Whistleblower protection

Click here for the registration portal

...or use the telephone reporting channel:

Whistleblower Protection Act

The new “Whistleblower Protection Act”, HinSchG for short, came into force on July 2, 2023. This law, also known as the Whistleblower Protection Act, was passed with the aim of protecting whistleblowers from reprisals if they disclose wrongdoing in companies.
With regard to this legal obligation, SAT Anlagentechnik GmbH has set up a whistleblower system that offers all employees, business partners and customers the opportunity to report possible legal violations or other damaging actions confidentially and, if necessary, anonymously.

Which violations can be reported?

The scope of the Act includes the communication of information to so-called reporting offices (reporting) and the disclosure of information about violations to the public (disclosure):

  • violations punishable by law,
  • violations subject to fines, insofar as the violated regulation serves to protect life, limb or health or to protect the rights of employees or their representative bodies,
  • other violations of federal, state and EU regulations, among others:
    – to combat money laundering and terrorism,
    – with specifications for product safety and conformity,
    – with specifications for environmental protection,
    – on food and feed safety,
    – on the regulation of consumer rights and consumer protection,
    – on the protection of personal data within the scope of the GDPR,
    – to regulate the rights of shareholders of stock corporations,
    – on the audit of public interest entities in accordance with section 316a sentence 2 HGB,
    – on accounting, including the accounting of capital market-oriented companies, within the meaning of Section 264d HGB,
  • Violations of tax laws applicable to corporations and commercial partnerships,
  • Violations in the form of agreements aimed at creating a tax advantage that is “contrary to the objective or purpose of the tax law applicable to corporations and partnerships”.

Which reporting offices are available?

You have the option of reporting violations in writing (via the portal) and by telephone. Anonymous reports are possible.

Reporting portal:

Detailed information on data protection can be found on the website of the portal.

By telephone:
You also have the option of contacting us by telephone.

You can reach our voice channel at
0431 301400603

The messages are automatically entered in our information portal.
The internal reporting office will confirm your report within seven days. In the case of delivery on weekends, Sundays and public holidays, the notification is deemed to have been received on the next working day. Within three months, the internal reporting office will inform you of the measures taken, such as the initiation of internal investigations, the forwarding of the report to a competent law enforcement authority, possible measures to remedy the problem, the closure of the procedure due to lack of evidence or for other reasons.

External reporting office:
External Reporting Office of the Confederation at the Federal Office of Justice

What is the general procedure for reporting?

  • Confirmation of receipt to the person providing the information after seven days at the latest;
  • Examination of whether the reported violation falls within the material scope of § 2 HinSchG;
  • Maintain contact with the person providing the information and request further information if necessary;
  • Check the validity of the notification received;
  • take appropriate follow-up measures;
  • Feedback to the whistleblower within three months of confirmation of receipt of the report;
  • the feedback should include notification of planned and already taken follow-up measures as well as the reasons for these, provided that this does not affect internal inquiries or investigations and the rights of the persons who are the subject of a notification or who are named in the notification are not impaired;
  • the information must be documented in compliance with the confidentiality requirement. This documentation must be deleted three years after the end of the procedure, provided that it is necessary and proportionate to store the documentation for longer in order to process the notification or in accordance with other legal provisions.

How is my data protected?

The internal reporting office processes personal data – including their exchange or transfer – in accordance with Regulation (EU) 2016/679 and Directive (EU) 2016/680 as well as national data protection law. Express reference is made to § 10 HinSchG.

The internal reporting office treats the identity of the whistleblower confidentially. The identity of the whistleblower may only be disclosed to the employees entrusted with the tasks of the internal reporting office and the persons supporting them in the fulfillment of these tasks without their express consent. This also applies to all other information from which the identity of the person making the reference can be derived directly or indirectly.

The identity may only be disclosed if an exceptional circumstance within the meaning of § 9 HinSchG exists. Disclosure of the identity of the whistleblower is therefore not completely excluded (see Art. 13 et seq. of the General Data Protection Regulation – GDPR).
The whistleblower shall be informed before his/her identity is revealed, unless such information would jeopardize the relevant investigations or legal proceedings.
As part of the notification, a written explanation of the reasons for the disclosure of the confidential data in question will be sent to the whistleblower.

The internal reporting office protects the identity of third parties mentioned in the reports and the identity of the persons concerned in the same way. Information on persons who are the subject of a notification and on other persons named in the notification may only be disclosed in the cases set out in Section 9 para. 4 HinSchG to the competent authority.

The internal reporting office takes appropriate organizational, spatial and technical measures to ensure that third parties cannot access the files and documents of the reporting office.