This policy outlines the principles and procedures for the proper handling of whistleblowing communications in accordance with applicable legislation, including the General Data Protection Regulation (GDPR) and relevant national whistleblower protection laws. BGC - Brix Global Consulting, Lda (hereinafter "Brix IT") is committed to transparency, ethics, and compliance, and encourages internal and external stakeholders to report any irregularities or misconduct in a secure and confidential manner.
The Whistleblowing Channel is designated for reporting serious infractions such as criminal offenses, violations of legal obligations, threats to public interest, breaches of internal policies or codes of conduct, and unethical or illegal behavior within Brix IT.
This policy applies to all employees, interns, service providers, contractors, consultants, clients, partners, and any individuals who, in the context of their professional activities with Brix IT, have obtained information regarding infractions.
Whistleblowers can submit reports via:
Anonymous reports are accepted, provided they contain sufficient detail to allow investigation.
Upon receipt of a report, Brix IT will:
Only designated personnel within the Compliance, Legal, or Human Resources departments are authorized to access and process whistleblowing reports. All authorized personnel are bound by strict confidentiality obligations.
The fact-finding process will include:
Investigations will be conducted impartially and concluded within a reasonable time frame.
All efforts will be made to maintain the confidentiality of the whistleblower and the individuals involved in the report. Data security and privacy will be ensured throughout the process.
Brix IT strictly prohibits retaliation against any individual who reports concerns in good faith. Disciplinary actions will be taken against any attempt to intimidate, harass, or penalize a whistleblower.
Information disclosed through the whistleblowing channel may be shared with competent authorities if legally required or if necessary for the resolution of the matter. In such cases, confidentiality will be maintained to the greatest extent possible.
Brix IT may provide support measures to whistleblowers, such as:
Personal data included in reports will be processed strictly for the purposes of managing the whistleblowing procedure. All data processing will comply with GDPR and applicable data protection laws.
This policy does not limit or override any legal rights granted to whistleblowers by applicable laws. Whistleblowers retain the right to report directly to competent authorities where legally permitted.
Reports must include a clear description of the facts, involved parties (if known), dates, locations, and any supporting documentation. This information allows for a proper evaluation and investigation.
Brix IT promotes a culture of transparency and responsibility. All information generated through the whistleblowing process will be handled with rigor and integrity, ensuring that only substantiated and reliable findings are used in decision-making.