Notifications of law breaches

Based on the Law on the Protection of Whistleblowers of June the 14th 2024 implementing Directive (EU) 2019/1937 of the European Parliament and of the Council (EU) on the protection of whistleblowers of Union law of October the 23rd 2019, at AIUT Sp. z o.o. the „Procedure for making notifications of the law breaches and taking follow-up actions” (hereinafter: Internal Notification Procedure) was established.

• Who can make a notification under the „Internal Notification Procedure”?

The Procedure applies to individuals who report or disclose information about a Breach of Law obtained in a work-related context, including an employee and temporary worker; a person providing work on a basis other than employment, including under a civil law contract; an entrepreneur; a proxy, shareholder or partner; a member of a body of a legal person or an organisational unit without legal personality; a person providing work under the supervision and direction of a contractor, subcontractor or supplier; an intern, volunteer, trainee. The provisions of the Procedure also apply to Whistleblowers:

- whose employment or other legal relationship which forms the basis for the provision of work or services or the performance of functions in or for the Company is yet to be established, where they have obtained information about the Breaches during the recruitment process or other pre-contractual negotiations.

- in case they make a notification or a public disclosure of Breaches they obtained in the context of an employment relationship that has already ceased.

• What is the scope of matters covered by the „Internal Notification Procedure”

One may report a breach, which is an illegal act or omission or an act intended to circumvent the law relating to corruption; public procurement; financial services, products and markets; anti-money laundering and terrorist financing; product safety and compliance; transport safety; environmental protection; radiological and nuclear safety; food and feed safety; animal health and welfare; public health; consumer protection; protection of privacy and personal data; security of networks and information and communication systems; financial interests of the State Treasury of the Republic of Poland, a local government unit and the European Union; the internal market of the European Union, including public law principles of competition and state aid and taxation of legal persons; constitutional freedoms and rights of the human being and the citizen - occurring in relations of an individual with public authorities and not related to the areas indicated above.

• How do I notify a breach as described above?

1. Notifications, received and handled by Authorised Persons in the HR Section, may be made through the following channels, that ensure the protection of the confidentiality of the identity of the person making the notification (except for notifications referred to in paragraph 2, i.e. concerning the HR Section), including:
   • personally, with aforementioned employees (persons from outside the organisation should approach the Reception of Aiut Sp. z o.o. so that to be given further instructions and one of the above-mentioned Persons from the HR Section to be called on by the Reception,
   • directly to a dedicated e-mail box - sygnalista@aiut.com
   • in writing, to the registered address of AIUT Sp. z o.o. (113 Leona Wyczółkowskiego Street, 44-109 Gliwice) marked „HR. Notification of Breach”.
2. If and only if a Notification relates to the HR Section (we identify that these will be recruitment cases only), the Notification will be accepted and handled by the authorised Head of Management Board and Compliance Office through the following channels, to ensure the confidentiality of the identity of the person making the Notification is protected, including:
   • Personally, with the aforementioned employee, (persons from outside the organisation should approach the Reception of Aiut Sp. z o.o. so that to be given further instructions and the aforementioned person from the Management Board and Compliance Office to be called on by the Reception);
   • directly to a dedicated e-mail box - mco@aiut.com
   • in writing, to the registered address of AIUT Sp. z o.o. (113 Leona Wyczółkowskiego Street, 44-109 Gliwice) marked „Management Board and Compliance Office. Notification of Breach”;

• Does the Internal Notification Procedure allow for anonymous reporting?

The procedure does not allow for anonymous Notifications (i.e. without providing any of your credible details).

NOTIFICATIONS OF OTHER BREACHES

• Where can I report other breaches not covered by the above Internal Notification Procedure?

The AIUT Group allows the free reporting of irregularities concerning its functioning. Notifications shall be done by sending an e-mail to the following address whistleblowing@aiut.com

A notification can concern any element of business dealings, including the internal situation of the AIUT Group (e.g. unethical business practices, environmental issues, human rights violations) and can be made by any business participant.

• Will I be protected against retaliation once I have made a notification?

Irrespective of the choice of reporting channel, AIUT Sp. z o.o. undertakes that the persons making the notifications will not suffer negative professional and/or economic consequences as a direct consequence of making the notification. The preceding sentence shall not apply if the notification turns out to be false and made in bad faith, in which case, only action in accordance with the provisions of generally applicable law shall be taken.