Scope of the whistleblowing system
The EDF group* has put in place an ethics, compliance and duty of care whistleblowing procedure allowing certain breaches to be reported. This procedure is independent of the other reporting channels existing in the company (employee representatives, etc.), the choice of which is down to the whistleblower. The contact point for the EDF Group's whistleblowing procedure, appointed by the Executive Committee, is the Group Ethics & Compliance Division (GECD). The whistleblowing procedure meets the legal requirements set out in the Sapin II Law of 9 December 2016 on transparency, the fight against corruption and the modernisation of economic life (amended by the Waserman Law of 21 March 2022) and its implementing decree, the European General Data Protection Regulation (GDPR) as well as the “Devoir de Vigilance” law of 27 March 2017 on the duty of care of parent companies and contracting companies.
For any alerts outside the scope of the whistleblowing procedure, other dedicated channels (mediation, sales agency, supplier portal, human resources management of your entity, etc.) should be used.
The whistleblowing procedure is open to alerts issued by:
- a natural person acting in good faith;
- a legal person acting in good faith and whose interests are or may be affected by the facts that are the subject of the alert.
These alerts concern:
- a crime or an offence;
- a violation or attempted concealment of a breach of the law or regulation in connection with the scope of responsibility of the EDF Group*;
- a violation or attempted concealment of a violation of an international commitment ratified or approved by France, a unilateral act of an international organisation taken on the basis of such a commitment, European Union law or the Group's Ethics and Compliance Code of Conduct, in connection with the scope of responsibility of the EDF Group*;
- a threat or damage to the general interest in connection with the EDF Group's* scope of responsibility;
- a serious risk or harm to human rights and fundamental freedoms, the health and safety of people or the environment, in connection with the EDF Group's* scope of responsibility and its business relations.
To facilitate understanding, EDF has defined several themes that address these characteristics in particular: corruption, conflicts of interest, fraud, financial offences, violations of competition law, international sanctions and controls on international trade, harassment and discrimination, rights and protection of people, serious environmental damage and protection of personal data.
Regulated infrastructure management subsidiaries have their own systems.
* excluding regulated energy transmission or distribution infrastructure management subsidiaries (in particular ENEDIS and RTE)
How do I whistleblow?
Whistleblowers have the choice to send their alerts:
- either to the GECD: verbally or in writing or via the outsourced reporting platform;
- or to the ECO or line management, human resources and any other functions authorised in the local implementation note, only in writing.
Alerts can be entered in the group whistleblowing platform using a form available on a dedicated external platform accessible from the EDF website (https://www.edf.fr/) and completely disconnected from EDF's information systems.
The protection of whistleblowers is a fundamental concern for EDF, which has selected the secure platform BKMS® System to create and store all exchanges and information relating to alerts. This platform ensures that data is encrypted and stored in a confidential way on an external server disconnected from the EDF Group's information systems.
The Group whistleblowing platform is accessible in France and around the world. The forms are available in the eight languages used in the Group (French, English, Chinese, Italian, Spanish, German, Dutch, and Portuguese). In addition, the text of the alert can be written in any language, since the platform has a translation system.
To learn more about security, encryption and data retention conditions, watch the video below.
Protection of personal data guaranteed by BKMS® System
To make an alert in the whistleblowing system or ask for advice on its use
A user tutorial tells you how to enter an alert or a request in the system.
-
Download the tutorial PDF - 1.26 MB
At the same time, the EDF Group provides you with a Whistleblower Support Guide presenting the framework applicable to the collection and investigation of alerts as well as a reminder of the protection scheme associated with the status of a whistleblower.
-
Download the Whistleblower Support Guide PDF - 532.18 KB
Respect for confidentiality and protection of the whistleblower
The Group's whistleblowing system guarantees the strict confidentiality of the reported facts, as well as the personal data of the whistleblower and of the person(s) involved or mentioned in the alert. This information is therefore only accessible to managers and experts (HR, LD, IS, etc.) responsible for handling the alert under the confidentiality conditions required by the legislation in force.
This confidentiality applies without prejudice to the possibility for EDF to implement disciplinary and/or litigation proceedings relating to the reported facts, as soon as the investigations carried out as part of the handling of the alert enable them to be established. Testimonials of witnesses and/or victims are used in the context of these proceedings in accordance with the requirements of the legislation in force. The rules applicable to confidentiality are detailed in the Whistleblower Support Guide.
The Group's whistleblowing procedure guarantees protection against any retaliation or discriminatory measures, to any whistleblower who meets the conditions defined above and stated in the support guide mentioned above.
The information collected in the Group ethics, compliance and duty of care whistleblowing procedure is handled for the purpose of collecting and handling alerts in the areas mentioned. In accordance with the Data Protection Act of 6 January 1978 and the European Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 “on the protection of individuals with regard to the processing of personal data and on the free movement of such data” (EU-GDPR).
You can exercise your rights of information, access, rectification, erasure and opposition to the processing of your personal data in several ways with the following bodies or people:
Group Ethics & Compliance Division | The Data Protection Officer (DPO) appointed by EDF SA | The Data Protection Officer (DPO) appointed by the subsidiary |
By logging in to the BKMS platform and clicking the "Submit an alert or ask for advice/exercise your rights" button | By e-mail to the following address: informatique-et-libertes@edf.fr | |
By registered mail to the following address: EDF SA – Direction Ethique & Conformité Groupe Strictement Confidentiel Tour EDF 20, place de La Défense 92050 Paris la Défense |
By post to the following address: Délégué à la Protection des Données (DPO) EDF - Direction des Systèmes d'Information Groupe Mission Informatique et Libertés Tour PB6- 20 Place de La Défense 92050 PARIS LA DÉFENSE CEDEX |
A complaint to a supervisory authority (CNIL - French data protection watchdog) may be lodged.
A person called into question by an alert cannot, under any circumstances, obtain information about the identity of the whistleblower on the basis of their rights concerning their personal data.