Internal reporting office according to the German „Hinweisgeberschutzgesetz“
Complaints procedure according to the German Supply Chain Due Diligence Act (LkSG)

Employers with generally at least 50 or more employees need to set up an internal reporting office. Regardless of the number of employees, this obligation applies in particular to employers in the financial services sector.Special requirements must be considered if the federal government or a federal state is the employer, as well as for municipalities and associations of municipalities and those employers that are owned or controlled by municipalities and associations of municipalities.

Special requirements must be considered if the federal government or a federal state is the employer, as well as for municipalities and associations of municipalities and those employers that are owned or controlled by municipalities and associations of municipalities.

The internal reporting channel must be independent and have sufficient expertise. It shall examine whether a reported violation is valid and whether the organization concerned needs to initiate further measures. It shall maintain contact with the person making the report.

The internal reporting office must operate a reporting channel that meets the legal requirements for confidentiality and documentation. It must ensure that incoming reports are processed confidentially.

To take sufficient account of the legal complexity of the reports to be processed, experts experienced in handling confidential information should be entrusted with the tasks of the internal reporting office.

Our lawyers are experienced in handling confidential information and act independently as data protection officers.

With our reporting system HintPilot, we offer a modern reporting channel that meets all legal requirements for confidentiality and documentation.

Our services

Trustful partner with greatest possible transparency and self-control of company management

Case management by individually selected lawyers

Confidential receipt of reports and communication

Ensuring legally required acknowledgement of receipt and feedback to the person making the report

Initial legal classification and communication with company management

Permanent and easy availability 24/7

Initiation of appropriate follow-up measures (internal investigation, document review, witness interviews)

Individual collaboration

  • We take over the case management
  • We check the validity of allegations and whether action is necessary for your company
  • Together with you we define
    • individual roles and responsibilities within the internal reporting office
    • the flow of information in the case of valid reports
    • the procedure for initiating follow-up measures
    • the involvement of internal/external experts in the final evaluation of reports
    • the procedure for involving government agencies and investigative authorities
  • Individual organization of the registration office possible

Implementation of HintPilot

Provision of the reporting channel in your CI and with its own URL
Almost no internal resources are required for the integration of the reporting channel
Easy integration into your intranet or website
Possibility of anonymous reporting
If required, set up of an additional telephone or email reporting channel
Individual checklist for case management
We are Controller for the reporting channel within the meaning of data protection law

Advantages of the HintPilot

  • Confirmation and documentation of the receipt of the report to the reporting person
  • Confidential communication, documentation and case management within the system
  • Maintaining confidentiality of the identity of the whistleblower and third parties mentioned in the report
  • Documentation of required consents
  • Whistleblower system as an essential element of a Compliance Management System (CMS)
  • Deletion of non-relevant data in compliance with legal requirements
  • Multilingualism

Advantages of the HintPilot as a system-based reporting channel

Personal Conversation Phone Email Mail System based reporting channel
Anonymous reporting no no yes yes yes
Anonymous communication no no yes no yes
Data protection compliance unknown unknown yes unknown yes
Implementation of deletion & authorization concepts unknown unknown yes unknown yes
24/7 availability of the reporting channel no no yes yes yes
Automation of steps no no yes no yes
Digitalization no no yes no yes
Confidentiality no no yes unknown yes

Overview of the HintPilot functions

Isolated data storage

End-to-end encryption

2 factor authentification

Removal of meta data

Case-Management

Case support through processing steps

Deadline management

Multilingualism (24 languages)

Multi-client capability for corporations and groups of companies

Anonymous reports

Anonymous dialogue

Automatic communication

PDF Export Function

Individual branding

Security of HintPilot

Ensuring confidentiality through end-to-end encryption and removal of meta data from file attachments

ISO 27001 certification of the provider's information security management system

Hosting of data in an ISO 27001 certified data center in Germany

Regular positive auditing with extensive penetration testing of the system by external auditors

Compliance with deletion and authorization specifications

Ensuring the integrity of the data through audit security

Ensuring the availability of data and information through system availability of 99.9% per year (subject to software maintenance)

GDPR compliance (Art. 28 und 32 GDPR)

Conditions

Monthly fixed costs

EUR 275,–

plus VAT

Provision of web-based reporting channel included

One consultant hour per month for processing reports included

Conditions optional functions

Phone reporting channel
EUR 69,- / month plus VAT

Email reporting channel
EUR 39,- / month plus VAT

Legal background
Obligation to set up an internal reporting office

  • The "Whistleblower Directive" (EU/2019/1937) should have been implemented by all EU member states by 17.12.2021 by passing a national law.

  • In Germany, the Whistleblower Protection Act has been in force since July 2, 2023.

  • Employers with generally at least 50 employees must set up an internal reporting office. Regardless of the number of employees, this obligation applies in particular to employers in the financial services sector.

  • Special requirements must be considered if the federal government or a federal state is the employer, as well as for municipalities and associations of municipalities and those employers that are owned or controlled by municipalities and associations of municipalities.

  • Further information can be found here: Internal reporting office according to the German „Hinweisgeberschutzgesetz“

Complaints procedure according to LkSG

Procedure in accordance with coordinated rules of practice

Confirmation of receipt and confidential communication with parties involved/Whistleblowers

Documentation of measures taken by the company in response to complaints

Easy accessibility for potential parties involved/Whistleblowers

Enabling anonymous complaints

Impartiality of the persons involved in the complaints procedure

Protection of the confidentiality of the identity of the parties involved/Whistleblowers outside the complaints procedure according to § 8 para. 4 LkSG

Option of a joint contact point for complaints according to LkSG and reports according to HinSchG

Option to set up a separate complaints channel with an individual role and rights concept

Background - LkSG

  • As of January 1, 2023, the LkSG (German Supply Chain Due Diligence Act) applies to companies headquartered in Germany that employ more than 3,000 employees in Germany.
  • As of Jan. 1, 2024, the LkSG applies to companies that employ more than 1,000 employees in Germany.
  • Under the LkSG, companies must ensure that an appropriate complaints procedure is in place to draw attention to human rights-related environmental risks or the violation of corresponding obligations
Contact

How can we help you?

  • Scheja & Partner Rechtsanwälte mbB
    Adenauerallee 136
    53113 Bonn
    Tel.: +49 228 227 226-0
    Fax: +49 228 227 226-26

* All information is voluntary.