Report Management Policy





Scope of application


Date of validity





Board of Directors



Power Level



“ELVIDA FOODS SA” has taken the necessary measures to ensure good corporate

governance and compliance with all the regulatory obligations governing its operation. To this end,

the Company has drawn up and adopted the Reporting Policy (hereinafter the “Policy”), which

provides general guidelines and instructions regarding the management of, inter alia, reports of

violations of European Union law.

Within the framework of the aforementioned Policy, the Company is drawing up this Report

Management Policy, which specifies the general obligations referred to in the Report Policy and

describes in detail the manner and timing of the actions necessary to implement the commitments

arising from the Policy.

It sets out in detail the steps for the submission, management and internal investigation of

reports, from their receipt to their archiving, and sets out the principles regarding the retention and

deletion of records. This is adapted to the principles and provisions of Law 4990/2022 “Protection

of persons reporting violations of Union law – Implementation of Directive (EU) 2019/1937 of the

European Parliament and of the Council of 23 October 2019 (L 305) and other urgent provisions”.

  1.  PURPOSE:

The purpose of this Policy is to ensure that the Company has appropriate procedures in place to

receive, record and process confidential, anonymous or anonymous reports from those entitled to

make them for the purpose of reporting incidents that have taken place in the Company and are related


  • violations of EU law in the areas of public procurement, financial services, products and markets,

as well as the prevention of money laundering and the financing of terrorism, product safety and

compliance, transport safety, environmental protection, radiation protection and nuclear safety, food

and feed safety, as well as animal health and welfare, public health, protection of the environment,

public health and the environment, and the protection of the environment, food and feed safety, as

well as animal health and welfare, public health and the protection of the environment and the


  • violations affecting the Union’s economic interests referred to in Article 325 of the Treaty on the

Functioning of the European Union (TFEU) and more specifically set out in the relevant Union


  • violations relating to the internal market, as referred to in par. 2 of Article 26 of the TFEU,

including violation of Union rules on competition and State aid, as well as violations relating to the

internal market concerning acts that violate the rules on corporate taxation or arrangements the

purpose of which is to secure a tax advantage that frustrates the object or purpose of the applicable

corporate tax legislation.


For the purposes of this Procedure and in compliance with the Policy, the following

definitions apply:

Report: the oral or written provision of information, whether verbal or written, regarding

violations herein.

  1. a) “Internal Report”: the oral or written provision of information regarding violations to the

Company’s Reporting Receiving and Monitoring Officer (RRO).

  1. b) “External report”: the oral or written or via an electronic platform provision of information

on violations to the National Transparency Authority (NTA).

Inadmissible Report (or inadmissible Report): a Report that refers to a violation that does

not fall within the objective scope of this document, or a Report that is not clear, defined, complete,

timely or is manifestly malicious, frivolous/excessive and repetitive.

Reporting Party: a person who reports or discloses information about violations obtained in

the course of his or her employment.

Retaliation: Any direct or indirect act or omission that occurs in an employment context as

a result of an internal Report that causes or is likely to cause undue harm to the Reporting Party.

Outside Contractors: Third parties contractually associated with the Company and their

personnel, namely consultants, subcontractors, contractors, suppliers, mall retailers, all types of

associates, shareholders, etc.

Committee for the Management and Evaluation of Petitions (hereinafter referred to as the

‘CMA/EDAA’): The three-member committee charged with the management and investigation of


Employee: the person who contracts with the Company under any contract or employment

relationship as well as the person who is a seasonal employee or the person employed as a trainee.

Reporting channels: The channels through which reports are submitted and include the

means used to submit reports and the persons to whom the reporting parties can be directed.

Malicious Reporting: A Report that is made with the Petitioner’s knowledge that it is not


Good Faith: A condition that creates a reasonable belief in the Petitioner that he or she has a

reasonable belief that the information provided is true.

Receiving and Monitoring Reporting Officer/YPPA: the Receiving and Monitoring

Reporting Officer with respect to violations within the scope of this Agreement.


The Petitioner may submit his/her report in person, by telephone or by email to the following


  1.  In person, by telephone or by email to the immediate supervisor or director of the

department to which he/she belongs; or

  1. if he/she has concerns (for example, if he/she fears retaliation or suspects the involvement

of a superior), he/she may report in person, by telephone or by email to YPPA (

iii. to all members of EDAA by email at (,

The supervisor or department head to whom a report has been received from an Employee

should promptly notify the YPPA in writing or verbally.



Reporting in person or by telephone

In case the report has been submitted by telephone and cannot be recorded or in person

through a personal appointment, then full minutes are kept by the Head or Director of the Department

or by YPPA in order to document the communication, while providing the reporting party with the

opportunity to verify, correct, modify and agree with the minutes of the conversation. At this point it

is emphasized that for the minutes to be valid they must be signed, in case the petitioner refuses to

sign them, the author shall make a reference to them on the minutes.

Reporting by email

The head or director of the department to which the Petitioner belongs (if he/she is an

employee), or when he/she receives a report by email, shall promptly (without undue delay) inform

YPPA and EDAA by forwarding the email of the Petitioner to the email address

or .

  1. REPORT:

Regardless of the communication channel chosen by the Petitioner, reports should include,

either at the initial submission or at the supplementary information stage, at least the following

information in order to be considered admissible:

– Name of the person (or persons) who may have been involved in misconduct

– Date/time period when the incident took place

– Place where the incident took place

– The nature of the misconduct and as detailed a description of it as possible

The report of misconduct should be made in good faith and without delay, as soon as it

becomes apparent. It is clarified that “without delay” means:

o within a period of twelve (12) months from the time that matters of a financial nature or

financial impact (e.g. contracts, tendering procedures, negotiations, etc.) become known

o within a period of six (6) months from the time when matters of a non-financial or financial

nature (e.g. conduct, discrimination, harassment, etc.) come to light

In any case, the report should be clear, defined and contain as much information and detail

as possible to facilitate its investigation. In addition, Petitioners are requested to include in the text of

the report only facts and information that are directly relevant to the alleged infringement and strictly

necessary for the investigation of the report under consideration.



The Report Receiving and Monitoring Officer (YPPA) is responsible for receiving all reports

and then informing the Report Management and Evaluation Committee (EDAA).


α) The petitioner is informed that his/her report has been received (provided that the contact

details of the petitioner are available).

(b) YPPA shall forward the report for investigation under a pseudonym, ensuring

confidentiality and protection of personal data, and informing in advance the register of reports it


– The Petitions Management and Evaluation Committee/EDAA

The Management and Evaluation Committee shall be composed of 3 members and 3


Regular members:


Sofia Politsou


George Karamanolis


Christina Papachristou

Alternate members:


Yianna Karamitsa


Petros Lykas


Asimenia Karagianni

In case the report concerns one or more members of EDAA, YPPA limits itself to registering it in the

relevant reports file and forwarding it to the National Transparency Authority as an external reporting

channel, informing the reporter.

-To the relevant bodies, as applicable:

Indicatively, such bodies include the Prosecutor for Economic Crime and the Prosecuting

Authorities in general, the National Transparency Authority, the Competition Commission, the Bank

of Greece, the Authority for the Protection of Personal Data, the Single Public Procurement Authority,

the Hellenic Atomic Energy Commission, the Single Food Control Authority, the Consumer

Advocate, the National Cyber Security Authority, the Authority for Combating Money Laundering

and Terrorist Financing and for the Control of Asset Declarations, the Independent Public Revenue

Authority and the General Directorate for the Supervision of Financial Crime.

  1. c) YPPA shall file the petition by a decision notified to the petitioner, if this is feasible, when

the petition is manifestly and obviously irrelevant, vague, incomprehensible or repeated in an abusive

manner, such as in the case of resubmission of the same content without the provision of new

information, when the content of the petition does not fall within the scope of this Regulation. If the

abovementioned report nevertheless contains information on infringements for which another body

of the institution and/or another public body is responsible, YPPA shall forward it to the competent

body. In this case, the obligation to follow up the report no longer exists.

  1. d) In all other cases of reports, EDAA is responsible for carrying out thorough checks to be

able to assess the accuracy of the allegations contained in the report and to record the results of these


EDAA processes and investigates the reports received from YPPA.

In case of disagreement between the members of EDAA, the decision of the majority shall


– The scope and depth of the investigation of the case shall be assessed taking into account:

  • the credibility of the petitioner’s claims
  • the likelihood of the Company’s exposure to financial and legal risks
  • the likelihood of damage to the Company’s reputation because of the subject matter of the


  • the potential benefits associated with the conduct of the investigation (e.g. recovery of lost assets)
  • the cost of conducting the investigation in relation to the potential benefits
  • the disruption or hindrance to business operations that the investigation may cause
  • the possibility of legal action before judicial authorities by or against the Company.

The Head of EDAA, together with YPPA, shall undertake the planning of the investigation in which

at least the following shall be determined:

– The persons conducting the investigation and the division of investigation tasks between them.

– The scope of the investigation, specifically the company, department, process, person or persons

involved, their position and role in the Company, the time period in which the incident occurred.

– The investigative actions. 

– The persons with whom meetings and interviews should be held to ascertain the validity of the

petitioner’s allegations.

– The timing of the investigation and the resources required.

– The feasibility of obtaining additional professional support from other Company executives as well

as from external partners.

– At the start of the investigation, the Head of EDAA identifies through preliminary interviews

which employees have data related to the investigation, where and how it is stored, how it

may be collected and retained, and which other employees may have relevant data (data

collection interviews). Immediately instruct individuals who may have in their possession

paper documents, electronic data and other physical material not to delete or destroy data that

may be relevant to an investigation. Subsequently, notifies the Technology Director to

develop a plan to identify, collect and maintain electronic information in a manner that

preserves all relevant data, including metadata, and to the extent possible, does not disrupt the

operation of the business.

– The members of EDAA shall carry out the investigative actions. The main investigative

actions shall include, but not be limited to, identifying, collecting and analysing physical and

electronic documents, electronic data, data and other evidence as to their content and

relevance to the reported incident, cross-checking financial or other data, interviewing and

deposing witnesses and other involved parties, forensic audit, autopsy and on-site inspection,

conducting an expert examination.

– The investigation should be initiated and completed as soon as possible and in any case no

later than three (3) months after the submission of the report. If additional time is required, an

extension may be granted upon documentation.

Based on the results obtained from the investigation and the specificity of each case examined, EDAA

is in a position to conclude that:

– There is not sufficient evidence of the commission of the violations provided for herein so that no

further investigation is required. In this case, the petitioner will be informed that the report will be

placed on file.

– The report relates to conduct that falls within the scope of this Company’s policy, appropriate

remedial measures are proposed such as, additional training and information for employees, creation 

of new internal controls, modifications to existing procedures, legal action (prosecution, action to

recover funds).

All relevant decisions of EDAA are recorded in the minutes of its meetings.

  1. e) At the end of the investigation, EDAA is obliged to:
  • To draw up the conclusion of the decision taken following an investigation and send it to the

Administration or other competent supervisory authority, when required by law. The

Investigation Conclusion, should include: general information and scope of the investigation,

summary of the investigation methodology, data collection strategy, list of relevant

documents, list of interviews, findings of the investigation, applicable law and legal

conclusions, recommendations for corrective actions, recommendations for legal treatment of

involved officials (initiation of disciplinary, criminal and/or civil proceedings),

recommendations for disclosure of the conclusion to state bodies, independent authorities or

third parties.

  • Inform YPPA of the actions taken so that the latter can inform the petitioner of the outcome

of the assessment of his/her report. If the Company’s management decides to take further legal

action, such action shall be assigned to a legal partner of the Company. In this case, EDAA

shall monitor the progress of the case and inform the petitioner accordingly. In any case, the

decision on the timing of informing the parties involved shall be taken by EDAA within three

months of receipt of the petition.

  1. f) If the report turns out to be unfounded, the Reporting Party will not be informed that there

was a report against him/her, for reasons of protection of the working environment within the

Company. If the report is found to be malicious and the Reported requests to know the identity

of the Reporting Party, the Head of the EDAA or YPPA shall inform the Reported

accordingly. The Reported may then exercise his/her legal rights.

(g) Regardless of the outcome of the investigation of the report, the relevant information

shall be entered in the Central Register of Reports (hereinafter referred to as the “Register”), which

shall be maintained in electronic and written form, under the responsibility of EDAA.

The information, which shall be recorded in the Register after receipt of each report, shall

include at least the following:

  • The name and contact details of the person making a named report.
  • Date of receipt
  • Channel and method of submission of the report.
  • Nature and detailed description of the report and persons likely to be involved
  • Whether notification of the submission of the report to supervisory authorities has been

or should be made.

  • The stage at which the report is at (open, under investigation, closed)
  • The departments and internal/external partners involved in the investigation and

resolution of the case

  • The final outcome and the investigation report (if an investigation has been carried out

under the relevant procedure).

The data shall be deleted within a reasonable period of time after the completion of the

investigation initiated on the basis of the report, namely as follows:

-If the report is deemed inadmissible, the personal data shall be deleted from the report within

three (3) months from the date the report is placed on file.

-If the investigation of the report has not yielded sufficient evidence, the personal data shall

be deleted from the report within two (2) years from the date of its filing.

-If the report is admissible and disciplinary measures are taken, the personal data shall be

deleted five (5) years after the measures have been taken.

-If there is suspicion of committing felonies, the data are deleted after twenty (20) years.

– If the Company takes legal action against the reporting party based on the outcome of the

investigation or if it becomes legally involved in any way in relation to the incident contained in the

report, the data retention period is extended until the conclusion of the legal proceedings and until all

relevant deadlines relating to claims before the courts have expired. 

The erasure of personal data shall entail the deletion of all data necessary to prevent the direct or

indirect identification of individuals. Anonymised metadata may be retained for an unlimited period

of time for statistical analysis and process improvement

This site is registered on as a development site.