WHISTLEBLOWING AND WHISTLEBLOWER PROTECTION POLICY

Whistleblowing and Whistleblower Protection Policy Talent Alpha sp. z o.o.
Armii Krajowej 25
30-150 Kraków

10th April 2025

I. General Provisions

The purpose of the Policy is: 

  1. The purpose of the Whistleblowing and Whistleblower Protection Policy is to implement a procedure for handling internal reports of breaches made by whistleblowers, in accordance with Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons who report breaches of Union law. This Policy sets out the rules for making internal reports by whistleblowers, as well as the rules for receiving and processing such reports within Talent Alpha sp. z o.o. Through this Policy, Talent Alpha sp. z o.o. fulfils its obligation under the Polish Act of 14 June 2024 on the Protection of Whistleblowers (Journal of Laws of 2024, item 928).

  • establishing an effective and confidential system within Talent Alpha sp. z o.o. for reporting breaches of law by creating a comprehensive framework and procedural rules for handling disclosures of irregularities, with the additional aim of ensuring the protection of individuals submitting such reports – whistleblowers, 
  • increasing awareness regarding the rights of individuals who report instances of irregularities.

2. Employees of Talent Alpha sp. z o.o. shall, in particular, comply with the provisions of this Policy, ethical standards, and applicable legal regulations in the performance of their assigned duties. They are required to promptly report any identified irregularities and provide all information necessary for clarifying such irregularities in the course of internal communications.

3. Employees of Talent Alpha sp. z o.o. are obliged to cooperate with the unit designated to receive internal reports, the unit responsible for follow-up actions, and the Entity in the process of handling such reports, including by providing explanations, as well as submitting requested information and documentation.

4. The Entity and all employees, irrespective of their position, shall endeavour to perform their professional duties diligently and in full compliance with applicable law, and to actively prevent and eliminate any irregularities, in particular any form of abuse of law, regardless of its nature.

5. Nothing in this Policy shall exclude or limit the rights and obligations set forth in the Act or the Directive.

6. This Policy does not apply:
a. if the report concerns a matter already regulated by the internal regulations of the Entity, including in particular the ethics rules and the anti-mobbing policy,
b. if the report concerns breaches of law in the field of public procurement related to defence and security,
c. if the report concerns matters related to the protection of classified information or pertains to the confidentiality associated with the practice of medical or legal professions.

7. The following documents, which provide detailed rules and procedures, are annexed to this Policy:

  • Annex No. 1 – Template of authorization for persons appointed to work in the relevant units to carry out duties arising from the whistleblower protection system,
  • Annex No. 2 – Template of the internal report register,
  • Annex No. 3 – Information clause for the whistleblower
  • Annex No. 4 – Information clause for the person to whom the report pertains,
  • Annex No. 5 – Information clause for a person other than the whistleblower or the person to whom the report pertains.
  1. Definitions

1.The terms used in this Policy shall have the following meanings:

a. “Directive” – means Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons who report breaches of Union law.

b. “corrective actions” mean actions taken to eliminate identified breaches and prevent future breaches, in particular, actions such as:

  1. Implementation or revision of internal regulations,
  2. Employee training,
  3. Changes in the control/oversight of specific areas within the structure,
  4. Changes to processes or practices in place within the Entity,
  5. Initiation of disciplinary proceedings against employees whose actions and/or omissions have caused or contributed in any way to the occurrence of abuse or irregularities,
  6. Pursuit of remedies (including through legal proceedings) for the consequences of the breach of law, including compensation,
  7. Termination of the employment contract with an employee who has committed a legal breach, if permitted by labour law, and in the case of individuals working under a legal relationship other than an employment contract – termination of such cooperation,
  8. Submission of a notification to the relevant authority about the possibility of a criminal offense if the identified breach constitutes a criminal act.

c. “follow-up actions” mean actions taken by the recipient of the report or the relevant authority to assess the truthfulness of the information contained in the report and to address the legal breach subject to the report, particularly through investigative proceedings, initiation of inspections or administrative proceedings, filing charges, actions taken to recover financial assets, or the closure of procedures conducted within the internal procedure for reporting legal breaches and taking follow-up actions, or the procedure for receiving external reports and taking follow-up actions.

d. “retaliatory actions” mean direct or indirect actions or omissions occurring in a work-related context that are caused by an internal or external report or public disclosure, and which cause or may cause unjustified harm to the reporting person. This includes, in particular, refusal to establish an employment relationship or enter into a contract, termination or dissolution of the employment relationship or contract, reduction of salary, including the making of threats regarding negative consequences.

e. “information on breaches”means information, including a reasonable suspicion, regarding an actual or potential breach of law that has occurred or is likely to occur within the Entity in which the whistleblower has participated in the recruitment process or other negotiations prior to entering into an agreement, works or has worked, or in another legal entity with which the whistleblower has or had contact in a work-related context, or information regarding an attempt to conceal such a breach of law. 

f. “feedback” means the information provided to the reporting person regarding planned or undertaken follow-up actions, along with the reasons for those follow-up actions.

g. ”work-related context” means past, present, or future actions related to the performance of work under an employment relationship or another legal relationship constituting the basis for providing work or services or holding a position within or on behalf of the Entity, during which information about a breach of law was obtained and where there is a possibility of experiencing retaliatory actions.

h. “breach of law”means a breach that is work-related, in particular, actions or omissions that are unlawful or aim to circumvent the law, in the following areas:

  1. Corruption,
  2. Public procurement,
  3. Financial services, products, and markets,
  4. Prevention of money laundering and financing of terrorism,
  5. Product safety and compliance with requirements,
  6. Transport safety,
  7. Environmental protection,
  8. Radiological protection and nuclear safety,
  9. Food and feed safety,
  10. Animal health and welfare,
  11. Public health,
  12. Consumer protection,
  13. Privacy and personal data protection,
  14. Network and information system security,
  15. Financial interests of the State Treasury of the Republic of Poland, local government units, and the European Union,
  16. The internal market of the European Union, including public competition law, state aid, and taxation of legal entities,
  17. Constitutional freedoms and human and citizen rights – arising in the relations between individuals and public authorities, and unrelated to the areas specified in points 1–16.

i. “public authority” means the highest and central bodies of government administration, local government bodies, other state authorities, and other entities performing public administration tasks by law, competent to undertake follow-up actions in areas covered by the scope of the Act.

j. “individual to whom the report pertains” means a natural person, legal entity, or organizational unit without legal personality, to which the law grants legal capacity, indicated in the report or public disclosure as the person who committed the breach of law, or as the person with whom the person who committed the breach of law is connected.

k. “individual assisting in making the report”means a natural person who helps the reporting person in this activity in a work-related context, and whose assistance cannot be disclosed.

l. “individual associated with the whistleblower”means a natural person who may experience retaliatory actions, including a colleague or a close person of the whistleblower within the meaning of Article 115 § 11 of the Act of June 6, 1997 – Penal Code.

m. „Entity” means Talent Alpha sp. z o.o., Armii Krajowej 25, 30-150 Kraków, registered in the National Court Register, maintained by the District Court in Kraków, XI Economic Department – National Court Register, under KRS number 756687, NIP 6762557514, REGON: 381770010.

n. „Policy” means this document along with its annexes.

o. ”employee” means a person performing work under an employment relationship or another legal relationship constituting the basis for providing work or services or holding a position within or on behalf of the Entity.

p. “public disclosure” or “to disclose publicly” means making information about breaches publicly available.

q. „whistleblower” or “reporting person” means a natural person who reports or publicly discloses information about breaches obtained in a work-related context, regardless of whether the information about the breach of law was obtained before, during, or after establishing a legal relationship with the Entity, and includes:

1)  an employee,
2)  a job applicant at Talent Alpha sp. z o.o. who obtained information about a breaches during the recruitment process or negotiations preceding employment,
3)  a temporary worker,
4)  a person providing work under a legal relationship other than an employment contract, including under a civil law contract,
5)  an entrepreneur,
6)  a commercial proxy,
7)  a shareholder or partner,
8)  a member of the governing body of a legal entity or an organizational unit without legal personality,
9)  a person providing work under the supervision and direction of a contractor, subcontractor, or supplier,
10)  an intern,
11)  a volunteer,
12)  a trainee.

2. In the event of a discrepancy between the definitions and the Act or any doubts regarding the meaning of the definitions, the content of the definition should be interpreted in a way that aligns with the definition provided in the Act.

 III. Whistleblower Protection

1. The whistleblower shall be afforded protection from the moment of making a report or public disclosure, provided that the report or disclosure was made in good faith—specifically, where the whistleblower had reasonable grounds to believe, at the time of reporting or disclosing, that the information was true and concerned a breach of law.

2. Retaliatory actions, as well as any attempts or threats thereof, shall not be taken against the whistleblower, individuals assisting in the reporting process, or individuals associated with the whistleblower. In the event that any retaliatory measures occur, the employee shall have the right to report such actions in accordance with the reporting procedures set forth in this Policy.

3. All employees are expected to take appropriate action in response to any suspected retaliatory behaviour towards a whistleblower, irrespective of whether the individual concerned has been identified or is presumed to be a whistleblower. It is particularly recommended to undertake the following measures:

  1. refusing to participate in or support any actions involving elements of discrimination, mobbing (workplace bullying), or other undesirable conduct,
  2. taking steps to promote the principles of respectful and constructive cooperation in relations with other employees, including respect for their dignity and personal rights,
  3. maintaining strict confidentiality by members of teams responsible for receiving and investigating reports of breaches of law or internal procedures, 
  4. participating in whistleblower protection training sessions organized by the Entity,
  5. promptly notifying the unit designated to receive reports of any observed retaliatory actions.

4. A whistleblower who has been subjected to retaliatory actions shall have the right to compensation in an amount not lower than the average monthly salary in the national economy for the previous year, as published for pension purposes in the Official Gazette of the Republic of Poland (“Monitor Polski”) by the President of the Central Statistical Office. The whistleblower shall also have the right to claim non-pecuniary damages (redress for harm suffered).

5. The whistleblower is obliged to act in good faith and base their report on true and substantiated information indicating a breach of law. Whistleblowing made in bad faith does not qualify for legal protection. Reports submitted in bad faith, particularly those intended to deliberately defame or mislead, will not be processed. The Entity shall take appropriate measures in cases of unfounded or malicious reports. Any person who has suffered harm as a result of the whistleblower knowingly submitting or publicly disclosing false information shall have the right to claim compensation or redress for the breaches of personal rights from the whistleblower responsible for such report or disclosure.

6. The submission of a report concerning a breach of law does not affect the Entity’s right to take appropriate personnel actions in the event of receiving substantiated information about such breaches, including actions related to a whistleblower acting in bad faith.

7. In cases where a whistleblower is also the individual to whom the report pertains – in a report made by another whistleblower regarding a breach, such reports will be considered independently. However, each whistleblower shall be protected in relation to the report they have made. The submission of a report by a whistleblower regarding a breach does not absolve that individual from responsibility for their own actions, including those actions reported by another whistleblower. The above shall be taken into account when determining appropriate and proportionate corrective actions, in line with the nature and seriousness of the breach.

8. The Entity is obligated to protect the personal data of the whistleblower, the individual to whom the report pertains, and any third parties mentioned in the report. In particular, the Entity shall not disclose personal data to unauthorized persons unless those individuals explicitly consent to such disclosure. This does not apply in cases where disclosure is a necessary and proportionate obligation under the law, particularly in connection with investigative proceedings conducted by public authorities or preparatory or judicial proceedings conducted by courts, including to ensure the right of defence of the person to whom the report pertains.

9. The provisions of this chapter shall apply accordingly to individuals assisting in the submission of a report and to persons associated with the whistleblower.

10. The whistleblower may not waive any rights specified in this Policy, nor accept liability for any harm resulting from the submission of a report or public disclosure. This does not apply to liability for harm caused by the deliberate submission or public disclosure of false information.

IV. Reporting Breaches– General Provisions

1. Upon obtaining information about a breach of law, the whistleblower may make: 

  1. an internal report in the manner set out in this Policy,
  2. an external report,
  3. a public disclosure.

2. The whistleblower is entitled to submit an external report without being required to first file an internal report.

3. If the whistleblower chooses to submit an internal report, they should review the information clause regarding the processing of their personal data in connection with the report, which is annexed as Annex No. 3 to the Policy.

4. All units designated to handle matters related to whistleblowers shall take all necessary measures to protect the whistleblower, the individual to whom the report pertains, as well as any third parties mentioned in the report, from the disclosure of their identities to unauthorized persons.

The following actions are strictly prohibited:

  1. discussing the matter with unauthorized persons in the workplace or outside the workplace, through any communication channels, 
  2. allowing unauthorized persons to access the matter, for example by leaving documents, notes, or electronic information carriers such as laptops or phones unattended on a desk,
  3. providing information to external entities about the matter without prior verification that the entity is authorized or entitled to receive the relevant information.

In case of doubt as to whether a person is authorized to process information related to the case, the individual requesting access to the information is required to provide appropriate authorization or a valid basis for their request.

5. If an internal report is received by an unauthorized person, that person is obligated to:

  1. not disclose any information that could lead to the identification of the whistleblower or the individual to whom the report pertains,
  2. Immediately forward the report to the unit designated to receive internal reports or to the Chairman of the Management Board, without making any alterations to the report.

6. Any individual who is a member of the unit designated to receive internal reports or the unit designated to undertake follow-up actions, must, prior to performing tasks related to the protection of whistleblowers, receive written authorisation from the Entity, substantially in accordance with the template set out in Annex No. 1 to this Policy. The authorisation must be granted by an individual authorised to represent the Entity.

7. All reports will be investigated with due diligence, and the Entity will take corrective actions appropriate to the seriousness of the breach in relation to any identified irregularities.

8. In the event of a whistleblower withdrawing a report despite having reasonable suspicion of irregularities, the Entity may undertake independent verification actions. Based on the results of the verification actions, the Entity will decide on the further course of action.

V. Internal Reporting Procedure 

  1. The unit designated to receive internal reports is Mrs Magdalena Konieczny.
  2. The whistleblower may submit an internal report via:

a. an oral internal report,

b. a written internal report,

addressed to the unit designated to receive internal reports, unless the whistleblower believes that this person does not ensure proper conduct, particularly with regard to independence or impartiality, or if the report pertains to the unit designated to receive internal reports. In such cases, the report should be directed to the Chairman of the Management Board, who shall perform the duties of the unit designated to receive internal reports in this regard.

3. An oral internal report may be made:

  1. by telephone to the number +48 503 934 720, i.e., through a non-recorded phone line, where the unit designated to receive internal reports will create a protocol replicating the exact course of the conversation. This protocol shall be subject to verification, correction, and approval by the whistleblower through their signature (at least in documentary form),
  2. during a face-to-face meeting – solely at the whistleblower’s request (i.e., the Entity is not entitled to demand such a meeting) – to be organised within 14 days from the date the request is received by the unit designated to receive internal reports. In such cases, according to the whistleblower’s choice, the meeting will be documented in the form of:
    1. a recording of the conversation, allowing it to be retrieved, or
    2. a meeting protocol, replicating the exact course of the meeting, prepared by the unit designated to receive internal reports, subject to verification, correction, and approval by the whistleblower through their signature.

4. A written internal report may be made:

  1. in paper form, either by personally submitting the internal report or by sending it via postal mail to the Entity’s address with a clear indication that the addressee – for personal delivery – is Ms Magdalena Konieczny. Such correspondence must not be opened by any person outside the unit designated to receive internal reports, and if it is received by another person, it must be immediately forwarded to that unit.
  2. electronically, to the address of the unit designated to receive internal reports, i.e., sygnalisci@talent-alpha.com.

5. In order to ensure the efficient consideration of the report by the unit designated to receive internal reports or the Management Board in cases specified in point 2 above, and to effectively undertake follow-up actions, it is recommended that the report includes at least the following:

  1. the name of the organisational unit/department to which the report pertains,
  2. the details of the whistleblower to whom the report pertains, as well as other individuals who are or may be associated with them,
  3. Indication of:
    1. the nature of the legal breach,
    2. the individual(s) responsible for the breach,
    3.the date or approximate period during which the breach occurred,
    4. the date when the information regarding the legal breach was received, 
  4. the whistleblower’s contact details, including either a postal address or email address, to which any correspondence concerning the report should be directed,
  5. any other information pertinent to the report, including any supporting documents.

6. An internal report may also concern a breach of the information security principles applicable within the Entity, protected in accordance with the Information Security Policy, including, in particular, a breach of or a threat to the Entity’s trade secrets. 

7. The Entity accepts anonymous reports exclusively via the email address: sygnalisci@talent-alpha.com. Reports sent through any other means will not be considered. To maintain anonymity, the whistleblower may create a fictitious email address solely for the purpose of submitting the report.

8. NiIn addition to submitting an internal report, the whistleblower may choose to submit an external report. External reports may be directed to the Ombudsman or to a relevant public authority. Further details on this process are provided in Chapter IX.

VI. Procedure for the Consideration of Internal Reports

1. The unit designated to receive internal reports shall acknowledge receipt of the report by the whistleblower within 7 days of its receipt, unless the whistleblower has not provided a contact address to which the report can be forwarded. Along with the acknowledgment of receipt, the designated unit designated to receive internal reports shall provide the whistleblower with the information clause regarding the processing of the whistleblower’s personal data, as outlined in Annex No. 3 to this Policy.

2. The unit designated to receive internal reports shall promptly, but no later than 7 days from the receipt of the report, forward the report to the unit designated to undertake follow-up actions, unless the report concerns individuals associated with the unit designated to undertake follow-up actions.

3. In the case referred to in point 2 above, the unit designated to receive internal reports shall refer the matter to the Chairman of the Management Board. In such a situation, the Chairman of the Management Board shall appoint an ad hoc team to carry out the procedure related to the report, ensuring that the team and the appointed individuals meet all the criteria set forth in the Directive and the Act. This team shall assume the responsibilities of the unit designated to undertake follow-up actions. This provision shall apply accordingly if the internal report concerns anyone from the unit designated to receive internal reports or when the same individual holds the function of both the unit designated to receive internal reports and the unit designated to undertake follow-up actions (i.e., in such cases, the report may be submitted directly to the Chairman of the Management Board).

4. Personal data that are not relevant for the consideration of the report shall not be collected, and in the event of accidental collection, shall be promptly deleted. The deletion of such personal data shall take place within 14 days from the moment it is determined that they are not relevant to the matter at hand.

5. The Entity ensures that the internal reporting procedure and the processing of personal data related to the receipt of reports prevent unauthorized persons from gaining access to the information covered by the report and ensure the protection of the confidentiality of the whistleblower’s identity, the identity of the person to whom the report pertains, and any third party mentioned in the report. Confidentiality protection applies to information that can directly or indirectly identify the identity of such individuals.

VII. Specific Responsibilities and Authority of the Unit designated to undertake follow-up actions within the Internal Reporting Procedure

1.The unit designated to undertake follow-up actions within the internal reporting procedure is: sygnalisci@talent-alpha.com.

2. The responsibility of the unit designated to undertake follow-up actions within the internal reporting procedure is to take all necessary steps to ensure the proper implementation of the obligations imposed on the Entity by applicable laws regarding the protection of whistleblowers. This includes, primarily, the assessment of the veracity of the allegations contained in the report and taking appropriate actions to address the breach described in the report. In particular, the unit designated to undertake follow-up actions will:

a. conduct an internal investigation, during which:

  1. the whistleblower is interviewed,
  2. the whistleblower may be asked to provide additional information if necessary,
  3. all relevant documents necessary for the investigation are reviewed, including emails, text messages, photos, etc.,
  4. employees or other individuals who may have knowledge of the legal breach reported are interviewed,
  5. the individual who is the subject of the report is interviewed,
  6. notes and protocols are prepared documenting the actions taken, especially the interviews conducted.

b. recommend actions aimed at recovering the Entity’s assets,

c. conclude the procedure.

3. The unit designated to undertake follow-up actions shall undertake measures in the order it has established, ensuring that the objectives of the investigation are achieved to the greatest extent possible.

4. The unit designated to undertake follow-up actions shall act in accordance with the following principles:

  1. acting without undue delay,
  2. exercising due diligence,
  3. ensuring confidentiality,
    upholding objectivity,
  4. ensuring impartiality,
  5. maintaining independence,
  6. focusing on a comprehensive clarification of the factual situation.

5. If, during the course of the proceedings, it becomes apparent that any individual within the unit designated to undertake follow-up actions may raise justified doubts regarding their compliance with any of the principles outlined above, that individual shall be excluded from further involvement in the case, either based on their own decision or the decision of the Chairman of the Management Board.

6. Employees are obliged to comply with the instructions of the unit designated to undertake follow-up actions in the course of the internal investigation. If an employee fails to comply with these instructions, the unit designated to undertake follow-up actions shall immediately notify the employee’s direct supervisor, and, where applicable, the Chairman of the Management Board.

7. The unit designated to undertake follow-up actions may require an employee selected by them to provide explanations related to the subject matter of the report, specifying the time and form of the meeting. Attendance at the meeting is mandatory and shall take place upon official instruction. The employee shall be relieved of their work duties for the duration of the necessary actions undertaken within the scope of the proceedings, with the right to retain their remuneration.

8. The unit designated to undertake follow-up actions shall provide individuals subject to follow-up actions with information regarding the processing of personal data in connection with the report. The unit shall exercise due diligence to ensure that, except in cases specified by law, the personal data of the whistleblower and other individuals associated with the report are not disclosed to those individuals. The unit designated to undertake follow-up actions shall provide the following:

  1. to the individual the report pertains to – an information clause, as outlined in Annex No. 4 of the Policy, ensuring that the timing of the provision of this information does not negatively affect the follow-up actions being taken, while complying with the deadlines set forth in Article 14(3) of the GDPR,
  2. to any person other than the whistleblower or the individual the report pertains to – an information clause, as outlined in Annex No. 5 of the Policy.

9. The procedure concludes with the issuance of a report containing a description of the report, factual findings, an assessment of the validity of the report, as well as conclusions and recommendations regarding follow-up actions.

10. The unit designated to undertake follow-up actions shall provide the whistleblower with feedback no later than three months from the date of acknowledging receipt of the internal report or – in cases where no such acknowledgement was provided – within three months from the expiry of seven days following the submission of the report, unless the whistleblower did not provide a contact address to which such feedback should be delivered.

11. All documentation related to the case shall be archived together with the corresponding register. All registers and documents shall be stored and handled in a manner that prevents access by unauthorised individuals, as well as by persons who, although generally authorised, are the subject of the report.

12. Each internal report submitted shall be recorded in the internal reporting register.

13. The unit designated to undertake follow-up action shall maintain the internal reporting register in accordance with the template set out in Annex No. 2 to the Policy

14. The internal reporting register shall contain, at a minimum:

  1. the whistleblower’s contact details,
  2. the report identification number,
  3. the subject matter of the legal breach,
  4. the personal data of the whistleblower and individual to whom the report pertains, necessary for their identification,
  5. the date the report was submitted,
  6. information on the follow-up actions undertaken,
  7. the date of case closure.

15. The internal reporting register shall be maintained in strict confidentiality. Personal data and other information contained therein shall be retained for a period of three years following the end of the calendar year in which the follow-up actions were completed, or upon conclusion of proceedings initiated as a result of those actions — whichever occurs later.

16. Access to the internal reporting register shall be granted exclusively to authorised persons.

VIII. Prohibition of Retaliation

1. Any retaliatory actions, as well as any attempt or threat of such actions, including, in particular, discrimination or any other form of unfair treatment against a Whistleblower acting in good faith who has made a report, are strictly prohibited.

2. A Whistleblower who has made a report and whose personal data has been unlawfully disclosed, or who has experienced any retaliatory actions, should immediately notify the unit designated to receive internal reports. The designated unit shall take appropriate measures to protect the Whistleblower. In cases where the retaliatory actions concern the unit responsible for receiving internal reports, the provisions of Chapter V, point 2 of the Policy shall apply.

3. The Entity shall ensure protection against potential retaliatory actions, as well as against harassment, discrimination, and other forms of exclusion or victimisation by other employees, through measures guaranteeing full confidentiality in both the reporting process and the handling of the report.

IX. External Reports and Public Disclosures

1. A Whistleblower may submit an external report without having first made an internal report.

2. External reports shall be received by the Ombudsman or a public authority.

3. Up-to-date information regarding the procedure for submitting an external report to the Ombudsman or a public authority is available on the websites of the relevant public authorities, including the Ombudsman.

4. A Whistleblower may make a public disclosure.

5. The procedure for internal reports and the conditions under which a public disclosure may be made are governed by the Directive and the Act.

Final Provisions

1. The Policy is made available to the Entity’s employees, collaborators, job candidates, and contractors. The Policy is accessible at all times on the website www.talent-alpha.com.

2. The provisions of this Policy are without prejudice to any rights and obligations arising from the Directive and the Act. 

3. The provisions of this Policy do not exclude the application of separate legal regulations that provide for a specific procedure for reporting legal breach, including the processing of anonymously submitted information on such breaches. 

4. In the event of any inconsistency between the provisions of this Policy and the provisions of the Act or any implementing regulations thereto, the provisions of the Act and such implementing regulations shall prevail. Until the relevant amendments reflecting the new legal provisions are incorporated into the content of this Policy, the new legal provisions shall apply in place of the conflicting provisions of the Policy. 

5. The Entity monitors and regularly reviews the Policy and implements any necessary changes to ensure it is applied in a fair, consistent, and effective manner. 

6. The Policy is stored both in electronic form and in hard copy at the Entity’s registered office. 

7. The content of the Policy is available for review by any interested party at any time. 

8. The Entity informs the employees of Talent Alpha sp. z o.o. of the entry into force of the Policy and of any subsequent amendments. Amendments to this Policy are made following the procedure applicable to its adoption. 

9. This Policy has been agreed upon in accordance with the procedure prescribed by applicable law. 

10. In matters not regulated by this Policy, the relevant provisions of the Directive and the Act shall apply. 

11. This Policy enters into force on: 24th April 2025.