Whistleblowing Policy
Background
At SPAR HOTEL, we strive to maintain an open and transparent workplace where misconduct has no place. For that reason, it is essential that clear information exists on how to report concerns confidentially and securely. Whenever there is suspicion of ongoing or past misconduct, there must be resources in place to uncover it. By making reporting straightforward, we collectively help protect the trust of employees, customers, and the general public.
All cases are initially handled by the law firm Starck & Partner to ensure independent case management. Our internal contact persons may subsequently take over the case from the initial case handlers. See further details and contact information under “6.1 Contact details for case handlers.”
This whistleblowing policy covers the legal entities Spar Hotel Majorna KB and Spar Hotel Gårda KB.
Definitions
GDPR: The General Data Protection Regulation ((EU) 2016⁄679), regulating the processing and free movement of personal data within the European Union.
Whistleblowing Directive: Directive 2019⁄1936 on the protection of persons reporting breaches of Union law.
Whistleblowing Act: The Swedish Act (2021:890) on the protection of persons reporting misconduct.
Visslan: The Whistle Compliance Solutions AB’s whistleblowing service “Visslan”, enabling digital reporting of misconduct.
Misconduct: Acts or omissions occurring in a work-related context that are in the public interest to reveal.
Reporting: Providing information orally or in writing regarding misconduct.
Internal Reporting: Providing information on misconduct within a private-sector organisation.
External Reporting: Providing information on misconduct to the competent authorities.
Disclosure / Public Disclosure: Making information on misconduct available to the public.
Reporting Person: An individual who reports or discloses information on misconduct obtained through their work-related activities.
Retaliation: Any direct or indirect act or omission occurring in a work-related context, prompted by internal or external reporting or disclosure, which causes or could cause unjustified harm to the reporting person.
Follow-up: Any action taken by the recipient of a report to assess the accuracy of the allegations and, where relevant, address the reported breach, including internal investigations, legal actions, recovery efforts, or case closure.
Feedback: Providing reporting persons (“whistleblowers”) with information on planned or taken follow-up measures and the grounds for such measures.
1. Who can report?
You may report and qualify for protection under the Whistleblowing Act if you are an employee, volunteer, intern, active shareholder, or any person otherwise working under our control and direction, or if you are part of our governing, management, or supervisory bodies. Contractors, subcontractors, and suppliers who become aware of misconduct within the company may also report concerns.
Ending or not yet starting your work-related relationship with us does not prevent you from submitting a report.
2. What can I report?
If you suspect possible misconduct, legal violations, or breaches of rules, we encourage you to report them as a whistleblowing matter. At the time of reporting, you must have reasonable grounds to believe that the information you provide is true. The assessment of “reasonable grounds” is based on the circumstances and information available to you at the time of reporting. These requirements must be met in order to receive protection under the Whistleblowing Act.
Before reporting, consult the “5 questions to determine whether you are protected under the Whistleblowing Act.”
2.1 Misconduct of public interest
You may report information on misconduct occurring in a work-related context when it is in the public interest for the information to come to light. Personal complaints without public interest — such as disputes or issues concerning the workplace or work environment — should instead be raised with your immediate manager, the hotel director, or the finance manager. This ensures such matters are handled appropriately.
Examples of serious misconduct that may be reported include:
-
Intentional misstatements in accounting, internal financial controls, or other financial crime
-
Theft, corruption, vandalism, fraud, embezzlement, or data breaches
-
Serious environmental violations or significant workplace safety deficiencies
-
Serious forms of discrimination or harassment
-
Other serious issues affecting individuals’ life or health
-
Other serious misconduct affecting the company’s vital interests
2.2 Misconduct in breach of EU law
You may also report suspected misconduct in breach of EU regulations. If you believe this applies, consult Section 2 of the Whistleblowing Act and Article 2 with Annex Part 1 of the Whistleblowing Directive for applicable legislation.
3. How do I report?
3.1 Written reporting
Written reports must be submitted via our digital whistleblowing service Visslan, available at:
https://sparhotel.visslan-report.se
Select “Report” and provide a detailed description of the suspected misconduct. You may attach additional evidence such as documents, images, or audio files.
3.1.1 Sensitive personal data
Do not include sensitive personal data unless necessary to describe your case. Sensitive data includes information on:
– ethnic origin
– political opinions
– religious or philosophical beliefs
– trade union membership
– health
– sexual life or orientation
– genetic or biometric data used for identification
3.1.2 Anonymity
You may remain anonymous throughout the process without losing legal protection. You may also disclose your identity under strict confidentiality. Note that anonymity may limit our ability to follow up; in such cases, we may later ask you to identify yourself confidentially.
3.1.3 Follow-up & login
After submitting a report, you receive a sixteen-digit code that allows you to log in to Visslan.
You must save this code — without it, you cannot access your case again.
If the code is lost, you may submit a new report referencing the previous one.
Within seven days, you will receive confirmation from the case handler that your report has been received. You may communicate anonymously with the case handler through the platform. Within three months, you will receive follow-up information regarding planned or completed measures.
You must log in regularly using your sixteen-digit code to answer potential follow-up questions. Without your responses, the case may not proceed.
3.2 Oral reporting
You may also report orally by uploading an audio file when submitting a case at:
https://sparhotel.visslan-report.se
Select “Yes” when asked about additional evidence to upload your file. The recording should include the same details you would provide in a written report.
You may also request a physical meeting with the case handler through Visslan.
3.3 External reporting
We recommend internal reporting first. However, if internal reporting is inappropriate or difficult, you may report externally to the relevant authority or, where applicable, EU bodies.
A list of external reporting channels is available at: External reporting channels for whistleblowing
4. What are my rights?
4.1 Right to confidentiality
Throughout case management, your identity will remain confidential, and access will be restricted to authorised personnel only. Your identity will not be disclosed without your consent unless required by law. We will also ensure that you are protected from retaliation.
4.2 Protection against retaliation
You are protected from adverse consequences as a result of reporting misconduct. This protection also extends to persons assisting you, colleagues or relatives at the workplace, and legal entities you own, work for, or are otherwise connected to.
Retaliation is prohibited, including dismissal, changes in duties, disciplinary actions, threats, discrimination, blacklisting, or similar actions.
You are still protected even if you are identified and face retaliation, provided you had reasonable grounds to believe the reported misconduct was true and within the scope of the Whistleblowing Act. Protection does not apply if you commit a criminal offence to obtain or access the reported information.
Protection applies in legal proceedings, including defamation, copyright infringement, breach of confidentiality, data protection violations, disclosure of trade secrets, or claims under private, public, or collective labour law — provided you had reasonable grounds to believe reporting or disclosing the information was necessary.
4.3 Public disclosure
Protection also applies when information is made public. This requires that internal or external reporting has occurred and no appropriate action has been taken within three months (or six months, where justified). Protection also applies in urgent cases involving an apparent danger to the public interest, or where external reporting poses retaliation risks or is unlikely to address the misconduct effectively — for example, risk of evidence being hidden or destroyed.
This protection does not apply to direct disclosure to the media under separate systems protecting freedom of expression. Your rights to source protection and freedom of information remain unaffected where applicable.
4.4 Right to documentation review
If you request a meeting with the case handler, they will ensure — subject to your consent — that full and accurate documentation is preserved, either through an audio recording or written minutes. You will have the opportunity to review, correct, and approve the documentation.
We recommend storing documentation within Visslan by creating a case where information can be maintained securely.
5. GDPR and personal data handling
We always strive to protect you and your personal data. All processing is carried out in accordance with the General Data Protection Regulation (GDPR).
All personal data irrelevant to the case will be deleted. A case will be stored only as long as necessary and proportionate, and no longer than two years after its closure.
6. Additional contact
If you have further questions about how we handle whistleblowing cases, you are welcome to contact the case handlers.
For technical issues with Visslan, please submit a case at:
https://sparhotel.visslan-report.se
If this is not possible, contact The Whistle Compliance Solutions AB. Contact details are below.
6.1 Contact details for case handlers
Marita Bark
08 – 40 90 46 48
marita.bark@starckpartner.se
Jesper Wigzell
08 – 40 90 46 52
jesper.wigzell@starckpartner.se
6.2 Contact details for Spar Hotel
Terese Wibeck – Hotel Director
0734 – 228499
terese.wibeck@sparhotel.se
Veronica Erdogan – Finance Manager
070 – 142 78 74
veronica.erdogan@sparhotel.se
The internal contact persons listed above may take over the case from the case handlers, regardless of whether the matter qualifies as whistleblowing or, for example, an HR issue.
6.3 Contact details for The Whistle Compliance Solutions AB
Email: clientsupport@visslan.com
Phone: +46 10 – 750 08 10
