WHISTLEBLOWING POLICY
At Latsco we are committed to conducting business with the highest standards of ethics and professional integrity. Doing what is right, can only be possible by creating a culture of integrity that empowers a shared commitment to our values and ethical principles. Therefore, we have adopted a coherent Code of Conduct and Ethics which serves as a guide of the desired behaviours and ethical standards, articulates the values and ethos of our company and links them to clear standards of professional conduct.
We value our employees’ input, and we thus encourage them to report concerns or complaints as explained in the compliance & reporting mechanisms in the Code of Conduct and Ethics.
In line with our Code of Conduct and Ethics, the Whistleblowing Policy (the “Policy”) sets the framework through which companies of Latsco’s ecosystem (“Latsco” or “the Company”), handle reports for irregularities, omissions or offences in the conduct of Latsco’s business.
If the whistleblower is by definition an external party, of if any employee prefers not to raise an issue through the regular reporting channels, the Latsco Whistleblowing Policy sets out a procedure to report through a dedicated impartially operated system (Whistleblowing system).
The system is managed by an independent law firm to safeguard the process from conflicts of interest and ensure confidentiality.
Latsco Whistleblowing Policy
1. INTRODUCTION
In line with our Code of Conduct and Ethics, the Whistleblowing Policy (the “Policy”) sets the framework through which companies of Latsco’s ecosystem (“Latsco” or “the Company”), handle reports for irregularities, omissions or offences in the conduct of Latsco’s business or breaches of the internal policies. This Policy is in compliance with the applicable national and international whistleblower protection legislation.
This Policy applies to our employees (irrespectively of their working relationship with the Company), as well as to customers, contractors, suppliers, or other stakeholders associated with Latsco in any way, who may report a violation of the law (collectively the “Whistleblower(s)”).
Our employees are encouraged to primarily report day-to-day issues or potential violations of the Code of Conduct and Ethics through the regular reporting channels under the Code of Conduct and Ethics (i.e., their direct / line manager, HR Department or the CEO). At Latsco, we aspire to ensure the highest level of safety, trust, and transparency for all our people. The Company will ensure that all reports are taken seriously, treated in confidence and will proceed with the appropriate investigation and corrective actions as required. All individuals who raise a concern in good faith are protected from any form of retaliation as a result of such disclosure. This Policy will contribute to the early identification of risks and to the timely adoption of the appropriate response where needed.
2. WHAT TO REPORT
Reports shall be submitted in good faith and upon reasonable belief of actual or potential illegal actions, offenses and breaches of the legislation, or of the Code of Conduct and Ethics, or of other internal policies and procedures. Cases that could be reported by Whistleblowers may refer to:
- Bribery
- Corruption
- Environmental protection
- Fraud
- Money laundering
- Procurement fraud
- Protection of personal data
- Terrorism
- Theft
- Violations of EU law
3. HOW TO MAKE A REPORT
To make a report, you can access the Latsco whistleblowing system which is available 24 hours a day/seven days a week:
https://whistleblowersoftware.com/secure/
Your report will be handled through the dedicated system, which is hosted by an external provider and operated in a secure manner, with the highest technical standards, that ensure confidentiality and prevent access to unauthorized parties.
Latsco is committed to the principle of accountability and thus we encourage anybody who wishes to share its concerns in good faith to be open with its identity, although anonymous reports are not forbidden in principle. Please do bear in mind that, with an anonymous report, it might be more difficult to establish a case, collect information and perform the much-needed follow-ups.
After the report’s submission, the Whistleblower will receive a personal password that should be kept securely. The Whistleblower will use it to log into the channel, edit or supplement its report through the system directly, read any feedback or follow-up on questions and reply to them. The Whistleblower may also choose to revoke the report from the system at any time. The Whistleblower may also, optionally, provide its email address. The only use of the email address is to notify the Whistleblower when relevant changes to its case are made, such as receiving a message or if the status of the case is updated. If the Whistleblower chooses not to enter an email address, it must check its case regularly for updates and messages to help in resolving the issue.
To help us effectively address every report, Whistleblowers are requested to provide information, facts, evidence, and any other known detail about the events reported in the most concrete manner possible, to facilitate the assessment and investigation. Lack of information could be the reason for deciding not to proceed with an Investigation and/or to conclude the case on the ground of no factual basis or that the report is otherwise unfounded.
4. POSSIBLE OUTCOMES
A Whistleblowing team will investigate the report, guaranteeing the avoidance of any conflict of interest. Upon completion of the case investigation, or if the report has been found inadmissible before the investigation, the Whistleblower will be informed of the decision taken on its report. Feedback to the Whistleblower will be provided no later than three (3) months from the acknowledgement of receipt of its report. If the investigation is still ongoing by the end of the above-mentioned three-month period, the Whistleblower must be informed on the progress of the investigation process.
In case the Whistleblowing team does not find allegations against the Reported person(s) having legitimate grounds, it may close the case with a reasonable justification. In case the allegations are valid, the Whistleblowing team shall propose measures/actions. Appropriate remedial action may vary from informal warnings, formal warnings to the suspension or termination of contractual relationship in serious violations. In any case, the Company reserves all its legal rights to pursue legal claims and proceed with judiciary remedies in cases the Company has in any way incurred damage from the acts or omissions of the Reported Person.
5. PERSONAL DATA PROTECTION
Since the filing of a report, the Whistleblowing team anticipates acquiring personal data, which may come from the report itself or from subsequent communications with the Whistleblower.
Any personal data are protected and processed solely in the context of preventing, detecting or investigating irregular, unethical, illegal or criminal conduct, always in accordance with relevant national and European legal framework at the time applicable for the protection of personal data and in compliance with the internal Privacy Policy.
It is strongly recommended that Whistleblowers refrain from including special categories of personal data about themselves or the Reported person(s) unless such inclusion is essential to support the allegation. Special categories of personal data encompass information that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for unique identification, health-related information, or details about a person's sex life or sexual orientation.
Legal bases & Lawful Purpose of processing
If the report is covered by the scope of Greek Law 4990/2022, the legal basis for the processing of any categories of personal data with regards to that report is:
a) art.15 of the said Law and the legal obligation of Latsco to comply with the said legislation and
b) in other cases, the processing of personal data in respect of any potential/actual violation is based on Latsco’s legitimate interest to investigate a relevant matter according to art. 6(1)(f) of the GDPR.
If in exceptional cases, special categories of personal data are processed, the legal basis for the processing of such personal data will be Article 9(2)(f) or (g) of the GDPR, depending on the case.
Recipients of personal data
The personal data within a report may be shared for investigative purposes only with persons involved in the management and investigation of the report and only on a need-to-know basis.
If corrective measures shall apply, personal data may also be shared with the pertinent entities within the Latsco ecosystem, public authorities, judicial or administrative. Such disclosure will be executed in accordance with the relevant data protection legal framework.
In case personal data are transferred to a Latsco ecosystem entity outside the EEA, the Company ensures that the said transfer will be in compliance with the GDPR.
Retention of records & Reporting
Reports, investigation reports and relevant documentation thereof will be retained as long as it is necessary and proportionate for the purpose of investigating a certain report and providing feedback, of for the purpose of complying with the appropriate legislation, and to support potential legal claims and judicial proceedings.
Once the necessary and proportionate period has passed and the above-mentioned purposes are no longer served, personal data collected regarding the said report will be deleted or permanently anonymized within sixty (60) days. This will be the case also if a report does not fall under the scope of this Policy or obviously unfounded.
Technical Measures & Data subject rights
Latsco has taken all necessary and adequate technical and organizational measures to protect the personal data of Whistleblowers (including its anonymity) and other persons contained in the relevant reports. Any messages or information shared via the system are also encrypted and access to the system on both sides is password-protected.
If a Whistleblower wishes to exercise any of its rights under the applicable data protection legal framework, it shall contact the Data Protection Officer (email: dpo@latsco.com)
In these unprecedented and challenging times which we all facing together, we at Latsco remain focused on our commitment to preserve the health and safety of all as we treat with responsibility the relevant concerns of the shipping industry.
We are incredibly proud of our seafarers who continue to gain both our clients’ and our respect and who remain on the front line of this global pandemic by continuing to operate our fleet vessels tirelessly and professionally and in line with our highest health, safety, environmental and quality standards, thus contributing towards global trade not being interrupted and the vital effort to keep goods being delivered to people across the world.
It is our duty to thank each and every one of our seafarers and their families for their efforts during this unique period.
Thank you to all and please continue to remain safe, you have our full support as always.
WEBSITE PRIVACY NOTICE
Latsco Group acknowledges and respects the importance of privacy of your personal data. This Privacy Notice outlines the principles relevant to the processing of your personal data, in compliance with applicable Personal Data Protection regulatory framework and our corporate Data Protection Policy.
Principles set out in this Privacy Notice are followed by all companies of Latsco Group. For the purpose of this notice, Latsco Group means Latsco Shipping Limited, Latsco (London) Limited, Latsco Marine Management Inc., their subsidiaries and branches, respectively. When we mention in the Website the "Company", "we", "us" or "our", we are referring to the relevant company in the Group responsible for processing your data.
Scope
This data protection statement applies to the following website:
- www.latsco.com
Our website is an information gateway to obtain first-hand information for Latsco Group , the services offered by it, and its fleet.
We may link to third-party websites, to which different privacy statements and terms of use may apply. These are outside of our sphere of control and none of Latsco Group companies is responsible for third party websites and privacy policies.
Data Controller
Latsco Shipping Limited, a company incorporated in Bermuda with its branch office at 7 Rue du Gabian, 98000 Monaco, is the data controller within the meaning of the GDPR, and responsible for this website.
Privacy Officer
For any query or request related to the processing of your personal data you may contact our assigned Privacy Officer:
- by sending an email at po@latsco.com, or
- by postal mail to the attention of "Privacy Officer, Latsco Marine Marine Management Inc., 4 XENIAS Str., 145-62, Kifisia-Kefalari Greece".
Information we may collect and purpose of processing
Personal data is all information that can be attributed to a specific person (e.g., name, address, telephone number, e-mail address). You can visit and use our website services without having to register or identify yourself. However, when you use our websites services, we process certain categories of personal data either based on your consent or for the protection of our legitimate interests to ensure the functionality, security and optimisation of our website services. In all cases, the lawfulness of processing is ensured in accordance with the GDPR.
|
Categories of personal data |
Why and how do we collect the personal data? |
Legal basis for processing your personal data |
|---|---|---|
|
Information regarding the website use e.g. your IP address, browser type, from which website you were redirected to our website, as well as details of your operating system, date and duration of your visit and information on the use of our services, such as viewed pages, and click behaviour. |
User information is collected automatically when you navigate to and on our website. Collection of these data is required to ensure the smooth operation of our website(s) and to be able to create a good user experience. Your data will be used, processed and used as well as stored for a limited period of time and, subject to the further descriptions in this Data Protection Statement, do not allow us to infer any natural person. Storage of your IP address is necessary to help us timely detect -and properly respond to- potential cybersecurity attacks, thus safeguarding our legitimate interest in terms of security. |
We process this information based on your consent, which we ask you to provide when entering our website. |
|
Your communications with us For example, your name, surname, contact details, emails, and letters. |
When contacting any company of Latsco Group or are contacted by any company of Latsco Group. Communication details and data collected during the communication are deleted when no longer required. Retention period is determined per case, depending on statutory requirements that may apply. |
We base the processing on our legitimate interest to process the contact request in the most satisfactory and efficient manner. |
|
Personal and biographical information provided on your Curriculum Vitae (CV). Name, surname, contact details and biographical information provided on your CV. CV may sometimes include photographs. |
When submitting your CV through our Careers website section. When you register your CV and Application Form, it will be made available to our Human Resources department and prospective employers in connection with the recruitment process. Personal data channelled through our online CV submission platform are processed in strict accordance with our corporate privacy and data protection policy and are kept for a maximum retention period of two (2) years, subject to any request by you for earlier deletion. |
We base the processing on your documented consent, which we ask you to provide before submitting your CV through our online application form in the Careers section. |
Third party processing
Personal data obtained through our website may be processed by our business partners who are committed to adhere to the strictest data privacy standards in accordance with the GDPR. Where needed, we maintain appropriate data processing agreements or terms with such partners to ensure that any personal data transfers are in compliance with GDPR requirements and based on relevant adequacy decisions of the European Commission or appropriate guarantees.
Transfer of personal data
We share your personal data with competent authorities and Latsco Group companies, following your consent and in relevance with the scope of each processing activity.
Data Security
Every effort is made to protect your personal data when you provide your information through our website. Our website has a valid trusted certificate in place and all information you provide to us is stored on secure servers. The information you transmit is encrypted using SSL technology. This is indicated by the fact that a key or lock symbol is displayed in the top address bar of your browser, which is marked with a key symbol.
Latsco Group is committed to safeguard your data integrity and confidentiality whilst at our disposal, by adopting appropriate technical and organisational security measures to prevent accidental or intentional manipulation, partial or total loss, destruction or unauthorised access by third parties as far as possible.
Cookies
Cookies are small text files that are automatically downloaded to our device as you browse the web. These harmless bits of text are locally stored on your device and you can easily view or delete them. In general, cookies may serve a variety of purposes, such as improving your site experience, providing insight on your activity and preferences, or even securing a website.
1. How we use Cookies
We use cookies onto our website to provide, protect, and improve our services, such as understanding user behaviour, and providing a swift and safer browsing experience. You can remove or reject cookies using your browser or device settings, but in some cases doing so may affect your ability to use our services.
2. Types of Cookies used on our website
Session Cookies: To provide you with core services of our website, these cookies are absolutely necessary for the provision of the online service you requested. When you visit our website, session cookies occur. The information collected through these cookies is not used for marketing purposes.
Performance & Analytical Cookies (Statistics): This type of cookies collects anonymous information on how visitors use the site, which enables us to improve how the site performs. We utilise Google Analytics cookies to help us understand how you arrived at our site, and highlight areas where we can improve, such as the website’s response time, retrieval of information, etc. The data stored by these cookies does not show personal details from which your individual identity can be identified.
3. List of Cookies used on our website
|
Cookie Name |
Purpose |
Type |
Storage |
Expiration |
|---|---|---|---|---|
|
showCookiesMsg |
Used to your cookie consent state for our domain. |
Technical |
Optional |
1 month |
|
laravel_session |
Used to create a session ID for the user, so that the system itself can identify you as a unique and individual user, distinct from anyone else looking at the website. |
Session |
Necessary |
Session |
|
XSRF-TOKEN |
Used to enhance security of our Services and prevent repeated attempts as intrusions of our Services |
Technical |
Necessary |
Session |
|
_ga |
Registers a unique ID that is used to generate statistical data on how the visitor uses the website. |
Third-party (Google Tag Manager Google) |
Optional |
2 years |
|
_gid |
Registers a unique ID that is used to generate statistical data on how the visitor uses the website. |
Third-party (Google Tag Manager Google) |
Optional |
24 hours |
4. Controlling and Opting-In and Out of Cookies
By continuing to use our website, you accept the use of Cookies marked as Necessary, as they are required in order for our website to function properly. Storage of Cookies marked as Optional is controlled by you and depends on whether or not you give consent for such cookies to be placed and read out on the website by checking the respective box in the pop-up.
You have the option to prevent the storage of Cookies on your devices. The procedure for managing Cookies and Cookie preferences is different for each browser. In most browsers the option to disable Cookies can be found under the Settings (or Tools) menu in Privacy options. For detailed instructions, check the support website for your browser. You can check the steps for managing cookies in your particular browser’s help menu.
Complaints
If you wish to file a complaint on how we handled your personal data, you may contact our Privacy Officer who will investigate the matter. If you are not satisfied with our response or you believe we are not processing your personal data in accordance with the applicable law, you have the right to lodge a complaint to the Hellenic Data Protection Authority (http://www.dpa.gr).
THIS WEBSITE USES COOKIES
We use cookies for two reasons. First, we use cookies that are strictly necessary for the operation and security of the website and second, we use cookies to identify you and analyze our traffic provided that you have given your permission by checking the box “Statistics”.
Necessary cookies are used to provide and protect our services while providing a swift and safer browsing experience by enabling basic functions like page navigation. The website cannot function properly without these cookies.
| COOKIE NAME | PURPOSE | TYPE | STORAGE | EXPIRATION |
|---|---|---|---|---|
| showCookiesMsg | Used to your cookie consent state for our domain. | Technical | Optional | 1 month |
| laravel_session | Used to create a session ID for the user, so that the system itself can identify you as a unique and individual user, distinct from anyone else looking at the website. | Session | Necessary | Session |
| XSRF-TOKEN | Used to enhance security of our Services and prevent repeated attempts as intrusions of our Services | Technical | Necessary | Session |
Statistics cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
| COOKIE NAME | PURPOSE | TYPE | STORAGE | EXPIRATION |
|---|---|---|---|---|
| _ga | Registers a unique ID that is used to generate statistical data on how the visitor uses the website. | Third-party (Google Tag Manager Google) | Optional | 2 years |
| _gid | Registers a unique ID that is used to generate statistical data on how the visitor uses the website. | Third-party (Google Tag Manager Google) | Optional | 24 hours |
Cookies are small text files that are automatically downloaded to your device as you browse the website. These harmless bits of text are locally stored on your device and you can easily view them or delete them.
Under applicable law, we can store cookies on your device only if they are strictly necessary for the operation of this site (Art. 5(3) of the Directive 2002/58/EC, known also as the ePrivacy Directive). For all other types of cookies we need your permission.
By continuing to browse our website, you accept the use of Cookies marked as Necessary, as they are required in order for our website to function properly. Storage of Cookies marked as Optional is controlled by you and depends on whether you approve our Cookie Policy or not.
If you have agreed on the storage of Optional Cookies or if you want to prevent even the storage of Necessary Cookies on your device, please note that you have at any time the option to withdraw your consent or disable cookies respectively. In most browsers, such option can be found under the Settings (or Tools) menu in Privacy options. For detailed instructions, check the support website for your browser.
Learn more about who we are, how you can contact us and how we process personal data in our .