1. AEGEAN Group
  2. Corporate Governance
  3. Whistleblowing

Whistleblowing

What is it?


Through this whistleblowing channel, suspicion of crime, violation or other misconducts may be reported confidentially.

Why is it needed?


The Whistleblowing Channel is a tool for maintaining ethical principles and trust. We require our entire organization and our employees to comply with the ethical principles and the legislation concerning our organization. If an employee or a person otherwise in contact with our organization suspects violations, he or she can report it through the whistleblowing channel.

What it consists of?


The user has the opportunity to report anonymously for example the following violations or suspected violations:

  • Bribery, corruption and money laundering
  • The gray economy
  • Unlawful conduct or unfair competition
  • Violation of environmental and occupational safety legislation
  • Violation of data protection law
  • Interference with the right of workers to organize
  • Unilateral weakening of work tasks
  • Violations of other laws or our ethical principles.

Reports must be made in good faith. Deliberate false reports are prohibited and may result in legal action.

Who is it for?


Through our channel, abuse can be reported by both our employees and all external parties.

How?


Anyone can report anonymously through the whistleblowing channel. The channel is provided by an external service provider to ensure its confidentiality. The system is encrypted and password protected.

After submitting the notification, the whistleblower will receive an anonymous username and password with which he or she can log in to the service and communicate with whistleblowing notification handlers.

The notices sent in the service are only readable by the specified persons. At Company, these persons are CEO and Head of Legal Affairs. All notifications will be treated confidentially.

How to report an observation 


You can send your observation easily and securely by following the instructions in the form. The service will anonymize you, so that the observation you are reporting cannot be associated with you. Once you have created the observation, an anonymous username and password will be created for you. Copy them in a secure manner. You can log in with the credentials to follow-up on the case, and provide additional information, if needed.
 
Please use the below link for reporting any new observation: https://app.incy.io/aegean-airlines/links/whistleblowing

Other means of reporting;


The specific whistleblowing channel is only for internet reporting.. Alternatively, you can report:
Via post at the address: B57, Athens International Airport Eleftherios Venizelos, Spata PO 19019.
Via e-mail: whistleblowing@aegeanair.com

Whistleblowing Privacy Notice


1. Data Protection Officer
Company: Aegean Airlines SA
Address: B57, Athens International Airport Eleftherios Venizelos, Spata PO 19019, Greece
telephone: +302106261651
E-mail: dpo@aegeanair.com

The Registry Administrator (the “Administrator”) is committed to protecting privacy and processing personal data in accordance with applicable data protection laws and good data protection practices.

This Privacy Statement describes how the Administrator collects, processes and protects the personal information of the person who made the whistleblowing report (the “Notifier”). For the sake of clarity, the Administrator will not process the personal data of the notifier if the notification is made anonymously.

2. Data Sources
The Administrator collects personal information provided by the Notifier through the whistleblowing system or other channels. In addition, during investigations, personal data is collected, if necessary, from the internal systems of the Administrator's organization.

3. Data to be collected
The Administrator collects personal information that is necessary for the investigation of the notification. These are

  • Information related to the notification
  • Information related to the investigation
  • Personal data, such as name, e-mail and telephone number, only if the notifier himself adds this information to his notification or additional information.

However, if sensitive personal data are processed, for example where the processing is necessary for the preparation, presentation or defense of a legal claim, the processing will take place in accordance with local and EU law.

4. What the information is used for
Personal data will be used in the investigation of the reported case and, where the allegation is confirmed, in the implementation of disciplinary and corrective measures.

5. Legal basis for processing

  • Legal obligations of the Administrator
  • Protecting the legitimate interests of the Administrator
  • User's consent to these terms when he submits his report.

Deliberate false reports are prohibited and may result in legal action.

6. Data retention period
Data will be retained on a regular basis for two (2) years after the end of the investigation. Retention periods may vary according to mandatory legal requirements.

7. Who has access to personal data and is it disclosed to third parties
Personal information is accessed and processed by those employees of the Administrator who conduct and supervise the investigations. Access is restricted to individuals who need information for the above purposes.

The whistleblowing system used by the Administrator is maintained by an external service provider, an independent Finnish company, Plan Brothers Oy. The Administrator has confirmed by agreement that Plan Brothers Oy, as a service provider, has undertaken to process personal data obtained through the whistleblowing system in accordance with the applicable data protection legislation.

Personal data may be disclosed to third parties, such as public authorities where this is necessary, for example, by law.

8. Is personal data transferred outside the EU or the EEA
Personal data will not be transferred outside the EU or the EEA.

9. How the data subject may affect the processing of his/her personal data
The data subject has the right to:

  • check the information about themselves in the register,
  • require correction of incorrect information,
  • withdraw his / her consent for processing,
  • require the deletion of any or all data unless there is a legal basis for the storage,
  • require the controller to restrict the processing of data in the situations referred to in Article 18 of the Data Protection Regulation,
  • opposes the processing of data in situations covered by Article 21 of the Data Protection Regulation,
  • lodge a complaint against the register or the processing of data with the authority mentioned in point 10,

Disclosure of information to the requester always requires that the identity of the requester can be reliably verified.

Please note that the exercise of these rights is subject to terms and conditions and the Administrator may have the right to reject the request. If the request is rejected, the reasons for the rejection shall be communicated to the data subject.

The registrant can send a request to: dpo@aegeanair.com.

10. Who to contact for questions related to the processing of personal data
If you have any questions about the processing of personal data in the whistleblowing process, please contact us by e-mail at: dpo@aegeanair.com.

Aegean App

Get the best out of your travel experience with the Aegean App.

Get the App Not now