ALCALIBER GROUP

I.      INTRODUCTION

Citizen collaboration is a key element in the Spanish Rule of Law, as it is not only manifested in the correct fulfilment of personal obligations, but also in the collective commitment to the proper functioning of public and private institutions. Citizen collaboration is also considered a duty of every citizen when they witness the commission of a crime.

In addition, in some areas, such as finance or antitrust, specific tools have been introduced to allow citizens to provide supervisory bodies with useful information on irregular or illegal behaviour. There are also cases where civic actions have led to investigations resulting in criminal convictions for irregular or corrupt behaviour.

It is important to emphasise that the legal system must protect citizens who report breaches of the law in the context of a professional relationship, as such civic behaviour has sometimes led to painful consequences for those who have reported corrupt practices and other violations. It is therefore essential to raise awareness in society that those who break the law must be prosecuted and that breaches should not be condoned or silenced.

II.    PURPOSE

The purpose of this policy is to set out the general principles of action governing the internal whistleblower information and defence system (hereinafter, System) defined in Alcaliber, S.A.U., Alcaliber Investigación, Desarrollo e Innovación, S.L. and Alfa Topco (Spain), S.A. (hereinafter, Alcaliber) and to publicise it with the aim of collaborating in the collective commitment to the proper functioning of public and private institutions.

Alcaliber guarantees adequate protection to whistleblowers against possible retaliation and strengthens the information culture and integrity infrastructure of the entity and promotes the information culture as a mechanism to prevent and detect threats to the public interest through the implementation of this System.

III.    SCOPE

Material scope of application

The Scheme applies to any communication made by a regulated entity which involves an act or omission that could constitute a serious or very serious criminal or administrative offence or which could constitute an infringement of European Union law, provided that:

1. Enter within the scope of the acts of the European Union listed in the Annex to Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019; Afects the inancil interestsw of the EuropeanUnion; or
2. Have an impact on the internal market
3. They affect the internal market

That said, in the event that information is communicated outside this material scope of application, Alcaliber reserves the right to pursue its investigation, but the informant would not be covered by measures of protection against reprisals.

Personal scope of application

The System applies to reporters who have obtained information about an offence in an employment or professional context, including in any case:

   a) persons having the status of employees;

   b) shareholders, participants and persons belonging to the administrative, management or supervisory body of Alcaliber, including non-executive members;

   c) any person working for or under the supervision and direction of contractors, subcontractors and suppliers;

It shall also apply to informants who report information on an infringement obtained in the framework of an employment or statutory relationship that has already ended, trainees, trainees in training, whether or not they receive remuneration, as well as to those whose employment relationship has not yet started, in cases where the information on infringements was obtained during the recruitment process or pre-contractual negotiation.

The measures for the protection of the whistleblower shall also apply, where appropriate, specifically to the legal representatives of the employees in the exercise of their functions of advising and supporting the whistleblower and to any natural or legal person in or assisting the whistleblower or related to the whistleblower who may suffer retaliation, such as colleagues or relatives of the whistleblower.

IV.   PRINCIPLES

Alcaliber has implemented an internal information system based on the following general principles of action:

1. Act, at all times, in accordance with current legislation and within the framework established by the Internal Code of Conduct, and in compliance with Alcaliber’s internal regulations. In particular, all the requirements set out in Law 2/2023, of 20 February, regulating the protection of persons who report regulatory infringements and the fight against corruption, shall be complied with.
2. Integrate and coordinate the different internal information channels that may be established within the entity.
3. To have a procedure for managing incoming information.
4. Generate an environment of transparency and accessibility to both internal and external channels to encourage the reporting of possible infringements by those persons included in the personal scope of application. Even the submission and subsequent processing of anonymous communications will be allowed.
5. To be independent and autonomous, appearing distinct from the internal information systems of other entities.
6. Guarantee the confidentiality of the information communicated, even through unusual channels, and of the actions carried out in its management and processing, as well as the secrecy of communications.
7. Comply with the requirements established in personal data protection regulations.
8. Implement adequate training programmes specific to the people involved in accessing the data being communicated and generic for the rest of the organisation.
9. Investigate and sanction irregular acts and conduct in a fair, non-discriminatory and proportionate manner in accordance with the disciplinary regime. This would include false or bad faith allegations of misconduct.
10. Promote an environment and culture that guarantees the effectiveness and appropriateness of its functioning in order to be able to know in the first place a possible irregularity and not to leave spaces of impunity against the whistleblower.
11. Designate a person responsible for the system, avoiding possible situations of conflict of interest by assigning him/her the necessary financial, human and technical resources.
12. Establish guarantees for the protection of whistleblowers, prohibiting reprisals against whistleblowers and full access to support measures.
13. Guarantee the right of affected persons to be informed and to be heard at any time.
14. Respect the presumption of innocence and the honour of the persons concerned.
15. Refer the information to the Public Prosecutor’s Office immediately when the facts could be indicative of a criminal offence. In the event that the facts affect the financial interests of the European Union, it shall be referred to the European Public Prosecutor’s Office.

V.      SYSTEM ADMINISTRATOR AND PERSONNEL WITH ACCESS TO THE INFORMATION

The Governing Body, as the body ultimately responsible for the implementation of the Internal Information System, has appointed the Regulatory Compliance Committee as the body responsible for the System, which shall exercise its duties independently of said Committee. This Committee delegates to one of its members the powers of management of the Internal Information System and the processing of investigation files, specifically to Mr. Víctor Encinas (HR Director and member of the Regulatory Compliance Unit of Alcaliber).

The System Manager shall be responsible for the diligent handling of information received through internal communication channels.

Access to personal data contained in the Internal Training System shall be limited, within the scope of its competences and tasks, to the following only:

1. The System Manager
2. The Human Resources Manager, only when disciplinary action against an employee is likely to be appropriate
3. The person responsible for the legal services of the company
4. The processors that may be appointed from time to time
5. The data protection officer

That said, the processing of the data by other persons, or even their communication to third parties, will be lawful when necessary for the adoption of corrective measures in the entity or the processing of the sanctioning or criminal proceedings that, where appropriate, may be applicable.

VI.   INTERNAL CHANNELS FOR RECEIVING INFORMATION

Alcaliber has the following internal channels for receiving information; two main ones, consisting of a specific e-mail, canaldedenunciasalcaliber@alcaliber.com and suggestion boxes available on the notice board of the factories, and another alternative, at the request of the informant, consisting of the possibility of requesting a face-to-face meeting with the System Manager.

All staff not responsible for the processing of internal channels are warned that they must maintain confidentiality in the event that any communication is not sent through the main internal channels established (e-mail and physical mailboxes), which constitutes a very serious breach, and that they must immediately transmit it to the System Manager.

VII. APPROVAL AND AMENDMENTS

The content of this Policy is subject to approval by the Governing Body. Any modification of its content as a consequence of the continuous improvement of the system must be approved by the Governing Body.