Whistleblower policy

Whistleblower policy regarding GlobalConnect’s whistleblower arrangement

Dated: 2022-01-19

1. Purpose

GlobalConnect AB (the “Company”) is strongly committed to act with integrity in all business commitments, believing that adherence to high standards of ethics and compliance is not a single event but an important part of our daily business practices. In line with this commitment, this Whistleblowing Policy (the “Policy”) provides guidance on how suspected wrongdoing and misconduct within the Company can be reported.

2. Applies to

This Policy applies to the Company and the following categories of individuals:

  • employees (including temporary personnel);
  • hired personnel (such as consultants and other independent contractors);
  • trainees and volunteers;
  • members of the board of directors of the Company;
  • shareholders of the Company; and
  • individuals over which the Company exercise control and management.

This Policy also apply to individuals whose work-based relationship with the Company is yet to begin in cases where information on wrongdoings has been acquired during the recruitment process or other pre-contractual negotiations. The Policy also apply to individuals who have acquired information within the context of a work-based relationship with the Company which has since ended. It is every employee’s, and other individuals performing work for the Company, responsibility to acknowledge the importance of complying with this Policy.

3. Definition of wrongdoing

Wrongdoing means any serious conduct that could have a negative impact on the Company’s business, operations or working environment or any other serious conduct that could be of public interest. Wrongdoing includes, but is not limited to, any actual or suspected:

(i) violation of laws (whether civil or criminal) and regulations;

(ii) bribery and corruption;

(iii) serious risks concerning the life or health of individual persons (such
as environmental crimes or major deficiencies in the security at a
place of work);

(iv) serious and systematic work place deficiencies; and

(v) any other conduct that is in material breach with the Company’s Code
of conduct or other material Company policies.

Issues exclusively affecting the relationship between one individual and the Company do generally not fall within the definition of wrongdoing for the purpose of this Policy. The Company encourages individuals to raise such concerns with their immediate manager or the HR department, depending on the circumstances.

4. Raising a concern

Reporting of wrongdoings should be made using one of the Company’s reporting
channels:

(a) Reporting to your direct supervisor.
(b) Reporting to anyone in the Investigation Team (either by e-mail, phone or
meeting)
(c) Reporting through the Company’s confidential web-reporting tool

Any individual who receives a whistleblowing report should immediately refer the report to the Investigation Team.

If you submit your report through telephone or at a meeting, your report will either (i) be recorded, if you consent to such recording, or (ii) written down in a protocol that you will be given the opportunity to review, rectify and approve by way of signing it. To facilitate the subsequent investigation, the Company encourages you to provide a detailed description of the wrongdoing. You may include e.g. documents or images when you submit your report.

If it is not relevant for the investigation of the reported wrongdoing, no sensitive personal data (data revealing ethnic origin, political opinions, religious beliefs, trade union membership or health or sexual life) should be included in the report. You will be informed that the report has been received within seven days from receipt of the report, unless (i) you have stated that you do not want to receive such acknowledgement of receipt or (ii) there is reason to assume that such acknowledgement cannot be made without disclosing your identity.

The reporting channels mentioned above should be used first hand. However, if you do not want to report to the Investigation Team because a member of the Investigation Team may be subject to conflict of interest by reason of the information brought forward, you may instead report directly to the Company’s CEO. If you do not want to report to the Company’s CEO for similar reasons, you may instead report to the Group CEO. Please however note that these reporting channels should only be used if necessary.

As an alternative to or in addition to using the Company’s internal reporting procedure, you may also report directly to certain Swedish authorities (external reporting) without the risk of retaliation. Which competent authority you shall submit your report to depends on the nature of the wrongdoing. The reporting should be made using the relevant authority’s established reporting channels designated for reporting of wrongdoings.

To file a report, you shall have reasonable grounds for believing that the information you are in possession of is true. However, it is not necessary to be able to present any evidence of the wrongdoing in order to file a report. As long as you act in good faith, you will not face any negative consequences even if the suspicion of a wrongdoing proves to be incorrect if and when the matter has been further investigated.

5. Confidentiality

You are encouraged to voice any concerns openly under this Policy although reports may also be submitted anonymously. You can specifically request confidentiality when making your report. Any request for confidentiality will be respected to the extent possible considering the need to investigate adequately, to comply with the law, to provide accused individuals their legal rights of defence and to take appropriate remedial measures.

6. Retaliation

If you acquire information of a wrongdoing, as defined above in section 3 (definition of wrongdoing) in a work-related context, you shall not be subject to any form of retaliation for reporting such information in good faith by way of using the Company’s internal reporting channels. Such protection is offered through the Swedish law Lag om skydd för personer som rapporterar om missförhållanden. The protection against retaliation applies to individuals mentioned under Section 2 above (Applies to) who file a report in accordance with this Policy. If you feel that retaliatory behavior of any kind is occurring towards you, you should immediately report those concerns to the Head of Legal Sweden.

For the purpose of this Policy, “retaliation” means any direct or indirect act or omission which occurs in a work-related context, is prompted by reporting information on wrongdoings, and which causes or may cause unjustified detriment to the reporting person. However, it should be noted that the protection against retaliation does not apply if it can be established that the report was made maliciously in bad faith or that a criminal offence has been made when gathering the information for the report or if the report itself constitutes a criminal offence.

7. Investigation

The Company’s investigation team consists of the Legal department in Sweden (the “Investigation Team”).

Reports of wrongdoings filed according to this Policy will be investigated by the Investigation Team. The Investigation Team will evaluate and assess the information received, ensure that the matter is investigated and conclude the appropriate course of action. The Investigation Team shall act independently and with integrity. The members are authorized by the Company to undertake the investigation measures they deem necessary and appropriate in each specific case.

The Investigation Team shall consider whether the responsibility for the next steps in the investigation should be assigned to relevant internal resources, for example IT, Legal, HR, Finance or a specific business area, as well as a potential need to engage external advisors. The investigation shall however always include an individual from a department/function outside the department/function which is the subject of the report. The Investigation Team shall at all times conduct investigations discreetly, in the strictest confidence and with priority.

In conjunction with the investigation, or after the investigation has been completed, it may be necessary to disclose information which could identify you to functions within the Company in order to, e.g., initiate proceedings relating to termination of employment. Disclosure may also be made to competent authorities. You will be informed of any such disclosure, provided however that informing you will not impede
or complicate the purpose of the disclosure.

If you have filed a report, using the Company’s internal reporting procedures, you will receive information on actions taken as follow-up to the report and the grounds for such follow-up within a reasonable timeframe but not later than three months from when you have received confirmation of receipt of the report, insofar as such information would not prejudice the internal enquiry or the investigation or affect the rights of any person concerned. If appropriate and attainable, you will be informed of the status of the investigation and any measures taken to address the issue raised on a continuous basis.

If a report concerns or relates to any member of the Investigation Team or concerns an issue or a business department in relation to which a member of the Investigation Team may have a conflict of interest, then such member shall not participate in the investigation of the report.

If a conflict of interest situation may not be avoided by excluding member(s) of the Investigation Team from participating in the review of a
report, the Company’s CEO shall be in charge of the investigation of such report.

8. Course of action

When an investigation has been concluded, the Investigation Team shall conclude the appropriate course of action.

Actions shall be relevant, proportional and fair in relation to the interests of the Company as well as the individuals and organizations involved and shall take into consideration the relevant regulatory framework, corporate policies, culture and values. Actions can include measures such as a written warning or dismissal, or referrals to competent authorities for further investigation.

9. Personal data

All information received in connection with a report will be treated as strictly confidential and the privacy of the reporting individual and the subject(s) of the report will be protected to the fullest extent deemed possible. Any processing of personal data of the reporting individual and of any accused person(s) will be made in accordance with the General Data Protection Regulation (GDPR) and all complementary Swedish data protection legislation, including the Swedish Authority for Privacy Protection’s regulations. The personal data submitted in a whistleblowing report will only be processed in order to investigate the claim made by the reporting individual. Reports received through the Company’s internal reporting channels shall be stored for no longer than necessary and proportionate in order to investigate the reported wrongdoing and undertake appropriate actions, however no longer than two years after a follow-up case or an investigation has been concluded.

Processed personal data will be deleted within two years after the conclusion of an investigation, if an investigation is initiated as a result of a report of a wrongdoing. You will find more information regarding the Company’s processing of personal data in the Company’s Privacy Policy.

To the extent possible, information received in connection with a report will be treated as confidential and the privacy of the reporting individual and the subject of the report will be protected. However, please see the comments regarding potential disclosure under section 7 (The investigation).

10. Roles and responsibilities

The Company’s CEO is accountable for the implementation of this Policy. The executives reporting to the Group CEO are responsible for ensuring that the Policy is communicated, implemented and followed within his/her area of responsibility.

11. Violation of Policy

Non-compliance with this Policy shall be reported in accordance with this Policy. Received reports of violations of this Policy should be forwarded to Head of Group Legal who is responsible for reporting incidents to the Group Audit Committee. Violations against this Policy may be subject to corrective, legal and/or disciplinary actions, including termination of employment.

12. Related documents

This instruction is part of the Company’s Corporate Compliance Framework, which includes related Group Policies, manuals, instructions and guidelines issued on group and/or local level.

13. Exemptions

Any deviations or exemptions deemed necessary from this Policy shall be escalated to the Head of Legal Sweden. No deviation or exception can be made without approval by the Country CEO.

14. Contact Information

Contact the Head of Legal Sweden should you have any questions or need further assistance regarding this policy.