• What can be reported through COWI Whistleblower?
• How to use COWI Whistleblower
• Protection of users acting in good faith 
• Receipt of report and investigation 
• Information to the employee 
• Information to user of COWI Whistleblower
• Violation of the COWI Whistleblower procedure 
• Deletion of data 
• Data security

• Accounting and auditing matters
The recording and analysis of business and financial transactions that appear unethical or deviate from generally accepted accounting practices (Examples include: misstatement of revenues, misstatement of expenses, misstatement of assets, misapplications of GAAP principles, wrongful transactions). 
• Disclosure of confidential information Unauthorised and unlawful disclosure of corporately owned intellectual property or trade secrets, as well as employee, customer or consumer information, marketing and other corporate data bases, marketing plans, business proposals and strategies.
• Fraud Improper, misleading or deceptive actions taken, falsification of records, or misrepresentation of physical conditions.
• Conflict of interest A conflict of interest is defined as a situation in which a person, such as a public official, an employee, or a professional, has a private or personal interest sufficient to appear to influence the objective exercise of his or her official duties (Examples include: inappropriate vendor relations, bribery, misuse of confidential information, inappropriate customer relations).
• TheftThe act of stealing, specifically the felonious taking and removing of personal property with intent to deprive the rightful owner of it.
• Improper giving or receiving of giftsThe giving, receiving or solicitation of items which could be reasonably interpreted as an effort to influence a business relationship or decision; items given, received or solicited for the benefit of an individual or an individual's family or friends; items given, received or solicited during or in connection with contract negotiations; the acceptance of cash, checks, money orders, vouchers, gift certificates, loans, stocks or stock options.
• Discrimination or harassmentUninvited and unwelcome verbal or physical conduct directed at an employee because of his or her sex, religion, ethnicity, or beliefs.
• Misconduct or inappropriate behaviourIntentional wrongdoing, specifically deliberate violation of a law or standard.
• Scientific misconductFabrication, falsification, plagiarism, or other practices that seriously deviate from those that are commonly accepted within the scientific community for proposing, conducting, or reporting research. Fabrication is making up data or results and recording or reprinting them. Falsification is manipulating research materials, equipment or processes, or changing or omitting data or results, such that the research is not accurately reported in the research record. Plagiarism is the appropriation of another person's ideas, processes, results, or words without giving appropriate credit.
• Policy violations
  Actions committed either knowingly or unintentionally which are in direct violation of company policy, procedures, code of ethics, and/or implied contractual responsibilities (Examples include: non-disclosure agreements, hiring standards, safety, Internet usage, corporate guidelines).
• Environmental Protection, Health or Safety Laws
  Violation of any environmental law, regulation, corporate policy or procedure with respect to the handling and disposal of hazardous materials or the health and safety of other individuals.
• Unsafe working conditionsFailure of meeting requirements needed to perform all duties in a secure environment. Potential areas of harm. (Examples include: environmental damage, OSHA, EPA, supervisor directive, poor housekeeping)
• Unfair bidding practicesEngagement in action amongst bidders designed to influence the bidding process and prevent the client from conducting a fair an open process
• OtherIf you feel that the definitions above do not describe the event, action or situation you are looking to report about, please use this header.

Please note that in France, Germany, Belgium, Sweden, the Netherlands, Portugal and Spain the data privacy laws require a limitation of the categories. If you would like to report an issue that is not available on the website, please talk to your manager, the next line manager or the HR Partner.

• EmployeesThe COWI Whistleblower is primarily set up for COWI's employees if the normal channels of communications are deemed, or experienced, not to be appropriate in the specific case.
• Line managementCOWI encourages employees to use the normal channels of communication, which is the line management, another member of the management or HR. However, if for some reason the user feels uncomfortable doing so, he or she can file a report through the homepage or by telephone.
• AnonymityCOWI encourages users of the COWI Whistleblower to identify themselves, as this will make it easier to look into their concern. However, users can also remain anonymous and their name will not be registered. All users will be provided with a password and can track their reports and responses online via the Internet site, using their personal access code. It is particularly important for anonymous users to log in and check their reports as this will be the only channel available for COWI to ask for additional information.

• Good faithAnyone filing a concern, a complaint or a report of a violation or suspected violation must be acting in good faith and have reasonable grounds for believing that the information disclosed is true and accurate.
• Protection
  COWI will not discharge, demote, suspend, threaten, harass or in any manner discriminate against any employee in the terms and conditions of employment based upon any lawful actions of an employee with respect to good faith reporting of concerns, complaints or reports of violations or suspected violations.
• RetaliationIf any user of the COWI Whistleblower believes that he/she has been retaliated against for reporting or participating in an investigation, he/she should immediately report such perceived retaliation to the Senior Compliance Officer. All such reports will also be investigated confidentially to the extent possible.
• Misuse of COWI WhistleblowerIf the user of the COWI Whistleblower knowingly files misleading or false concerns, complaints or reports, without a reasonable belief as to the truth or accuracy of the claim, he or she will not be protected by this procedure for use of the COWI Whistleblower. Misuse of the COWI Whistleblower will be addressed in the appropriate manner.

• Ethics PointsThe submission will be received by Ethics Point, an EU Safe Harbor compliant service provider. Ethics Point will screen incoming submissions and forward the submissions to COWI's Compliance team, which consists of COWI's Senior Compliance Officer (SCO) Ditlev Von Grumbkow and COWI's Group CSR Manager, Annemarie Meisling.
• Senior Compliance Officer
  The Compliance Team will deal with the submissions and if necessary involve experts and regional representatives to ensure that the necessary skills and local expertise are present to conduct an independent, professional and objective investigation.
  All submissions will be considered carefully and it will be decided: Whether the submission is unfounded and should be deleted from the records, whether it is necessary to gather more information or whether a formal investigation is necessary. 
• PasswordIf anyone outside the Compliance Team needs to access information in the Ethics Points database they will be provided a temporary password and access the data directly. Before accessing the database they will have to sign a confidentiality agreement. All visits to the database will be registered.
• ConfidentialityThe investigation will be conducted in a confidential manner to the maximum extent consistent with a thorough and complete investigation.
• ReportingThe Compliance Team reports to the CEO on matters of doubt.
  A report on all submissions and actions taken for each calendar year will be filed with Ethics Points. A compiling report on investigated and unfounded messages shall be submitted by the Compliance Team to the Executive Board twice a year and to the Board of Directors once a year. 
• Conflict of interest If the submission concerns a member of the Compliance Team or any members of the Executive Board the submission will be referred to and handled by the Chairman of the Board of Directors. Reports about the Chairman will be handled by COWI's external lawyer.

Employees that are subject to a formal investigation will be informed appropriately. The information to the employee will take due consideration to the confidential nature of the information and ensure that it does not compromise the investigation.

Information to user of COWI WhistleblowerAll users of the COWI Whistleblower will be provided with a unique report key and asked to create a password. This allows the user to follow-up on their report and answer additional online questions from the Compliance Team. All correspondence remains confidential.

Appropriate actions proportionate with the violation will be taken. This can have consequences for the employee relation and may be reported to the appropriate authorities.

If authorities investigate a crime, COWI will disclose information according to the law.

• Unfounded complaintsIf the submission turns out to be manifestly unfounded it will be deleted from the database as soon as possible, and no later than six months after being received.
• Filing and deletion after closed investigationIf a submission is investigated it will be deleted from the database as soon as possible, and no later than one year after the case is closed.
• Personal filesIf COWI decides to take disciplinary action against an employee the information will be kept for five years in the personal files of the employee.
  If the case is transferred to the authorities, the information will be kept until the authorities have closed the case.

Ethics Point will store the data and takes all reasonable precautions to protect personal information in its possession from loss, misuse and unauthorised access, disclosure, alteration and destruction.

• Encryption
  All communications between the Ethics Point site and a user's web browser are conducted using 128 bit SSL encryption and VeriSign certificates to protect confidential data. Ethics Point does not allow users to transfer or receive confidential information unless they are using a validated 128 bit encrypted session.
• Safe HaborEthics Point complies with the EU Safe Harbor framework regarding the collection, use, and retention of data from the European Union.