Safewhistleblowing

Reporting a breach

Secure usage of the application To protect your identity, make sure that you do not provide information that will directly or indirectly disclose your identity when filling out the forms and when attaching documents. Check whether your internet connection is safe and the browser you are using displays a padlock icon. To submit your report, use a private device only that is not connected to the organization's network. Furthermore, you should only access your inbox in the application on a private device and in a secure private network environment. Trusty AG does not record the IP address from which you are accessing this website and uses only temporary session cookies for security purposes. State-of-the-art encryption is used to protect your communication and information provided via this web portal. Your inbox Please note that you will be kept informed of the status of your report or question, including the acknowledgment of their receipt, and provided feedback through your inbox. You will be able to log in by using the username and password that will be generated and displayed at the end of this process. Please note them down as we are not able to restore them or change them.When reporting on an anonymous basis we recommend that you regularly check your inbox as we will not be able to warn you when we send new messages to your inbox. When reporting in your name, you will have the option to either approve the notification of new messages by email or not approve the sending of such notifications. Data processing The organization is the controller of the submitted personal data. The submitted personal data shall be kept and processed in accordance with the organization's policies as long as the organization has the legitimate interest to process the report (including conducting any investigations) and, if applicable, initiate sanctions. For the purpose of processing your report, the personal data and information may be accessed, processed and used by the responsible personnel at the organization. The assigned personnel at Trusty AG has access to the database exclusively for the purpose of technical maintenance. If necessary, personal data and information may be disclosed to the police and/or other enforcement or regulatory authorities. The application, its webpages, as well as the database in which the personal data and information that you submit are stored, are operated by Trusty AG, Bösch 82, 6331 Hünenberg, Zug, Switzerland, on behalf of the organization. The database is encrypted and hosted on virtual servers located in the EU. Internal reporting destination

I agree with the reporting process, as described in the Whistleblowing policy I want to limit the internal disclosure of my report to the designated point of contact of the following local entity. I understand that this option is only available to me if my entity has more than 249 employees and is part of a group.

Confirmation of understanding

I confirm that I have read and understood the warnings about security, confidentiality, the data processing provisions, as well as my obligations regarding anonymity, and hereby accept these conditions.

For successful processing of your report it is important to provide as much information on the subject matter as possible. Mandatory questions are marked with an asterisk and you will not be able to proceed without filling in the respective fields. Information provided in non-mandatory fields is most welcome, however, you can skip these fields if you do not have the relevant knowledge.

When and where did the breach occur?

or describe in your own words

Persons suspected to be involved

Full name

Position

Organization

Is anyone else aware of the breach?

Full name

Position

Organization

Please describe the breach in your own words *

frontend.enterFullFraudReport.personsWarning

Attach documents

Prior to their attachment, check your files for metadata that may reveal your identity.

You may submit your report or question anonymously, or you may decide to disclose your identity to the organization either now or at a later stage. In both cases you will be assigned a username and password, which you will need to access your inbox. A disclosed ID of the reporting person usually allows for a more productive and efficient processing of the report.

Are you willing to disclose your identity? *

Yes, I would like to disclose my identity!

No, I prefer to remain anonymous.

Protection of confidentiality: your identity will not be disclosed to any person who is not directly assigned to process your report or question, without your explicit consent, except when requested by the competent authorities.

For the purpose of processing your report or question the personal data may be accessed, processed and used by the authorized personnel of the organization. If necessary, personal data may be disclosed to enforcement or regulatory authorities. The submitted personal data shall be kept and processed according to the organization's whistleblowing policy and as long as the organization has the legitimate interest to process the report (including conducting any investigations) and, if applicable, initiate sanctions, or to provide clarifications for the submitted question. The organization warrants for privacy of the personal data and shall treat them in accordance with the relevant personal data protection laws. You are entitled to get acquainted with your personal data, to receive your personal data in a generally readable electronic format, provide corrections and request that the processing of your personal data be limited. The right to deletion of your personal data is limited by the legitimate interest of the organization described above.

Please enter your details here:

First name *

Last name *

E-mail address

Telephone number *

Relationship towards the organization

Receive E-mail notifications Please send me notifications about responses via E-mail.

Page 1 of 1