The Whistleblowing portal is adopted to manage reports of behaviors, risks, crimes, and irregularities related to or connected to the activities of the Company, in accordance with what is provided by Legislative Decree No. 24 of March 10, 2023 “Implementation of Directive (EU) 2019/1937 of the European Parliament and of the Council, of October 23, 2019, concerning the protection of persons reporting violations of Union law and containing provisions regarding the protection of persons reporting violations of national regulatory provisions.

Who can report?
Reports can be made, which will be managed in accordance with Legislative Decree 24/23, by:
subordinate workers;
workers with part-time, intermittent, fixed-term, temporary, apprenticeship, or occasional work contracts;
workers performing occasional services;
self-employed workers providing their services to the Company;
freelancers and consultants providing services to the Company;
volunteers and interns, whether paid or unpaid, working with the Company;
suppliers of goods and services to the Company;
shareholders;
individuals who, even de facto, hold functions of administration, direction, control, supervision, or representation of the Company.

WHAT CAN YOU REPORT?
There is no exhaustive or specific list of offenses that constitute the subject of a report, but actions or omissions, whether committed or attempted, that are made in violation of laws, regulations, provisions from Authorities, the Organizational Model, Management and Control according to Legislative Decree 231/2001, the Code of Ethics, or other company rules that are subject to disciplinary sanctions can be reported.

WHAT DATA DO YOU NEED TO ENTER TO MAKE A REPORT?
The report can also be submitted anonymously, so you can choose whether or not to include your name, surname, and contact information for further inquiries. The only mandatory information is the subject and a detailed description of the report, which must be sufficiently specific to allow the relevant offices to carry out appropriate checks and verifications to verify the accuracy of the reported facts.

HOW IS THE REPORT HANDLED?

The report can also be submitted anonymously, so you can choose whether or not to include your name, surname, and contact information for further inquiries. The only mandatory information is the subject and a detailed description of the report, which must be sufficiently specific to allow the relevant offices to carry out appropriate checks and verifications to verify the accuracy of the reported facts.

HOW WILL YOU KNOW IF YOUR REPORT HAS BEEN TAKEN INTO CONSIDERATION?
Upon submission of the report, you will be issued a unique code as a receipt, through which you can monitor the status of its processing. Please keep this code carefully, as if lost or misplaced, you will no longer be able to access the case and will have to create a new one.

WHAT PROTECTIONS ARE YOU ENTITLED TO AS A WHISTLEBLOWER?
The personal data contained in the report will be processed in compliance with EU Regulation 2016/679 (GDPR) and applicable privacy laws, fully respecting the rights and fundamental freedoms, with particular regard to the confidentiality of the identity of the subjects involved and the security of the processing. The whistleblower cannot be dismissed, have their duties changed, be suspended, transferred, or subject to any other organizational measure with negative effects, either direct or indirect, on their working conditions, nor can they be threatened, harassed, or discriminated against in any way for having made a report in good faith.

WHAT LIABILITIES DO YOU ASSUME IN CASE OF ILLEGAL REPORTS?
In the case of unfounded reports made in bad faith or for the sole purpose of harming the accused or other individuals, criminal and disciplinary liability may apply. The Company reserves the right to take action to protect its interests and the rights of the individuals harmed.

TO MAKE A REPORT, USE THE FOLLOWING LINK
Cartoveneta Apci Srl – Whistleblowing Portal (smartleaks.cloud)
https://cartovenetaapci.smartleaks.cloud/#/?token=ec4328808cf25888a65429fcbd6a941bce5e3b4b3a3021ffb1c573c8367c15c3