Amusnet Logo

Please confirm that you are 18 or older before entering this site:

Whistleblowing Notice

1. GENERAL

1.1. The present Whistleblower Notice ("Notice") is intended to provide you with clear and easily accessible information about the terms and conditions for reporting a breach through an internal channel of Amusnet Interactive Ltd, UIC 203773449, with its registered office and registered address at Garitage Park, Building No. 4, Floor 2, ul. "2, Donka Ushlinova Str. Sofia 1766 (the "Company"), pursuant to the Whistleblower Protection Law (the "Law").

 

2. WHAT BREACHES CAN YOU REPORT?

2.1. You may report breaches of Bulgarian or European Union law in the following areas:

The full list of areas regarding breaching reports and public disclosures by Whistleblowers can be consulted in Art. 3 of the Law.

 

3. WHO CAN SUBMIT A REPORT?

3.1. A natural person may submit reports and/or publicly disclose information about breaches known to him/her in his/her capacity as:

3.2. Protection shall be granted to:

3.3. In the event that whistleblowing is credible and justified, the protection under the Law shall be available to you from the time of the report or public disclosure of information about a breach.

 

4. WHAT ARE THE CONDITIONS TO GET PROTECTION?

4.1. You have the right to a defence provided that you:

4.2. You will not be prosecuted or protected in respect of anonymous reporting (unless you have been subsequently identified) and reporting relating to breaches that occurred more than two years ago.

 

5. HOW AND WHERE CAN YOU REPORT A BREACH? WHAT SHOULD THE REPORT CONTAIN?

5.1. In the event that you wish to report breaches referred to in section 2 and if there is reasonable cause to believe that the information is correct, you may do so by one of the following means:

5.2. If an oral report is made, we will record it on a form which you will be asked to sign if you wish.

5.3. The report must contain at least: three names, address and telephone number of the sender, e-mail address (if available), names of the person against whom the report is made (where the report is made against specific persons and they are known), specific details of the offence or of a real risk of such an offence being committed, place and period of the offence, if any, description of the offence or the situation and other circumstances as far as such are known to the Whistleblower, date and signature.

5.4. We will take immediate action to ensure your confidentiality.

5.5. In addition, you also have the right to report to an external channel, namely the Commission for Personal Data Protection https://www.cpdp.bg, and the right to publicly disclose the information, in accordance with the Law.

 

6. WHAT CAN I EXPECT AFTER I REPORT A BREACH?

6.1. Once you have reported a breach, we will check whether it is credible and, if so, we will register it and notify you within 7 days of receiving the report. After registering the report, we will take the necessary follow-up action to uncover the objective truth and gather all necessary evidence, including from the parties concerned and the person against whom the report has been made, while respecting the confidentiality and privacy of your personal data.

6.2. If, on examining the validity of the report, we establish that it does not fall within the scope of the Law or is not made by a person with any of the capacities listed under 3.1, we will cease the examination and will notify you of the decision and the basis on which it was made.

6.3. If necessary, we may contact you for further information and documentation.

6.4. In the event that there is a reasonable belief that there is a risk of retaliatory, discriminatory action, and that effective measures will not be taken to verify the reported information, the breach may be communicated through an external submission channel, namely to the Commission for Personal Data Protection.

6.5. Once we have produced a written report and before 3 months have elapsed since the whistleblowing, we will contact you to provide feedback.

6.6. Where the breach is minor and does not warrant further follow-up action and in the case of a repeated report that does not contain new information relevant to the breach, the file on your report may be closed.

6.7. If, after receiving the report, we determine that it relates to the activities of another legal entity that is subject to the requirements of the Law, we will forward the report to the internal channel of this entity and notify you of the action and the basis on which it was taken.

6.8 The Company shall consider all whistleblowing reports in accordance with the principles of confidentiality, impartiality, fairness, independence and absence of conflict of interest.

6.9 The Company shall ensure that Whistleblowers are protected from retaliatory actions that disadvantage them and shall not allow such actions to take place within its organisation.

 

7. YOUR LIABILITY

7.1. The reporting of breaches or public disclosure of false information shall be liable for administrative penalties under Article 45 of the Law.

7.2. In the event of manifestly false or misleading statements of fact, your report will be returned with instructions to correct the statements and a warning of the liability you bear, namely a fine of up to BGN 7,000.

 

8. WHISTLEBLOWER NOTICE AVAILABILITY

8.1. This Notice is available on our website, namely https://www.amusnet.com/whistleblowing, and prominently displayed at our offices.

 

9. PERSONAL DATA

9.1. Amusnet Interactive Ltd will process your personal data for the purposes of handling a report of a breach.

9.2. The information relating to or made known in connection to a reported breach, as well as the identity of the Whistleblower and the person concerned, and other persons named in the report, are protected. Access to your personal data will only be granted to those responsible for handling reports, as well as governmental and supervisory authorities, in cases defined by law.

 

10. UPDATING THE WHISTLEBLOWER NOTICE

10.1. This notice may be subject to amendment, with the latest effective date being 26.02.2024. Any future changes or additions to information described in this notice that affect you will be communicated to you through an appropriate channel depending on the usual mode of communication.

 

 

NOTICE ON THE CONFIDENTIALITY OF PERSONAL DATA PROCESSED IN RELATION TO REPORTS ON BREACHES

 

Purpose

The purpose of this notice is to inform individuals about how we process the personal data of persons whoreport  or  publicly  disclose  information  on  breaches,  of  persons  other  than  the  Whistleblower  who  are  afforded protection, and of Persons concerned.

 

WHO WE ARE?

The data controller  is  Amusnet  Interactive  EOOD,  UIC  203773449,  with  registered  office  and  management  address in Garitage Park, building No. 4, floor 2, ul. "2, Donka Ushlinova Str. Sofia 1766 ("the Company", "we"). 

The contact of our Data Protection Officer is:

Data Protection Officer: atty. Desislava Dimitrova-Cholakova

Email: [email protected] Amusnet Interactive Ltd.

 

PERSONAL DATA WE PROCESS

 

BASIS FOR PROCESSING

The basis for the processing of the personal data described above is for the purpose of fulfilling a legal obligation under the Whistleblower Protection Law, SG No. 11 of 2 February 2023, effective 4 May 2023 (the “Law“), namely: for the purpose of providing an internal whistleblowing channel.

 

PROCESSING PURPOSES

The purposes of processing personal data are as follows:

1. Report registration and handling;

2. Providing protection to the Whistleblower, the individuals related to the Whistleblower, as well as the Person concerned;

3. To fulfil an obligation imposed by Bulgarian or European Union law in the context of investigations by national authorities or judicial proceedings, including with a view to guaranteeing the right of defense of the person concerned;

4. To hold the whistleblower accountable and to protect the legitimate interests of the Company in the cases defined by law.

 

CONFIDENTIALITY OF INFORMATION

We   protect   information   related   to   whistleblowing,   including   but   not   limited   to   the   identities   of   Whistleblowers and Persons concerned, and take necessary measures to protect that information.

Access  to  information  relating  to  whistleblowing,  including  the  identity  of  Whistleblowers  and  Personsconcerned, shall be provided, subject to the Law, only to employees and other persons within the Company.

Within  the  Company,  access  to  the  information  shall  be  limited  to  the  employees  responsible  for  handling  reports. The Person concerned shall not have access to the information relating to that report, except where the provision of the information is required by law. Access may also be granted to other people depending on the specifics of a particular case. 

Disclosure  of  the  identity  of  the  Whistleblower  and/or  other  information  concerning  the  report  shall  be  authorized only with the express consent of the Whistleblower.

Notwithstanding the foregoing, the identity of the Whistleblower, and any other information from which the identity of the Whistleblower may be revealed, directly or indirectly, may be disclosed where this is necessary and  is  a  proportionate  obligation  imposed  by  Bulgarian  or  European  Union  (EU) law  in  the  context  of  investigations  by  national  authorities  or  legal  proceedings,  including  with  a  view  to  ensuring  the  right  of  defence of the Person concerned.

 

YOUR RIGHTS

The Company shall provide to persons reporting or publicly disclosing information about breaches, to persons other than the Whistleblowers who are afforded protection, and to Persons concerned, all the rights set outin national and European legislation, including the right:

1. on  request,  to  receive  all  necessary  information  relating  to  the  processing  of  the  data  provided  by  you,  including, if possible, a copy;

2. to request from the Company access to, rectification, erasure/deletion of personal data or restriction of the processing of personal data, if the prerequisites for this are present;

3. to object to the processing, as well as to lodge a complaint with the supervisory authority - the Commission for Personal Data Protection (CPDP)  (Sofia 1592, 2 Tsvetan Lazarov Blvd. or www.cpdp.bg)  in case of unlawful processing of data;

4. to  withdraw  your  consent  at  any  time,  without  negative  consequences  for  you,  when  the  basis  for  processing is consent;

5. to exercise your right to portability.

In  certain  cases,  informing  the  Whistleblower  at  an  early  stage  may  be  detrimental  to  internal  reports examination. Where, at the Company's discretion, it is considered that there is a high risk that providing access will  impede  the  procedure  or  undermine  the  rights  and  freedoms  of  others,  the  Company  may  impose  a  restriction on the provision of specific information or a delay in its provision.

All  requests  related  to  personal  data  such  as:  information,  access,  deletion,  withdrawal  of  consent,  etc.  described above, shall be made in writing, signed by you and transmitted to the Company for processing at the e-mail address: [email protected] or at the Company's management address. The request must contain three names and, in the event that it relates to specific personal data - these should be specified, together with the precise right being exercised.

 

DATA PRIVACY MEASURES

The  Company  has  put  in  place  technical  and  organizational  measures  to  protect  information  relating  to  whistleblowing,  including  the  identity  of  Whistleblowers  and  affected  individuals,  against  unauthorized,  accidental or unlawful destruction, loss, alteration, misuse, disclosure or access and against all other types of unlawful  processing.  Special  attention  shall  be  paid  to  sensitive  data.  Some  of  the  measures  taken  are:  encryption, pseudonymization, redundancy, access control, strict confidentiality, periodic training, etc.

 

DATA TRANSFER OUTSIDE THE EUROPEAN ECONOMIC AREA

Your personal data is not transferred outside the EU/EEA. Should such processing be necessary, appropriate safeguards  will  be  used  to  ensure  that  such  transfer  is  carried  out  in  accordance  with  applicable  data  protection rules, including legal grounds.

 

CONSERVATION PERIOD

 

Updating the privacy notice

This notice may be subject to change and was last updated on 13.03.2024. Any future changes or additions to the  processing  of  personal  data  described  in  this  notice  will  be  communicated  through  an  appropriate  channel.