Skip to main content

Ethical channel


This policy is applicable to UNIVERGY INTERNATIONAL S.L. with CIF B34260364 and registered office at C/ Serrano, nº41, 3º D, 28001, Madrid; and its objective is to establish an internal channel for the reporting of possible regulatory breaches, infringement of internal and/or ethical policies and to establish a whistleblower protection regime, in compliance with Law 2/2023, of 20 February, regulating the protection of persons who report regulatory breaches and the fight against corruption.

This Channel is a mechanism that allows company employees, and other interested parties, to report any type of illegal conduct or conduct contrary to our values and ethical principles, without fear of reprisals, strengthening the culture of information, the integrity infrastructures of organisations and the promotion of the culture of information or communication as a mechanism to prevent and detect threats to the public interest. In this way, we seek to promote a culture of transparency, integrity and accountability in our organisation, while protecting those employees who choose to report in good faith.


The whistle-blowing channel is the preferred channel for reporting planned actions or omissions, provided that the infringement can be dealt with effectively and if the whistle-blower considers that there is no risk of reprisals.

The whistleblowing channel is managed by the Channel’s internal system manager, with different managers depending on the scope of the information received.

The system manager will be responsible for:

  • Receiving, registering and managing the complaints received through the whistleblowing channel.
  • Designation of the person or team in charge of investigating the complaints received.
  • Ensuring the protection of whistleblowers and the confidentiality of the complaints received.
  • Assessing the veracity and credibility of the reports received.
  • Decision-making on appropriate action based on the results of the investigation.
  • Monitoring and periodic review of the complaint management process and internal company policy.
  • Reporting and recommendations to senior management on complaints received and actions taken.

Whistleblowers within the scope of the law can make their complaints through the following means:


  • Postal shipment addressed to UNIVERGY INTERNATIONAL S.L., Attn: Internal Information System Responsible. at 41, Serrano Street, Floor 3, Madrid, 28001.
  • Request for in-person meeting addressed to the Internal Information System Responsible.



The channel may be used by:

  1. Persons with the status of employees or workers employed by others.
  2. Self-employed collaborators (freelancers).
  3. Shareholders, participants and persons belonging to the administrative, management or supervisory body of the company, including non-executive members.
  4. Any person working for or under the supervision and direction of contractors, subcontractors and suppliers.
  5. Whistleblowers who communicate or publicly disclose information about wrongdoing obtained in the context of an employment or statutory relationship that has already ended, volunteers, trainees, trainees in training, whether or not they receive remuneration, as well as those whose employment relationship has not yet begun, in cases where the information about wrongdoing was obtained during the recruitment process or pre-contractual negotiation.

It is important to note that reports made through the whistleblowing channel must be made in good faith, i.e. they must be supported by evidence and concrete facts.


The channel will only be used to warn the company of the following issues:

A) Any acts or omissions that may constitute breaches of European Union law provided that:

1.º They fall within the scope of application of the European Union acts listed in the Annex to Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons reporting breaches of Union law, irrespective of the classification of the same by the internal legal system;

2. They affect the financial interests of the European Union, as referred to in Article 325 of the Treaty on the Functioning of the European Union (TFEU); or

3. Affect the internal market, as referred to in Article 26(2) TFEU, including infringements of EU competition rules and aid granted by States, as well as infringements relating to the internal market in relation to acts in breach of corporate tax rules or practices aimed at obtaining a tax advantage that would defeat the object or purpose of the corporate tax legislation.

B) Actions or omissions that may constitute a serious or very serious criminal or serious or very serious administrative offences*.

*In any case, all serious or very serious criminal or administrative offences involving financial loss for the Public Treasury and for Social Security will be understood to be included.

The informant must provide, as a minimum, a reference to the subjective scope of the offence (subject matter or legislation infringed: European Union law; criminal offence; or administrative offence); and a description of the facts reported (relevant information on what happened), in as much detail as possible, attaching any documentation that may be available, if appropriate.

You may also provide your name and surname, and a contact telephone number, if you do not choose to make this communication anonymously.

If you know the identity of the person responsible for the reported irregularity, or if you have brought these facts to the attention of another body or entity through some external channel, you may also provide this information.


The company undertakes to investigate all reports of possible breaches or non-compliance received through the whistleblowing channel.

The company will designate a person or team to be responsible for the information system or complaints channel in charge of receiving, recording and managing the complaints received through the complaints channel.

The person in charge of the system shall carry out his or her functions independently and autonomously from the rest of the bodies of the entity or organisation, may not receive instructions of any kind in the exercise thereof, and shall have all the personal and material means necessary to carry them out.

All complaints shall be investigated impartially and confidentially with appropriate measures shall be taken depending on the results of the investigation for the protection of the whistleblower.

The company undertakes to inform the whistleblower about the status of the investigation and the measures taken, whenever possible and without compromising the confidentiality and protection of the whistleblower, and may request additional information to the facts reported through the channel.

At the whistleblower’s request, a face-to-face meeting may also be held within a maximum period of seven days in order to make a communication. Such a meeting shall be recorded in accordance with the terms laid down by law. Without prejudice to his or her rights under data protection regulations, the reporting person will be given the opportunity to verify, rectify and agree by signing the transcript of the conversation.

In addition, the company undertakes to monitor all reports received and actions taken to ensure the effectiveness of this policy and to continuously improve the process.

Communications through the reporting system may be anonymous.

Communications received will be accepted within a maximum period of 7 days and managed for a maximum period of 3 months, except in cases of particular complexity that require an extension of the period, in which case, this may be extended for a maximum of a further three months.

Any information shall be immediately forwarded to the Public Prosecutor’s Office when the facts may be indicative of a criminal offence. If the facts affect the financial interests of the European Union, it will be referred to the European Public Prosecutor’s Office.

In addition to this Internal Channel, there are other external channels set up by the competent authorities to report actions or omissions that may constitute infringements in the aforementioned areas. These channels include:

State or Autonomous Community channels:

  • National Anti-Fraud Coordination Service.
  • Public Prosecutor’s Office against Corruption and Organised Crime.
  • National Police.
  • Independent Whistleblower Protection Authority*:

*Law 2/2023 establishes the specific creation of this external information channel, and the appointment of an Independent Authority for the Protection of Whistleblowers. The aforementioned persons (“whistleblowers”) may report to this Authority, or to the corresponding regional authorities or bodies, the commission of any of the actions or omissions listed in the “communications” section, either directly, or after having made said report through this Internal Information Channel. (ACCESS INFORMATION TO THIS EXTERNAL CHANNEL NOT YET AVAILABLE)

European Channels

  • European Anti-Fraud Office (OLAF)


The Company is committed to protecting persons who report violations or breaches in accordance with Law 2/2023.

Persons who report or disclose violations are entitled to protection from retaliation provided that the following circumstances apply:

  1. They have reasonable grounds to believe that the information referred to is true at the time of the communication or disclosure, even if they do not provide conclusive evidence, and that the information falls within the scope of the law.
  2. The communication or disclosure has been made in accordance with the requirements of the law.

Acts constituting retaliation, including threats of retaliation and attempts to retaliate against persons making a communication as required by law, are expressly prohibited.

Retaliation means any act or omission that is prohibited by law, or that directly or indirectly results in unfavourable treatment that places the persons subjected to it at a particular disadvantage compared to another person in the employment or professional context, solely because of their status as whistleblowers, or because they have made a public disclosure.

By way of example, reprisals take the form of:

a) Suspension of the employment contract, dismissal or termination of the employment or statutory relationship, including non-renewal or early termination of a temporary employment contract after the probationary period, or early termination or cancellation of contracts for goods or services, imposition of any disciplinary measure, demotion or denial of promotion and any other substantial modification of working conditions and failure to convert a temporary employment contract into a permanent one, where the employee had legitimate expectations that he/she would be offered a permanent job; unless these measures were carried out in the regular exercise of managerial authority under the relevant labour or public employee statute legislation, due to circumstances, facts or proven breaches, unrelated to the submission of the communication.

b) Damages, including reputational damage, or financial loss, coercion, intimidation, harassment or ostracism.

c) Negative evaluation or references regarding job or professional performance.

d) Blacklisting or dissemination of information in a particular sectoral area, which hinders or prevents access to employment or the contracting of works or services.

e) Refusal or cancellation of a licence or permit.

f) Refusal of training.

g) Discrimination, or unfavourable or unfair treatment.

A person whose rights have been harmed as a result of its communication or disclosure after the expiry of the two-year period may request protection from the competent authority, which may, exceptionally and in a justified manner, extend the period of protection, after hearing the persons or bodies likely to be affected. Reasons shall be given for any refusal to extend the period of protection.

Administrative actions aimed at preventing or hindering the submission of communications and disclosures, as well as those that constitute reprisals or cause discrimination following the submission of such communications and disclosures under this Act, shall be null and void and shall give rise, where appropriate, to corrective disciplinary or liability measures, which may include the corresponding compensation for damages to the injured party.

During the processing of the file, the persons affected by the communication shall have the right to the presumption of innocence, the right of defence and the right of access to the file under the terms regulated in this law, as well as the same protection established for informants, preserving their identity and guaranteeing the confidentiality of the facts and data of the procedure.

The Independent Authority for the Protection of the Informant, A.A.I. may, within the framework of the sanctioning procedures that it conducts, adopt provisional measures under the terms established in article 56 of Law 39/2015, of 1 October, on the Common Administrative Procedure of Public Administrations.

Expressly excluded from the protection provided for in the law are those persons who communicate or disclose:

  1. Information contained in communications that have been inadmissible by any internal information channel or for any of the causes provided for in the law.
  2. Information linked to complaints about interpersonal conflicts or affecting only the informant and the persons to whom the communication or disclosure refers.
  3. Information which is already fully available to the public or which constitutes mere hearsay.
  4. Information which relates to acts or omissions outside the scope of the law.


The personal data processed, the documents provided and any other information provided in the complaint that contains personal information will be treated confidentially by those responsible for the complaints channel in order to comply with the obligation to investigate and handle the complaint submitted and to comply with the legal obligations set out in Law 2/2023 of 20 February on the protection of persons who report breaches of the law and the fight against corruption.

Personal data shall not be collected if it is manifestly not relevant to the processing of specific information or, if collected by accident, shall be deleted without undue delay.

The processing of personal data will be carried out in compliance with Law 2/2023, of 20 February, regulating the protection of persons who report regulatory infringements and the fight against corruption, with Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016, Organic Law 3/2018 of 5 December 2018 on the protection of personal data and guarantee of digital rights and Organic Law 7/2021 of 26 May on the protection of personal data processed for the purposes of the prevention, detection, investigation and prosecution of criminal offences and the execution of criminal penalties.

Access to personal data contained in the internal information system shall be limited to:

a) The System Manager and whoever directly manages the system.

b) The Head of Human Resources or the duly designated competent body, only when disciplinary measures may be taken against an employee.

c) The person in charge of the legal services of the entity or body, if legal measures should be taken in relation to the facts described in the communication.

d) The persons in charge of the processing that may be appointed.>

e) The data protection officer. The data may be brought to the attention of the Legal Department, Lawyers, Judicial Bodies and State Security Forces and Corps in the event that any of the information received is likely to be considered a crime or legal infringement of any kind.

Legal basis for processing: The processing of personal data, in cases of internal communication, shall be deemed lawful under the provisions of articles 6.1.c) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, 8 of Organic Law 3/2018 of 5 December and 11 of Organic Law 7/2021 of 26 May, when, in accordance with the provisions of articles 10 and 13 of the law, it is mandatory to have an internal information system. If it is not mandatory, the processing shall be presumed to be covered by Article 6.1.e) of the aforementioned regulation. The processing of personal data in the event of external communication channels shall be deemed lawful pursuant to the provisions of articles 6.1.c) of Regulation (EU) 2016/679, 8 of Organic Law 3/2018, of 5 December, and 11 of Organic Law 7/2021, of 26 May.

Rights of the data subject: access, rectification, deletion, limitation, portability and opposition, free of charge by email to: in the cases provided for by law.

Retention: The data will be kept for the legal period established for the processing of the file and for the time necessary for the exercise of legal actions or if it were necessary to leave evidence of the management of the channel. The interested party has the right to submit a complaint to the AEPD at to request the protection of his or her rights.


The company will conduct regular trainings and awareness-raising campaigns to foster a culture of integrity and transparency, and to inform employees and other stakeholders about the whistleblowing channel.

The company will also provide information on the rights and protections afforded to whistleblowers under Law 2/2023.

The company is committed to disseminating this policy to all employees and stakeholders, and to updating it regularly to ensure compliance with applicable laws and regulations.

On 28 September 2023.