Information about the whistle­blowing system

Preliminary remark

We would like to inform you about the new requirements for reporting breaches of legal regulations in accordance with the Whistleblower Protection Act (HinSchG).

The Whistleblower Protection Act came into force on 2 July 2023 and currently applies to companies with more than 250 employees Companies with 50 or more employees will be subject to the Act from 17 December 2023. This law regulates the protection in particular of natural persons who have obtained information about violations in connection with their professional activities or in the run-up to a professional activity and report or disclose these to the reporting offices provided for under this law (whistleblowers). With this report, you contribute to the prevention, detection and elimination of errors in our company. You are often the first to realise when something goes wrong in our company.

We would therefore like to encourage you to contact our internal reporting centre with suspicious circumstances in connection with or in advance of your professional activities, providing as much specific information as possible. We take the requirements for the protection of whistleblowers seriously and ensure that you do not have to fear any unfavourable measures due to or following a justified report („reprisals“).

In addition to reporting information about an offence to the internal reporting office, you can also report it to an external reporting office. Section 7 para. 1 sentence 1 HinSchG provides for a right to choose. However, according to Section 7 (1) sentence 2 HinSchG, whistleblowers should prefer to report to an internal reporting centre in cases where effective internal action can be taken against the violation and they do not have to fear reprisals.

We therefore ask you to first contact our confidential internal whistleblowing centre with any suspicious circumstances.

In accordance with our legal obligation, we make our internal whistleblower reporting system available to you. You can use this protected channel to report information about violations within the meaning of the HinSchG (see „What issues can be reported?“).

Please note: A wilfully untrue report may have consequences under criminal law.

1.       internal reporting system

Here (EQS Integrity Line) you will find access to our reporting platform „ALTEN Integrity Line“.  You can use this reporting platform to report suspicious circumstances at iconec GmbH in a protected area.

FAQ on the reporting system:
What issues can be reported
You can report information about violations to our internal reporting office. Information about violations are reasonable suspicions or knowledge of actual or potential violations, within our company or at another organisation with which you are or were in contact due to your professional activity (e.g. customers and suppliers), which have already been committed or are very likely to be committed, as well as attempts to conceal such violations.

Infringements caused by acts and/or omissions in the course of a professional, entrepreneurial or official activity that are unlawful and/or abusive and concern regulations or areas of law that fall within the material scope of the HinSchG are recorded. However, reports of purely private misconduct of which the whistleblower becomes aware in connection with their professional activity are not protected.

The material scope of application of the Whistleblower Protection Act is regulated in Section 2 HinSchG. It covers, among other things, the reporting of information on the following offences:

  • Criminal offences,
  • offences punishable by a fine, insofar as the provision violated serves to protect life, limb or health or to protect the rights of employees or their representative bodies,
  • other violations of federal or state legislation and certain directly applicable legal acts of the EU and the European Atomic Energy Community, such as violations of antitrust law, environmental law, radiation protection, food and product safety, regulations to prevent money laundering, to combat the financing of terrorism, as well as consumer protection and data protection.

This list is not exhaustive. You can find the legal text of § 2 HinSchG here.

How is the confidentiality of my report ensured?

We handle your personal data and the personal data of the persons affected by the notification confidentially. Personal data is processed in accordance with the provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act. In addition, we are obliged under Section 8 HinSchG to protect the identity of the person making the report and the persons affected by the report as far as possible. This means that personal data is only disclosed to the responsible persons at the internal reporting centre and may only be disclosed in exceptional cases defined by law (Section 9 HinSchG). The identity of persons who report false information through gross negligence or wilful misconduct is not protected from disclosure in accordance with the HinSchG.

Do I have to fear any disadvantages because of my notification?

You will not suffer any disadvantages as a result of the justified reporting of offences. The Whistleblower Protection Act offers comprehensive protection, which we take very seriously.

How is my anonymity protected?

To ensure your anonymity, the data is encrypted and transferred to the secure and independent EQS Integrity Line server. You remain anonymous when you send a report via the EQS Integrity Line platform, unless you choose to reveal your identity. The system automatically generates a process number and a confidential password that you can use to track the status of the report. Anonymity is fully guaranteed by our external service provider EQS Group AG.

To ensure your anonymity, we recommend the following procedure:

  • If possible, do not create the report from a computer belonging to your employer
  • Do not use a PC that is connected to the company network/intranet
  • Call up the reporting system by entering the URL address directly into the browser and not by clicking on a link
  • Do not enter any personal data (= data that allows conclusions to be drawn about your person) in the report

What happens after I have submitted a report?

All reports are sent to the responsible contact person at iconec GmbH via the secure EQS Integrity Line server. After we have checked the admissibility of your report, we will contact you via the EQS Integrity Line platform if further questions arise or information is required. If you wish, you can remain anonymous. You will be informed of the results of the report.

When will I receive an answer to my message?

You will receive an acknowledgement of receipt of your report within 7 working days. Within a further 3 months of receipt of the acknowledgement of receipt, we will inform you of the results of your report and any measures taken to pursue and rectify the offence.

What happens in the event of a false report?

When submitting a report, it is important that you believe or have a good faith belief that the facts reported are true and that your report is not intended to cause harm or abuse. We do not expect you to gather evidence or investigate the incident yourself. Iconec GmbH has set up an organisation that is specifically responsible for processing reports received via the platform.

You will not face any sanctions if you submit a report of corruption, a conflict of interest, serious environmental damage, a serious human rights violation or unethical behaviour in good faith.

However, misuse of the reporting system that is not made in good faith may result in disciplinary or even legal sanctions.

Why do I need the mailbox function?

At the end of the registration process, you will receive an automatically generated process number and can set your own password. You can use this access data to log into your mailbox at any time by clicking on „Mailbox“ and then following the instructions. This function allows you to communicate directly with the contact person at iconec GmbH and view the status of your report while maintaining your anonymity. This opportunity to discuss the incident is very important as further information may be required to fully resolve the incident.

2.       external reporting office of the federal government

In addition to internal reporting, the law provides for the possibility of external reporting. For this purpose, the federal government has set up an external reporting centre at the Federal Office of Justice (FOJ). The reporting channels and further information on the BfJ’s external reporting centre are published on the BfJ website.

In addition to the Federal Government’s external reporting office at the BfJ, the existing reporting systems at the Federal Financial Supervisory Authority (BaFin) and the Federal Cartel Office will continue to be maintained for their specific areas of responsibility. Please also read the information on the websites of these reporting offices/whistleblowers:

3.       Information on procedures for notifications to European Union (EU) bodies

In addition to information on external reporting procedures under the HinSchG, you can use the following links to access information on procedures for reporting to EU institutions, bodies, offices or agencies. These include external reporting channels of the Commission, the European Anti-Fraud Office (OLAF), the European Maritime Safety Agency (EMSA), the European Aviation Safety Agency (EASA), the European Securities and Markets Authority (ESMA) and the European Medicines Agency (EMA).






The reporting procedures there remain unaffected by the HinSchG, i.e. they continue to exist unchanged alongside the internal and external reporting procedures under the HinSchG.

Further information on external reporting procedures and relevant reporting procedures of institutions, bodies, offices and agencies of the European Union can be found on the BfJ website (