Code of Conduct and Code of Ethics, Hornetsecurity Group

Why this page?

In accordance with the requirements of the EU Parliament, we have established an internal reporting body.

We have therefore set up a website for the reporting of violations against legal requirements (including data privacy), financial laws (e.g. money laundering and bribery), ethical principles (Code of Ethics) or general rules of conduct (Code of Conduct) within the Hornetsecurity Group.

Who can initiate a report?

Incidents can be reported by Hornetsecurity Group staff, Hornetsecurity’s customers, Hornetsecurity’s suppliers or other third parties in contact with Hornetsecurity. The site is available in English, German, Spanish and French.

Where to go for reporting an incident?

The address of our website is: https://hornetsecurity.whistleport.de/.

To which cases can this EU directive be applied?

Violations of the following matters are covered (this list is not exhaustive):

  • Penal regulations,
  • Occupational health and safety,
  • Health protection,
  • Minimum Wage Act,
  • Requirements of the German Personnel Leasing Act (Arbeitnehmerüberlassungsgesetz),
  • Regulations to combat money laundering,
  • Product safety regulations,
  • Environmental protection regulations,
  • Consumer protection regulations,
  • Data protection regulations,
  • Information technology security,
  • Public procurement law,
  • Accounting regulations for corporations.

Which operations are explicitly not covered by the EU directive?

The following matters are not covered:

  • General suggestions for improvement,
  • General complaints that do not relate to violations of the law,
  • Reports about information that fall within the scope of national security,
  • an intentional or grossly negligent disclosure of incorrect information.

What happens with a report?

Incidents can optionally be reported anonymously. Whistle-blowers are thus protected from negative consequences such as dismissal, transfer or intimidation. The Reporting Agency is the external law firm “von Rueden” in Berlin, contracted by Hornetsecurity to independently review each report, ensure a timely feedback to the reporting party, pre-qualify the incident and forward the results to Hornetsecurity management.

Even though this reporting body now exists, however, your first point of contact for any kinds of reports should not be this website but a direct contact at your site, your group leader, HR Department, CISO, or the management.