On 8 June 2001, Legislative Decree 231/01 was issued, which adapted the national legislation on the liability of entities, with legal and non-legal personality, to a series of international conventions and European directives: Brussels Convention of 26.7.95 and 26.5.97, OECD Convention of 17.12.1997, International Convention of 9.12.1999, Conventions and Protocols of the United Nations Organization of 15.11.2000, of 31.5.2001 and 31.10.2003, Community Law 2004, DIR. 2005/60/EC, DIR. 2006/70/EC.
Legislative Decree 231/01, entitled “Regulation of the administrative liability of legal persons, companies and associations, including those without legal personality pursuant to Article 11 of Law no. 300 of 29.9.2000”, introduced for the first time in Italy the liability of entities for administrative offences dependent on crimes committed by natural persons in the interest or to the advantage of the entities themselves. Therefore, an autonomous liability of the Entity for crimes that arise within its own sphere has been introduced and which is added (distinguishing itself) to the specific liability of the material author of the offence. Until the introduction of Legislative Decree 231/01, in fact, the Entities, due to the principle according to which criminal liability is personal, did not suffer sanctioning consequences other than any compensation for damage and, on a criminal level, were punishable exclusively pursuant to Art. 196 and 197 of the Criminal Code (articles that still provide for a civil obligation for the payment of fines or fines imposed exclusively in the event of the insolvency of the material perpetrator of the crime).
The articles of Legislative Decree 231/01 identify as active subjects of the crime persons who hold representation, administration or management functions of the Entity or of one of its organizational units endowed with financial and functional autonomy, as well as subjects who exercise, even de facto, the management and control of the same. The articles also identify as active subjects the natural persons subject to the direction or supervision of one of the subjects indicated above.
Legislative Decree 231/01 involves in the sanction of certain criminal offences the assets of entities that have benefited from it or that have had an interest in the commission of the crime itself. For all offences committed, a financial penalty is always applied (in addition to the confiscation of the profit that the Entity has derived from the crime, also in the form for equivalent); for the most serious cases, there are also interdictory measures such as the suspension or revocation of licenses and concessions, the prohibition of contracting with the Public Administration (PA), the prohibition from exercising the activity, the exclusion or revocation of funding and contributions, the prohibition of advertising goods and services.

From 8 June 2001 to date, Legislative Decree 231/01 has undergone amendments and additions in order to adapt to national legislative instruments that have introduced new predicate offences. For this reason, the writing of “Legislative Decree 231/01” is intended as the last state of its subsequent amendments and additions (read, therefore, as Legislative Decree 231/01 and subsequent amendments).
Similarly, it is understood that all the documents mentioned in the Organization, Management and Control Model are at the latest state of revision.

In this document, the following terms shall have the following meanings:

∙  Sensitive activity: activities at risk of committing a crime, i.e. activities in which there is a risk of committing a crime included in those contemplated by Legislative Decree 231/01; these are activities in whose actions could, in principle, constitute conditions, occasions or means, even instrumentally, for the concrete realization of the crime;

∙ CCNL: National Collective Bargaining Agreement for the reference sectors:

A.  CCNL for the metalworking sector: the current National Collective Bargaining Agreement for employees of industrial companies;

B.  CCNL for Industry Executives: the current National Collective Labour Agreement for Managers of Industrial Companies;

∙ Code of Ethics: document that contains the general principles of conduct to be followed by the recipients with reference to the activities defined by this MODEL;

∙  Legislative Decree 231/01: Legislative Decree no. 231 of 8 June 2001, containing the “Regulation of the administrative liability of legal persons, companies and associations, including those without legal personality, pursuant to Art. 11 of Law no. 300 of 29 September 2000”, published in the Official Gazette no. 140 of 19 June 2001 and its subsequent amendments and additions (as amended);

∙  Recipients: shareholders, directors, managers, auditors, employees, suppliers, sub-contractors and all those subjects with whom the Company may come into contact in the performance of business relationships;

∙    Employees: all natural persons who have an employment relationship with the Company;

∙ Disciplinary undues:
A.  of the “slight non-compliance” type when the conduct is characterized by negligence and not by intent and  has not generated a risk of sanctions or damage for the Company;

B.     of the “repeated non-compliance” type when the conduct is repeated and characterized by negligence and has generated risks of sanctions or damages for the Company as well as  is not characterized by intentional misconduct;

C.   of the “serious non-compliance” type when the conduct is serious and characterized by negligence, has generated risks of sanctions or damage for the Company as well as  is not characterized by intentional misconduct;

D.  of the “culpable violation” type when the conduct is characterized by negligence and not by intent as well as has generated potential risks of sanctions or damages for the Company that are more important than non-compliance;

∙    Confindustria Guidelines: Guidelines for the Construction of Organization, Management and Control Models pursuant to Legislative Decree no. 231 of 8 June 2001, approved on 7 March 2002 and updated in March 2014. The Confindustria Guidelines collect a series of indications and measures, essentially drawn from company practice, considered in the abstract suitable to meet the needs outlined by Legislative Decree 231/01, where, however, precise references are not provided except on a methodological level; the Guidelines, therefore, aim to guide companies in the implementation of these models, since it is not possible to propose the construction of decontextualized cases to be applied directly to individual operating realities; without prejudice to the key role of the Guidelines in terms of the abstract suitability of the model, the judgment on the concrete

implementation and effective implementation of the model itself in the daily activity of the company is left to the free assessment of the criminal judge. The latter alone can express an opinion on the conformity and adequacy of the model with respect to the purpose of preventing the crimes pursued by it;

∙    MODEL: Organisation, Management and Control Model adopted by the Company which includes a mapping of the Company’s sensitive activities at risk of committing the predicate offence, a scheme of organisational and management procedures, with the consequent control actions (type, responsibility and periodicity) to protect the risk, a cross-reference between the predicate offences and the documentary structure present in the entity supporting the MODEL itself;

∙       SB: Supervisory Body provided for by Art. 6 co.1 letter b) of Legislative Decree 231/2001, with the task of supervising the operation and compliance with the MODEL, as well as its updating;

∙           PA: the Public Administration, including its officials and persons in charge of public service. Public officials (PU) and persons in charge of public service (IPS) also include directors, managers and officials of private companies that perform a public service;

∙       Personnel: all natural persons who have an employment relationship with the Company, including employees, temporary workers, collaborators, “interns” and freelancers who have received an assignment from the Company itself;

∙     Top Staff: the persons referred to in Article 5, paragraph 1, letter a) of Legislative Decree 231/2001, or persons who hold representation, administration or management functions of the Company or of one of its organisational units with financial and functional autonomy; in particular, the members of the Administrative Body (Sole Director or the Board of Directors including the Chairman, the Chief Executive Officer), the Attorneys, etc.;

∙           Personnel subject to the direction of others: the persons referred to in Article 5, paragraph 1, letter b) of Legislative Decree 231/2001, or all Personnel who work under the direction or supervision of Top Management Personnel

∙       General principles of conduct: the physical and/or logical measures provided for by the Code of Ethics

[EC231] in order to prevent the commission of crimes, divided by type of recipients;

∙      Specific principles of conduct: the physical and/or logical measures provided for in the supporting document of the MODEL [MO231] in order to prevent the commission of the Crimes and divided according to the different types of the aforementioned Crimes;

∙    Procedures: formalized documents to govern a specific business process or a series of activities constituting the process;

∙       Protocols: appropriately formalised documents for risk prevention with the task of defining the conduct of personnel or regulating sensitive activities to avoid the commission of predicate offences; protocols are the main tools for reducing risk to an acceptable level, an objective set by the Company;

∙     Offences: offences to which the discipline provided for by Legislative Decree 231/2001 and subsequent amendments applies;

∙    Disciplinary System: set of sanctioning measures applicable in the event of violation of the supporting document of the MODEL [MO231] and the Code of Ethics [EC231];

Company or Enterprise: SA FIRE PROTECTION S.R.L.

SA FIRE PROTECTION S.R.L. was established in 1992, from the evolution of Sud Antinfortunistica S.n.c. founded in 1980.

In 1999, the company was certified according to the UNI EN ISO 9001 standard. The main activities on which it is developed are:

1.      design of fire-fighting systems, security systems, electrical systems;

2.          construction, installation, testing and maintenance of fire-fighting systems of any kind, land, naval and air;

3.       construction, installation, testing and maintenance of fire-fighting equipment, fire extinguishers, cylinders and tanks containing compressed, liquefied, dissolved gases and their mixtures;

4.          construction, installation, testing and maintenance of civil, industrial, naval and aircraft electrical and electronic systems;

5.      construction, installation, testing and maintenance of fire detection and security systems (burglar alarm, anti-shoplifting, CC-TV, etc.) civil, industrial and naval;

6.        construction and maintenance of electronic systems relating to fire-fighting, industrial, civil, naval and aircraft systems;

7.       courses for fire instruction.

SA Fire Protection also supplies equipment and spare parts for these systems.

SA FIRE PROTECTION S.r.l. during its work activities has obtained various registrations in special registers, and is in possession of A.Q.A.P.120  qualification issued by NAVARM and AER-Q-120 issued by ARMAEREO.

SA FIRE PROTECTION S.r.l. is in possession of SOA certification  for:

–  Category OS3 – Qualification IV

–  Category OS30 – Qualification II.

Currently, SA FIRE PROTECTION S.r.l. has a staff of about 78 employees, on a fixed-term and permanent basis, located between the registered office in Contrada San Biagio – Z.I. San Pier Maria, SNC 98045 San Pier Niceto (ME) and the operational headquarters in Viale Etruria 15, 56021 Cascina (PI); adopts a “traditional”  governance system, which is characterized by the presence:

·         the Shareholders’ Meeting, which is responsible for deciding on the supreme acts of governance of the Company, in accordance with the provisions of the Law and the Articles of Association;

·         the Administrative Body, the Board of Directors, in charge of managing the social enterprise, which has assigned operational powers to delegated bodies and subjects;

·         the Auditor, called upon to supervise pursuant to the Civil Code, who is entrusted with the activity of statutory auditing of the accounts and the opinion on the financial statements, pursuant to the Law and the Articles of Association.

The main governance tools that the Company has adopted can be summarized as follows.

The Articles of Association which, in accordance with the provisions of the law in force, contemplate various provisions relating to corporate governance aimed at ensuring the proper performance of management activities.

 
The Organization Chart and the Function Chart make it possible to understand the corporate structure, the distribution of responsibilities and the identification of the subjects to whom these responsibilities are entrusted, shown below as per the Quality Manual, as well as the list of human resources updated by the L&HR function for any changes that occur.

A system of procedures and protocols (manuals, procedures and instructions) aimed at clearly and effectively regulating the Company’s relevant processes.

* Certificates Specific quality systems related to product certifications

The set of governance tools adopted by SA FIRE PROTECTION S.R.L. (referred to above in a nutshell) and the provisions of this MODEL makes it possible to identify, with respect to all activities, how the decisions of the entity are formed and implemented pursuant to and effects of Legislative Decree 231/01).

The same management method must be respected in the drafting and dissemination of the Disciplinary System.

It is also not only desirable but also necessary to coordinate between the Administrative Body and the Supervisory Body and therefore allow them to intervene in a unified manner to avoid the formation of unmanned risk areas.

The recipients of the Model (hereinafter the “Recipients”) are all those who work to achieve the company’s purpose and objectives.

The recipients of the Model include members of the corporate bodies, persons involved in the functions of the Supervisory Body, company employees, external consultants and commercial and/or financial partners

SA FIRE PROTECTION S.R.L., despite the fact that the adoption of the MODEL is considered and indicated by Legislative Decree 231/01 as an option and not as an obligation, considers this opportunity an effective tool for those who work inside and outside the company. All this to guarantee and ensure compliance with the general and specific principles of conduct that can prevent the risk of committing predicate crimes, as identified in the document “Detection of the risks of committing predicate crimes (Risk Assessment)” in acronym [RA231].

The identification of sensitive activities, i.e. those exposed to the risk of committing crimes, and their management, through an effective system of controls, aims to:

∙      make all those who work in the name and on behalf of SA FIRE PROTECTION S.R.L. fully aware of the risks of incurring an offence punishable by criminal and administrative sanctions, not only against themselves but also against the Company itself;

∙        reiterate that forms of unlawful conduct are strongly condemned by SA FIRE PROTECTION S.R.L. as (even if the Company were apparently in a position to take advantage of them) they are in any case contrary not only to the provisions of the law, but also to the ethical and social principles to which SA FIRE PROTECTION S.R.L. adheres in the performance of its corporate mission;

∙     allow SA FIRE PROTECTION S.R.L., thanks to a monitoring action on sensitive activities at risk of crime, to intervene promptly to prevent or combat the commission of the crimes themselves. Among the purposes of the MODEL there is, therefore, that of making the recipients of the same aware of the respect for the roles, operating methods, procedures and, in other words, of the MODEL adopted and awareness of the social value of this MODEL in order to prevent the commission of Crimes.

SA FIRE PROTECTION S.R.L. believes that the adoption of an Organization, Management and Control Model built in accordance with the provisions of Legislative Decree 231/01, represents a valid and effective tool to raise awareness among the Administrative Body, employees and all those third parties who have relations with SA FIRE PROTECTION S.R.L., since the aforementioned subjects, recipients of the MODEL, are required to carry out their activities through correct and transparent conduct that follows the ethical and social issues that inspire the action of SA FIRE PROTECTION S.R.L., which can thus prevent the risk of committing the predicate crimes.

The administrative body of the Company SA FIRE PROTECTION S.R.L. has proposed and the Shareholders’ Meeting has thus approved this MODEL pursuant to Legislative Decree 231/01.

The Company, in preparing this document, has referred to the Confindustria Guidelines, case law rulings and company history.

The direct documentary structure thus adopted, in support of the requirements expressed by Legislative Decree 231/2001, is suitable for preventing the predicate crimes indicated in the same Legislative Decree.

Direct Document Structure
The direct documentary structure supporting the requirements expressed by Legislative Decree 231/2001 consists of:

Supporting document of the MODEL (general part and special part) [MO PG231 and MO PS231];
Detection of the risks of committing predicate crimes (Risk Assessment) [RA231];

Code of Ethics [EC231];

Disciplinary System [SD231];

Supervisory Body [OV231];

Information flows to and from the Supervisory Body [FI231].

The direct document structure meets the following needs:

∙  identification of the crimes that may be committed and that are a prerequisite for the definition of the Company’s administrative liability;

∙  mapping of activities sensitive to the risk of committing the predicate crime;

∙  definition and updating of supporting company documents;

∙  setting up control actions (type, responsibility and periodicity) to protect against the risk of committing the predicate crime;

∙  planning of information flows to the Supervisory Body;

∙  definition of an adequate disciplinary system for sanctioning non-compliance with company procedures and provisions (protocols);

∙  definition of corporate conduct principles.

Company document structure to support the MODEL
Following an assessment of the risks of committing the predicate offences indicated in Legislative Decree 231/2001, the MODEL is supported by a company document structure consisting of:

∙  Register of documentation supporting Model 231 [MO231-MR.00];

∙  Operational Protocols (PO) and Registration Forms (MR) for the prevention of the risk of committing predicate crimes;

∙  ISO 14001:2015 Environmental Management System;

∙  Quality management system according to ISO 9001:2015;

∙  Management system for social responsibility according to SA 8000:2014;

∙  Occupational health and safety management system according to ISO 45001:2023.

∙    F-GAS certification for installation, maintenance or repair of fixed fire protection systems and fire extinguishers containing certain greenhouse gases pursuant to EC Reg. 304/2008;

∙  Welding quality management system according to UNI EN ISO 3834-2:2021;

∙  Certification of conformity of factory production control for structural steel elements according to EN 1090-1:2009;

∙  SOA Certificate of qualification for the execution of public works pursuant to Presidential Decree 207/2010;

∙  Organization chart, Regulations and Employment Contracts, Deeds and Proxies;

∙  IT system management documents.

The aforementioned documents are periodically updated and made available to all interested parties

The cross reference, between the specific crimes and the documentary structure created to prevent the commission of the crimes themselves, is kept constantly updated within the Risk Assessment document – RA-231 and is a constituent part of this MODEL.

Therefore, the main acronyms used in the aforementioned Cross-reference are defined below.

Following the detection of the risks of committing predicate offences (Risk Assessment), referred to in document [RA231], the status of the analysis of the same is reported with particular reference to sensitive activities and the conduct to be adopted by the Recipients of the MODEL.

The general principles of conduct, to which the Recipients must comply, are set out in the Code of Ethics [EC231] which constitutes a suitable preventive tool for the commission of Crimes.

In addition to the general principles of conduct, directors, employees, consultants and all others who operate in the name and on behalf of the Company must comply with the provisions of the following points which define, among other things, the specific principles of conduct.

The assessment is linked to the identification of the activities sensitive to the risk of committing the predicate offence and the sensitive activity is defined as the set of transactions and acts that may expose the Company to the risk of committing a crime referred to in Legislative Decree 231/01 as amended. Therefore, maximum attention is paid to identifying what is the activity and/or action of the process in which the risk of crime is present.

For the effectiveness of this assessment, it is important to define a threshold that determines when there is a “sufficient condition” for the commission of the crime.

The identification of this threshold cannot be unequivocally determined since it is linked to the context of the Company’s activity.

On the basis of characteristic indicators, defined on a situation-by-situation basis, it will therefore be possible to assess the case in which the risk of committing a crime lacks sufficient prerequisites, i.e. it has insufficient prerequisites (PI).

On the other hand, the case in which the hypothesis of commission of the predicate offence is not applicable to the context of the Company, i.e. there is non-applicability (NA), will be different.

The assessment of sensitive activities must be developed for all the predicate crimes listed below, without exclusion, in order to make the analysis itself truly effective.

On the basis of the provisions of Legislative Decree 231/01 and subsequent additions – the administrative liability of the entity is configured with reference to the following types of crime:

As part of the development of the activities for defining the protocols necessary to prevent the types of crime risk listed above, the main processes, sub-processes or activities within which, in principle, crimes could be committed or the opportunities or means for carrying them out could be identified, on the basis of knowledge of the internal structure and company documentation.

With reference to these processes, the management and control system in place was detected under processes or activities, focusing the analysis on the presence/absence within it of the following control elements:

§  Rules of conduct: existence of rules of conduct suitable for ensuring the exercise of company activities in compliance with laws, regulations and the integrity of company assets;

§  Procedures: existence of internal procedures to oversee the processes in which the types of offences envisaged by Legislative Decree 231/01 could occur or in which the conditions, occasions or means of committing the same offences could occur. The minimum characteristics that have been examined are:

o    Definition and regulation of the methods and timing of carrying out the activities;

o    Traceability of acts, operations and transactions through     adequate documentary support attesting to the characteristics and reasons for the operation and identifying the parties involved in various capacities in the operation (authorisation, execution, registration, verification of the operation);

o    Clear definition of responsibility for activities;

o    Existence of objective criteria for making business choices;

o    Adequate formalization and dissemination of the company procedures in question.

§  Segregation of tasks: a correct distribution of responsibilities and the provision of adequate levels of authorization, in order to avoid functional overlaps or operational allocations that concentrate critical activities on a single subject;

§  Authorization levels: clear and formalized assignment of powers and responsibilities, with express indication of the limits of exercise in line with the tasks assigned and with the positions held within the organizational structure;

§  Control activities: existence and documentation of control and supervision activities carried out on company transactions;

§  Monitoring activities: existence of security mechanisms that guarantee adequate protection/access to company data and assets.

Specifically, the control systems in place for each business area/process highlighted are summarized in the special parts of this Model.

Art. 6, paragraph 2, letter e) and art. 7, paragraph 4, letter b) of Legislative Decree 231/01 establishes, with reference to both persons in top positions and persons subject to the direction of others, the necessary preparation of “a disciplinary system suitable for sanctioning non-compliance with the measures indicated in the Model”.

The effective implementation of the Model and the Code of Conduct cannot be separated from the preparation of an adequate sanctioning system, which plays an essential role in the system of Legislative Decree 231/01, constituting the protection safeguard for internal procedures.

In other words, the provision of an adequate system that is suitable for sanctioning violations of the provisions and organisational procedures referred to in the Model is a qualifying element of the same and an essential condition for its concrete operation, application and compliance by all Recipients.

In this regard, it should be pointed out that the application of sanctions does not depend on the actual commission of a crime and the possible initiation of criminal proceedings: the purpose of the sanctions provided for here is in fact to repress any violation of the provisions of the Model dictated for the purpose of preventing criminal offences, promoting among company personnel and all those who collaborate in any capacity with the Company,  the awareness of the latter’s firm will to pursue any violation of the rules put in place to safeguard the correct performance of the tasks and/or assignments assigned.

Therefore, the disciplinary system applicable in the event of violation of the provisions of the Model is aimed at making the adoption of the same and the action of the SB effective and effective, also by virtue of the provisions of art. 6 of the Decree.

A fundamental requirement of the sanctions is their proportionality with respect to the violation detected, proportionality that must be assessed in accordance with three criteria:

§  Seriousness of the violation;

§  Type of employment relationship established with the provider (subordinate, para-subordinate, managerial, etc.), taking into account the specific regulations existing on the regulatory and contractual level;

Possible recidivism.

For the purposes of compliance with Legislative Decree 231/2001, by way of example, the following are violations of the Model:

§  The implementation of actions or behaviours that do not comply with the requirements of the Model, or the omission of actions or behaviours prescribed by the Model, in the performance of activities in which there is a risk of committing crimes (i.e. in the so-called sensitive trials) or activities related to them;

§  The implementation of actions or behaviours that do not comply with the principles contained in the Code of Ethics, or the omission of actions or behaviours prescribed by the Code of Ethics, in the performance of sensitive processes or activities related to them;

Below are the penalties provided for the different types of Recipients.

To protect employees who report crimes or irregularities in the violation of the Model, the company has adopted an internal control procedure “Reporting suspicions-Wistleblowing” with related forms and instructions that it distributes to all personnel at the time of new recruitment and available on the intranet site.

The Company rigorously assesses the infringements of this Model committed by those who represent the Company’s top management and manifest their image towards employees, shareholders, creditors and the public. The formation and consolidation of a business ethics that is sensitive to the values of fairness and transparency presuppose, first of all, that these values are acquired and respected by those who guide the company’s choices, so as to constitute an example and stimulus for all those who, at any level, work for the Company.

In the event of violation of the Model by the Chief Executive Officer and/or the Board of Directors, the SB will take the appropriate measures including, for example, the convening of the shareholders’ meeting in order to adopt the most appropriate measures provided for by law and/or the revocation of any proxies granted to the director.

In any case, the right of companies to bring liability and compensation actions is without prejudice

Failure to comply with the procedures described in the Model adopted by the Company pursuant to Legislative Decree no. 231/2001 implies the application of disciplinary sanctions identified against the Recipients, which will be applied in compliance with the procedures provided for by art. 7 of Law 300/1970.

If one or more of the violations indicated in the previous paragraph is ascertained, due to its seriousness and possible recurrence, the following disciplinary measures are imposed, on the basis of the specific CCNL of the category applied:

§  Verbal warning;

§  Written warning;

§  Fine not exceeding the amount of three hours of pay;

§  Suspension from work and pay up to a maximum of 3 days;

§  Dismissal without notice.

The imposition of disciplinary sanctions will take place in compliance with the procedural rules referred to in art. 7 of Law 300/1970 and referred to in the current CCNL, according to a principle of proportionality (based on the seriousness of the violation and taking into account the recidivism). In particular, the type and extent of each of the sanctions mentioned above will be applied, in relation to: 

§  The intentionality of the behavior or degree of negligence, imprudence or inexperience with regard also to the foreseeability of the event;

§  The overall conduct of the worker with particular regard to the existence or otherwise of disciplinary precedents of the same, within the limits permitted by law;

§  The worker’s duties;

§  The functional position of the persons involved in the facts constituting the absence;

§  Violation of the Company’s rules, laws and internal regulations;

§  To the other particular circumstances that accompany the disciplinary violation;

In any case, the SB will always be informed of the sanctions imposed and/or violations ascertained

Failure to comply with the rules indicated in the Model adopted by the Company pursuant to Legislative Decree 231/2001 by suppliers, collaborators, external consultants, partners having contractual/commercial relations with the company, may determine, in accordance with the provisions of the specific contractual relationship, the termination of the relevant contract, without prejudice to the right to request compensation for damages occurring as a result of such conduct,  including damages caused by the application by the Judge of the measures provided for by Legislative Decree 231/2001

The section provides operational indications on how to proceed with the report, by any subject, therefore information on the subject, contents, recipients and documents to be used for the transmission of reports as well as the forms of protection recognized to the whistleblower by our legal system.

The adoption of this supplement to the model intends to:

·         clarify the principles underlying this institution and the role of the Corruption Prevention Officer as the recipient of the report;

·         specify the methods for managing reports, through a well-defined procedural process;

·         represent the methods adopted by the Company to protect the confidentiality of the identity of the employee making the report, the content of the report and the identity of any other parties involved in this process regulate any applicable sanctions.

The provisions of the section apply exclusively to reports received from persons who identify themselves (so-called nominative reports) and therefore do not apply to anonymous reports.

The personal data collected in the reporting procedure will be processed in compliance with current legislation (Legislative Decree 196/2003 and subsequent amendments, also in relation to the amendments made by U.U. Regulation 679/2016).

In particular, the legitimate interest of the data controller is provided by the interest in the proper functioning of the structure and the reporting of wrongdoing, while the legal basis is the specific legislation on the reporting of wrongdoing.

As regards the retention of data, the same must be kept until the procedure is completely exhausted, without prejudice to the requirements of justice.

At the time of reporting, therefore, the whistleblower will then be provided with a specific information notice (possibly in summary form with reference to other consultation methods for further information), regarding the processing of data.
The description of the specific principles of conduct is entrusted to the reference protocol PO-12 for the reporting and management of the risk of committing predicate crimes as indicated in the Cross Reference in paragraph § 4.2.

The public document called “Code of Ethics”, abbreviated [CE231], defines the legal obligations and moral values to which the Company, SA FIRE PROTECTION S.R.L.Conforms.

The Code of Ethics identifies the responsibilities of each recipient, from Employees to all those who cooperate in the pursuit of the Company’s goals.

From the general principles of conduct, defined therein, derive rules and procedures

operational operations to be implemented in SA FIRE PROTECTION S.R.L., as well as the inspiring principles for the members of the Administrative Body and for the managers in concretely implementing the Company’s Management activities.

The Code of Ethics document [EC231] initially presents the terms for its correct dissemination followed by the “obligations of the recipients” as well as the references to be followed in the event of “violations of the code”.

In the Code of Ethics, particular emphasis is placed on communicating the mission and values of the

SA FIRE PROTECTION S.R.L.
The Code of Ethics describes the following “general principles of conduct”: legality; loyalty and fairness; product quality; enhancement of human resources; health and safety in the workplace; environment; participation and reciprocity; in the management of the preparation of corporate accounting documents and corporate communications; shrewdness in commercial transactions; prohibition of money laundering transactions; protection of data and IT systems; external communications.

The Code of Ethics also describes the following “specific principles of conduct”: in relations with Employees (for the selection and choice of personnel as well as for transparency in corporate relations and communications); in relations with the Public Administration and the Supervisory and Control Authorities and in the management of legal proceedings; in relations with Suppliers (for the selection and choice of suppliers and in the management of purchases); in relations with Competitors (in respect of industrial and intellectual property); in relations with Customers (for the correctness and completeness of information and for the involvement of Customers); in relations with other interlocutors, including Shareholders, the Auditor, the Auditing Firm, trade associations, trade unions and political parties; in the bestowal or acceptance of gifts or other benefits

The public document called “Disciplinary System”, abbreviated [SD231], formalizes and constitutes what is required by Legislative Decree 231/01 to obtain and guarantee compliance with the defined principles of conduct and the Company’s extraneousness from illegal and unfair practices.

The objective of the Disciplinary System is to discourage the implementation of criminal practices by the Company’s personnel and the other Recipients of the MODEL, punishing conduct that violates the principles of conduct indicated and expressed by the MODEL [MO231] and the Code of Ethics [EC231] as well as conduct that violates company procedures that, while not prefiguring hypotheses of crime pursuant to Legislative Decree 231/2001,  are to be considered relevant for the technical, organizational, legal, economic or reputational effects of the Company.

The aforementioned Disciplinary System integrates, for the aspects relevant to the purposes of Legislative Decree 231/01, and does not

it replaces the more general sanctioning system (National Collective Labour Agreements of reference and Workers’ Statute) concerning the relationship between employer and employee, as governed by public and private labour law.

The document Disciplinary System [SD231] provides for sanctions commensurate with the seriousness of the infringement committed and complies with the provisions contained in the Workers’ Statute and in the current CCNL.

For non-executive employees of SA FIRE PROTECTION S.R.L. the applicable sanctions (in compliance with the CCNL Metalworkers) are:

∙       Verbal warning;

∙       Written warning;

∙       Fine not exceeding three hours of hourly wage calculated on the minimum wage;

∙       Suspension from work and pay for up to a maximum of three days;

∙       Dismissal for shortcomings;

∙       Suspension from service with maintenance of the salary for workers subject to criminal proceedings pursuant to Legislative Decree 231/01.

In particular, the document presents a summary table that relates the sanction

applied with the offence committed for a clearer definition of the specific levels of seriousness in the commission of offences.

For the Executives of SA FIRE PROTECTION S.R.L. the applicable sanctions comply with the CCNL for Industry Executives and the underlying CCNL for Metalworkers Industry.

The recipients of the Disciplinary System include, in particular, those indicated by the Civil Code in Art. 2094 (Subordinate worker) and Art. 2095 (Categories of workers: managers, middle managers, white-collar workers and blue-collar workers), and, where mandatory legal provisions do not preclude them, all “stakeholders”, including the Company’s directors and external collaborators, as well as the Auditor, the Auditing Company and the Supervisory Body pursuant to Legislative Decree 231/01