THE PROCEDURE FOR INTERNAL NOTIFICATIONS IN THE CAPITAL GROUP
The whistleblower protection obligations will come into force this month. Several companies operating as part of capital groups are wondering whether it is acceptable to apply a single internal notification procedure for all companies. We invite you to read our article, which addresses the most important aspects of a common internal notification procedure.
Common rules for the receipt and verification of notifications
The Whistleblower Protection Act has introduced a certain convenience for private entities belonging to a capital group within the meaning of the Competition and Consumer Protection Act, whereby it is permissible to establish a common procedure for internal notifications.
Entities belonging to a capital group within the meaning of the Competition and Consumer Protection Act include all entrepreneurs controlled directly or indirectly by a single entrepreneur, including that entrepreneur. In addition, the concept of entrepreneur, which is defined on the basis of Polish legislation, should be taken into account.
If the result of the analysis of the corporate structure indicates affiliation to a capital group, it will be acceptable to create a common procedure for internal notifications.
The key aspects of developing a common procedure are:
(1) ensuring that it complies with the provisions of the Whistleblower Protection Act.
(2) ensuring the confidentiality of the data of whistleblowers and the data allowing identification of whistleblowers.
(3) ensuring that only authorized persons participate in the process of receiving and verifying notifications.
The common procedure ensures, in particular, that the same technological solutions can be used or that the same specialized entities can assist traders in analyzing reported infringements.
However, when deciding on the introduction of solutions at the group level, European guidelines on the possibility of using common notification channels should be borne in mind. In this respect, it is explicitly indicated that, in addition to a central (group-level) notification channel, it is also necessary to ensure that notification can be made at the level of the individual entities affected by a notification.
Belonging to a capital group and the obligation to have an internal notification procedure
The whistleblower protection regulations in Poland condition the obligation to introduce an internal notification procedure in principle on the number of persons employed. Employers often wonder whether belonging to a capital group obliges them to introduce an internal notification procedure regardless of the number of persons employed. Under Polish regulations, irrespective of meeting the premise of belonging to a capital group within the meaning of the Competition and Consumer Protection Act, an entity that employs less than 50 people does not have to introduce an internal notification procedure.
Common procedure for internal notifications and protection of personal data
The common internal notification procedure does not exempt individual entities from their confidentiality and personal data protection obligations. It should be borne in mind that, irrespective of the establishment of a common internal procedure, each entity is individually responsible for ensuring the confidentiality and security of personal data provided in connection with a breach notification.
Dominika Czaplewska | 09.05.2024
Autor :
Mogą Cię zainteresować
10.03.2024
Coroczny obowiązek raportowania terminowości w płatnościach
09.26.2024
Liquidation of a limited liability company step by step