART II: PROCESSOR OBLIGATIONS 6 PART III:
Whistleblowing Policy China Resources Power Holdings Company Limited Adopted By the Board: 19 March 2012 Room 2001-05, 20/F, China Resources Building 26 Harbour Road, Wanchai, Hong Kong www.cr-power.com
OBJECTS AND REASONS This Bill would provide for (a) the regulation of the collection, keeping, processing, use or dissemination of personal data; (b) the protection of the privacy of individuals in relation
CENTER FOR INSTRUCTION TECHNOLOGY AND INNOVATION (CiTi) MEDICAID BILLING COMPLIANCE PROGRAM INTRODUCTION This Program is an integral part of the CiTi s ongoing efforts to achieve compliance with federal
Tax-Exempt Organizations Alert: Whistleblower Policies Form 990, the annual information return form filed by public charities and other tax-exempt organizations, asks nonprofit organizations to state whether
The Manitowoc Company, Inc. DATA PROTECTION POLICY 11FitzPatrick & Associates 4/5/04 1 Proprietary Material Version 4.0 CONTENTS PART 1 - Policy Statement PART 2 - Processing Personal Data PART 3 - Organisational
Code of Busines ss Conduct and Ethics 1. Introduction a. This Code of Business Conduct and Ethics (the Code ) applies to all directors, officers, employees and third parties employed or directly engaged
Whistle Blower Policy 1 Applicability This policy is applicable to: - All Employees, Business Associates, Contract Consultants (Retainers), Academic Interns and ACE Associates of Tata Consultancy Services.
Reference number Approved by Information Management and Technology Board Date approved 14 th May 2012 Version 1.1 Last revised N/A Review date May 2015 Category Information Assurance Owner Data Protection
WHISTLEBLOWER POLICY FOR ACCOUNTING, INTERNAL ACCOUNTING CONTROLS, OR AUDITING MATTERS 1. POLICY/STRUCTURE STANDARD: 1.1. It is the responsibility of the Audit Committee (the "Committee") of Markham Stouffville
Allianz Group Code of Conduct Code of Conduct for Business Ethics and Compliance Group Compliance Preamble Allianz Group is based upon the trust which our clients, shareholders, employees and public opinion
Business Ethics Policy Page 1 of 12 Preface and document control This document is intended to provide information in respect of G4S Group Head Office policy, procedure, standards or guidance and will be
LEGISLATION COMMITTEE OF THE CROATIAN PARLIAMENT 2300 Pursuant to its authority from Article 59 of the Rules of Procedure of the Croatian Parliament, the Legislation Committee determined the revised text
Title Author Approved By and Date Review Date Mike Pilling Latest Update- Corporation May 2008 1 Aug 2013 DATA PROTECTION ACT 1998 POLICY FOR ALL STAFF AND STUDENTS 1.0 Introduction 1.1 The Data Protection
MALAYSIAN TECHNOLOGY DEVELOPMENT CORPORATION SDN. BHD. WHISTLEBLOWING POLICY AND GUIDELINES 16 March 2012 Version 1.0 TABLE OF CONTENTS WHISTLEBLOWING POLICY Page WHISTLEBLOWING GUIDELINES B1 DEFINITION
HERTSMERE BOROUGH COUNCIL DATA PROTECTION POLICY October 2007 1 1. Introduction Hertsmere Borough Council ( the Council ) is fully committed to compliance with the requirements of the Data Protection Act
QUMU CORPORATION CODE OF BUSINESS CONDUCT AND ETHICS POLICY INTRODUCTION Our Commitment The Code Applicability of Code We are committed to conducting our business lawfully and ethically. We promote a culture
Binding Corporate Rules Privacy (BCRP) Binding Corporate corporate Rules rules Privacy for (BCRP) the protection of personal Telekom Group rights in the handling of personal data within the Deutsche Telekom
Executive Director s Circular ETHICS OFFICE Date: 31 January 2008 Circular No.: ED2008/003 Revises: Amends: ED2006/011 Supersedes: Protection against retaliation for reporting misconduct and for cooperating
POUGHKEEPSIE CITY SCHOOL DISTRICT PUPIL PERSONNEL DEPARTMENT S MEDICAID BILLING COMPLIANCE PROGRAM AND PROCEDURES INTRODUCTION This Poughkeepsie City School District Medicaid Billing Compliance Program
Minerals Technologies Inc. Summary of Policies on Business Conduct Lawful and Ethical Behavior is Required at All Times This Summary of Policies on Business Conduct (this "Summary") provides an overview
Office of the Data Protection Commissioner of The Bahamas Data Protection (Privacy of Personal Information) Act, 2003 A Guide for Data Controllers 1 Acknowledgement Some of the information contained in
Alliance for Better Health Care, LLC ORGANIZATIONAL POLICY FALSE CLAIMS ACT AND WHISTLEBLOWER PROVISIONS Page 1 of 5 EFFECTIVE DATE: NUMBER: March 2015 ORIGINATOR: Corporate Compliance Officer CONCURRENCE:
FIDELITY APPLICANT PRIVACY AND PROTECTION NOTICE Last Updated: November 2012 FMR LLC and its affiliated entities ( Fidelity ) value your trust and are committed to the responsible management, use and protection
90 Corporate ICT & Data Management Data Protection Policy Classification: Unclassified Date Created: January 2012 Date Reviewed January Version: 2.0 Author: Owner: Data Protection Policy V2 1 Version Control
ROEHAMPTON UNIVERSITY DATA PROTECTION POLICY Originated by: Data Protection Working Group: November 2008 Impact Assessment: (to be confirmed) Recommended by Senate: 28 January 2009 Approved by Council:
Code of Business Conduct and Ethics Strike Energy Limited ACN 078 012 745 Approved: 2 December 2014 Contents 1. General... 1 2. Responsibilities to shareholders and the financial community generally...
15 December 2015 Crime Prevention and Anti-Fraud Policy Content 1. Purpose 3 2. Scope 3 3. Action Principles 3 4. Control, Evaluation, and Revision 4 Look after the Environment. Print in black and white,
BARRICK GOLD CORPORATION Code of Business Conduct and Ethics Introduction Barrick s success is built on a foundation of personal and professional integrity and commitment to excellence. As a company and
Whistleblower policy Document Owner Head of Legal Approval Board of Directors Date Last Approved 12 December 2012 Effective From Date 13 December 2012 Date of Next Review and Approval Q4 2014 Access Level
PERSONAL INJURIES ASSESSMENT BOARD DATA PROTECTION CODE OF PRACTICE ADOPTED ON 9 th January 2008 TABLE OF CONTENTS Page No. 1 Introduction...3 2 Glossary...3 3 Types of Personal Data held by Us...3 4 Obligations
THE FCA INSPECTOR GENERAL: A COMMITMENT TO PUBLIC SERVICE FORWARD I am pleased to introduce the mission and authorities of the Office of Inspector General for the Farm Credit Administration. I hope this
VIGIL MECHANISM / WHISTLE BLOWER POLICY OF ESTEEM BIO ORGANIC FOOD PROCESSING LIMITED (Company) 1. PREMBLE 1.1. Section 177 of the Companies Act, 2013 requires every listed company to establish a vigil
February, 2015 Page: 1 Revision History Revision # Date Author Sections Altered Approval/Date Rev 1.0 02/15/15 Ben Price New Document Rev 1.1 07/24/15 Ben Price Verify Privacy Grid Requirements are met
Code of Business Conduct Purpose and Scope Vicor Corporation (together with its subsidiaries and divisions, Vicor, the Company, we, and the possessive forms thereof) is committed to the highest standards
FERROVIAL CORPORATE CODE OF ETHICS Corporate Code of Ethics Our complete commitment to the ethics and integrity of our workforce highlights us as a serious company committed to its stakeholders interests.
Global investigations: what employers need to know about investigating employees Plan carefully to minimise riskbe su Given increasing globalisation, multinational companies are facing new levels of risk.
INFORMATION PRIVACY STATEMENT Victoria Police is bound by the Privacy and Data Protection Act 2014 in how it manages personal information. Victoria Police is committed to protecting the personal information
Data Protection Policy 1. Introduction to the Data Protection Policy Everyone who works for Chorley Council uses personal data in the course of their duties. Chorley Council must gather and process personal
WOLTERS KLUWER COMPANY VALUES AND BUSINESS PRINCIPLES Mission statement and introduction Wolters Kluwer s customers face critical decisions every day; and the need to get them right. That is why Wolters
CATHOLIC CHARITIES OF THE ROMAN CATHOLIC DIOCESE OF SYRACUSE, NY and TOOMEY RESIDENTIAL AND COMMUNITY SERVICES Compliance Plan False Claims Act & Whistleblower Provisions Purpose/Policy/Procedures Purpose:
IMAX CORPORATION PROTOCOL FOR REPORTING SUSPECTED VIOLATIONS OF THE IMAX CODE OF ETHICS (Whistle Blower Program) November 2004 (updated February 2012) PROTOCOL FOR REPORTING SUSPECTED VIOLATIONS OF THE
Corporate Code of Conduct and Ethics Policy Approver: CEO Valid from: 26-11-13 1. INTRODUCTION CRI recognizes its responsibilities as a global services provider, and is committed to being a responsible
AS Merko Ehitus CODE OF BUSINESS ETHICS AS Merko Ehitus 1 Introduction The purpose of the Code of Business Ethics, which is described in this document, is to provide guidance to employees, directors and