Whistleblower System / Internal Reporting Office

Kiel University of Applied Sciences is committed to effective compliance. Compliance means adhering to the law and the internal regulations of Kiel University of Applied Sciences as well as the creation of structures so that Kiel University of Applied Sciences, the university management and all of their employees can behave in accordance with the law. The Compliance Ombudsman and the whistleblower system www.safewhistle.info, which is certified according to ISO 27001, are part of the compliance system and the compliance culture of the Kiel University of Applied Sciences.

Why has Kiel University of Applied Sciences appointed a Compliance Ombudsman?

Your information will help us to counteract violations of applicable law or the internal guidelines of Kiel University of Applied Sciences at an early stage and to prevent damage to our employees, business partners, third parties and also to Kiel University of Applied Sciences. For this reason, Kiel University of Applied Sciences has appointed a Compliance Ombudsman whom employees, business partners and third parties can contact as an external and independent person if they have sufficient indication that there have been violations of applicable law or the internal regulations of Kiel University of Applied Sciences.

Which whistleblowers are protected?

Any whistleblower who acts in good faith is entitled to provide information. Good faith means when the whistleblower providing the information believes the information to be true at the time of reporting.

How do I report information?

The Compliance Ombudsman requires the following information:

  • at which company or part of the company
  • what (has) happened
  • when
  • where
  • who was involved

All information on possible violations of applicable law or the internal regulations of Kiel University of Applied Sciences are relevant for the Compliance Ombudsman.

The Compliance Ombudsman is also interested in which other people – possibly uninvolved in the specific events – are aware of this and whether there are any documents (e.g. emails, photos) pertaining to this.

Before reporting information (i.e. “blowing the whistle”), please check carefully whether the information you wish to provide is correct in terms of content. In particular, you must not provide any information that you know to be false.

Please also inform the Compliance Ombudsman how you can be reached if there are any questions.

How do I act if I am not entirely sure whether the violation(s) observed or suspected is true?

If you are unsure whether the violations you have observed or suspected are true, please use phrases such as “I believe that...”, “I think it is possible that...”, It could be that...”
If you are unsure about the presentation, assessment and/or procedure, you can speak to the Compliance Ombudsman about the case beforehand – even anonymously – and free of charge.

Are there any costs associated with issuing a report?

There are no costs associated with reporting information for the person providing it.

How is identity protected?

As a lawyer, Dr Johannes Dilling maintains professional secrecy and may not pass on the known identity of a person providing information to third parties without making himself liable to prosecution. Dr Dilling has taken appropriate technical and organisational measures to protect the information he receives so that third parties cannot access it. The information that Dr Dilling passes on to the Kiel University of Applied Sciences is also treated confidentially and protected.

Is the protection of identity absolute?

No, it is not.

On the one hand, the Hinweisgeberschutzgesetz [Whistleblower Protection Act] provides for exceptions to confidentiality in Section 9 Paragraph 2, which allow, for example, the identity of a whistleblower to be passed on to a law enforcement authority if the latter requests this. Express reference is made to Section 9 of the HinSchG.

On the other hand, only those people who act in good faith, i.e. who do not intentionally or grossly negligently provide false information, enjoy confidentiality protection. Good faith can be assumed if the person providing the information (whistleblower) assumes that the information be true at the time of reporting. A whistleblower who intentionally or grossly negligently provides false information must expect their identity to become known through a request for information from the person concerned in accordance with Article 15 Section 1 of the GDPR and that the person concerned may assert claims for damages.

Ultimately, neither Dr Dilling nor the Kiel University of Applied Sciences have confiscation protection, i.e. in the event of an official investigation, authorities may confiscate documents that reveal the identity of the person providing the information.

Whistleblowers who fear that their identity will become known are therefore advised to submit a report anonymously. Even if you report anonymously, no false information may be provided.

If you are not sure, the following also applies at this point: use phrases such as “I believe...”, “I think it is possible...”, “It could be that...”

Do I have to reveal my identity when I provide information?

If requested, the informants can remain anonymous. Whistleblowers can also request that the Compliance Ombudsman not pass on information that could lead to their identity becoming known to Kiel University of Applied Sciences.

Do I have to fear professional disadvantages if I provide information?

No, reprisals or retaliation against whistleblowers are prohibited.

What position does the Compliance Ombudsman have?

The Compliance Ombudsman is not an arbitration board for disputes. The attorney-client relationship only exists between Kiel University of Applied Sciences and the Compliance Ombudsman. Nevertheless, the compliance ombudsman acts impartially and is not bound to instructions from Kiel University of Applied Sciences. As a lawyer, the compliance ombudsman is legally obliged to maintain confidentiality.

What happens with the information provided?

The Compliance Ombudsman provides you with feedback within 24 hours that the report has been received. The Compliance Ombudsman prepares the report and passes it on confidentially to the legal department/internal audit of Kiel University of Applied Sciences. The legal department/internal auditing department at Kiel University of Applied Sciences decide together with the university management how to deal with this report. If there are sufficiently concrete suspicions of legal or policy violations, these are investigated internally in order to clarify and remedy any possible misconduct. This is also usually carried out confidentially and discreetly in order to protect the interests of the people affected by the information. No later than three months after the report is issued, you receive feedback from the Compliance Ombudsman as to whether the reported violation was identified.

How do I contact the Compliance Ombudsman?

You can contact the Compliance Ombudsman in any way possible (telephone, email, fax, post or via the whistleblower system www.safewhistle.info). The Compliance Ombudsman is also available for personal meetings with whistleblowers, if requested also via video and audio transmission. If you wish encrypted communication, you can also use the messenger services Signal and Threema and use them to contact the Compliance Ombudsman. It is also possible to send encrypted emails to the Compliance Ombudsman via Protonmail at the following address:

RADilling@protonmail.com

The contact details are as follows:

Rechtsanwalt Dr Johannes Dilling
Landgrafenstraße 49
50931 Köln

Telephone: +49 (0) 221 933 107 40
Mobile: +40 (0) 163 347 6111
Fax: +49 (0) 221 933 107 42

www.ra-dilling.de
www.safewhistle.info

Threema-ID: 3PX6278J

Email: info(at)ra-dilling.de; RADilling(at)protonmail.com

 

External Reporting Offices

Whistleblowers can also choose to report information about violations to external bodies.

  1. Bundesamt für Justiz
    [Federal Office of Justice]

    The external reporting office is basically the
    Bundesamt für Justiz
    Adenauerallee 99 – 103
    53113 Bonn

Information on the reporting procedure at the Bundesamt für Justiz, to which reference is made in accordance with Part 24 Section 4 Nos. 1 & 2 of the HinSchG can be found here:
https://www.bundesjustizamt.de/DE/MeldestelledesBundes/MeldestelledesBundes.html

The online procedure can be found under the following:
https://www.bundesjustizamt.de/DE/MeldestelledesBundes/MeldestelledesBundes_node.html

  1. Bundesanstalt für Finanzdienstleistungsaufsicht (BaFin)
    [Federal Financial Supervision Authority]

    The responsible external reporting office for reports in accordance with Section 21 No. 1 and No. 2 HinSchG is the Federal Financial Supervisory Authority (BaFin)
    Graurheindorfer Straße 108
    53117 Bonn

    Information on the reporting procedure of the Federal Financial Supervisory Authority, to which reference is made in accordance with Part 24 Section 4 Nos. 1 and 2 HinSchG, can be found here:
    https://www.bafin.de/DE/DieBaFin/Hinweisgeberstelle/hinweisgeberstelle_node.html
    https://www.bafin.de/DE/DieBaFin/Hinweisgeberstelle/2_Anonyme_Hinweisabgabe/AnonymeHinweiserteilung_node.html

    The online procedure can be found under the following:
    https://www.bkms-system.net/bkwebanon/report/clientInfo?cin=2BaF6&c=-1&language=ger
     
  2. Bundeskartellamt
    [Federal Cartel Office]

    This is the responsible external reporting office for reports in accordance with Part 22 Section 1 of HinSchG
    Bundeskartellamt
    Kaiser-Friedrich-Straße 16
    53113 Bonn

    Violations can be reported at any time, regardless of the outcome of a procedure, via an internal report.
    Information on the Federal Cartel Office's reporting procedure, to which reference is made in accordance with Section 24 Paragraph 4 Nos. 1 and 2 HinSchG, can be found here:
    https://www.bkms-system.net/bkwebanon/report/channels?id=bkarta&language=ger

    The online procedure can be found under the following:
    https://www.bundeskartellamt.de/DE/Kartellverbot/Hinweise_auf_Verstoesse/Hinweise_node.html;jsessionid=6C027096AE96D7C61C42A5EC4BFE49FC.2_cid508
     
  3. Europäisches Amt für Betrugsbekämpfung
    [European Anti-Fraud Office]

    Furthermore, whistleblowers can – anonymously if desired – report possible cases of fraud or other serious irregularities with potentially negative consequences to the detriment of EU funds to the European Anti-Fraud Office (OLAF).

    European Commission
    European Anit-Fraud Office (OLAF)
    1049 Brussels

    Information on the reporting procedure at the European Anti-Fraud Office, to which reference is made in accordance with Section 24 Paragraph 4 Sentence 1, 2 HinSchG, as well as the online reporting procedure can be found here: https://anti-fraud.ec.europa.eu/index_de