Whistleblowing Policy

Micronfilter Srl is committed to maintaining the highest standards of conduct, integrity, and ethical behavior, as summarized in the Code of Ethics and other policies of Micronfilter Srl. This guideline on reporting (the "Whistleblowing Policy") aims – in compliance with the requirements of Legislative Decree No. 24 of 10/3/2023 – to promote and strengthen these standards and to establish the rules to be applied within Micronfilter Srl in the event of reporting Violations ("Reports") which, for example, could refer to:

a) violations of national regulations with reference to the predicate offenses referred to in Decree 231/2001;

b) violations of the Organizational and Management Models provided for in Decree 231/2001;

c) offenses committed in violation of EU legislation and all national provisions implementing it, including, in particular, offenses relating to the following sectors: public contracts, products services and financial markets, prevention of money laundering and terrorist financing; product safety and compliance; transport safety; environmental protection; radiation protection and nuclear safety; food and feed safety and animal health and welfare; public health; consumer protection; protection of privacy and personal data and security of networks and information systems. Acts or omissions regarding the internal market, which compromise the free movement of goods, people, services and capital, including violations of EU rules on competition and State aid, corporate tax and mechanisms whose purpose is to obtain a tax advantage that nullifies the object or purpose of the applicable legislation on corporate tax. Acts or behaviors that nullify the object or purpose of the provisions of the European Union in the sectors indicated in the previous points.

This Policy applies to all Reports.

All terms beginning with a capital letter, unless defined in the body of this Policy, will have the meaning assigned to them in Appendix 1 (Definitions).

Micronfilter Srl encourages Whistleblowers to submit Reports made in good faith based on facts they become aware of.

To support investigations and facilitate an adequate response, Reports should include:

a) a precise description of the facts (including dates and place);

b) the people involved in the Violation as well as those who can provide information;

c) supporting documentation.

It is strongly recommended to submit Reports through the dedicated channel micronfilter.sic-wb.it, which allows the following reporting options:

a) Anonymous: the Whistleblower remains completely anonymous;

b) Confidential: the Whistleblower remains anonymous within Micronfilter Srl, but provides the details to the service provider micronfilter.sic-wb.it;

c) Open: the Whistleblower provides all the details and allows the service provider micronfilter.sic-wb.it to disclose them.

Micronfilter Srl encourages open or confidential Reports submitted through the dedicated channel micronfilter.sic- wb.it, as:

(i) these facilitate the relative case management and subsequent communications with Whistleblowers and

(ii) according to this Policy, Whistleblowers are fully protected.

However, as provided in this Policy, Micronfilter Srl will also consider Reports submitted through other channels, other than the dedicated channel micronfilter.sic-wb.it, and regardless of whether they are:

a) Anonymous: when the identity of the Whistleblower is neither indicated nor otherwise uniquely identifiable;

b) Confidential: when the Whistleblower is known or recognizable, but the Report is not made publicly;

c) Open: when the Report is made through public or publicly accessible tools.

Alternative reporting channels to the micronfilter.sic-wb.it IT channel are:
– the analog written channel
– the oral channel

The methods of use of which are illustrated in Annex 2

The management of reports is entrusted to an internal committee composed as follows:
– the Chief Executive Officer of Micronfilter (CEO),
– the Chief Financial Officer of Micronfilter (CFO),
– the Director of Legal and Corporate Affairs of Micronfilter (General Counsel & BD Officer),
– Senior Director of Internal Audit at Micronfilter (Director) and
– Head of Human Resources at Micronfilter (Head HR).
Members of the Whistleblowing Committee will simultaneously receive reports sent through the dedicated channel micronfilter.sic-wb.it, or through other permitted reporting channels.
All Reports received by anyone through channels other than the dedicated channel micronfilter.sic-wb.it must be promptly forwarded to the members of the Whistleblowing Committee, including any Reports sent to the e-mail address of the Supervisory Body in accordance with the provisions of Model 231.
Annex 2 contains information on how to contact and use the dedicated channel micronfilter.sic-wb.it and the other reporting channels available.

Upon receipt of a Report, the Director shall prepare a summary of the complaint ("Report"), which shall be sent to the Whistleblowing Committee and the Chairman.
If the Report relates to local organizations, the Report shall also be forwarded to the local organizations in accordance with Article 10 below (Local Investigator, Local Legal Counsel, Local HR Manager).
The submission of this Report represents the formal opening of the case.
If the Whistleblowing Committee determines that a Report also relates to Model 231, the Report will be forwarded to the Supervisory Body, which, in this case:
a) may conduct a parallel investigation for the purposes of Model 231; and
b) will be kept informed by the Director of the activities carried out under this Policy.
The Whistleblowing Committee will in any case ensure the following activities:
– notify the Whistleblower of receipt of the report within 7 days of the date of receipt, unless the whistleblower expressly requests otherwise;
– respond to the Whistleblower within 3 months or, if there are justified and reasonable grounds, 6 months from the date of notification of receipt of the external report;
– communicate the final outcome of the report to the Whistleblower.

Based on the Report and any other additional element provided by the Director, the Whistleblowing Committee (hereinafter also referred to as the “Investigator”) carries out a preliminary verification involving any other functions, employees, external consultants and anyone else necessary.

After this initial verification, the Investigator can decide:

(i) to close cases not sufficiently supported by evidence, manifestly unfounded or relating to conduct or facts not relevant in relation to this Policy; or

(ii) open the investigation phase referred to in section 3.2 below.

The Investigator also assesses who else needs to be informed and any requirements for managing information in terms of internal/external disclosure of details.

For the purposes of this Policy, the Director acts as secretary of the Investigator and is responsible for the completeness, integrity and archiving of the case file.

The investigations are carried out on behalf of the Investigator by the Director in accordance with the directives set out in Annex 3 (Investigation Guidelines). All employees are required to cooperate by providing all the information and documents requested.

Throughout the investigation phase, the Director keeps the Investigator informed as necessary.

When the investigation phase is finished, the Director informs the Investigator, who provides the final assessment on the case or asks the Director to carry out further investigations.

The Supervisory Body is informed as necessary.

Based on the final assessment by the Investigator, the Director creates a final report containing the results of the investigations, the final decision and the Action Plan with the corrective measures deemed necessary to resolve any critical issues encountered.

The Supervisory Body will be informed of cases relevant for the purposes of Model 231 and may supplement the Action Plan with the corrective measures deemed necessary.

Legal Privilege is the right that protects all communications between a professional legal advisor and their client from disclosure without the client's permission.

It may be invoked or it may be necessary to guarantee it in certain investigations. If a Report concerns one or more events subject to Legal Privilege or this is invoked in any way, the Director must act in close coordination with the General Counsel & BD Officer of Micronfilter Srl to avoid an unintentional violation of the privilege and to establish appropriate precautions in the management of the case.

This Policy ensures that the management of the Report is entrusted exclusively to individuals who are not in conflict of interest situations. Therefore:

1. a) if the Report refers to one or more members of the Whistleblowing Committee, the members of that Committee in conflict situations will not take part in the management of the case and those who are not will identify other individuals to restore the integrity of the Committee;
2. b) if the Report refers to the Director, the Director of Legal and Corporate Affairs of the Group (General Counsel & BD Officer) will act in place of the Director based on this Policy;
3. c) if the Report refers to the General Counsel & BD Officer of Micronfilter Srl, the Whistleblowing Committee must ensure adequate legal support for the management of the case;
4. d) if the Report or the conflict of interest situation concerns all members of the Whistleblowing Committee, the Report must be addressed to the Chairman, who will then decide how to handle the case.

The previous points from (a) to (d) will also apply if a conflict of interest arises at a later stage, with the replacement of the people involved in the respective roles.

All conflict of interest situations must be declared without hesitation and reported in the case file.

Micronfilter Srl guarantees the protection of Whistleblowers, both in terms of confidentiality and the absolute prohibition of any type of retaliation against them. To this end, Micronfilter Srl ensures the confidentiality of the content of the Reports and the identity of the Whistleblowers throughout the case management process by all the people involved for any reason, within the limits in which the applicable laws protect anonymity and confidentiality.

Micronfilter Srl guarantees the Reported Party the right to be informed (within a reasonable period of time) about the accusations and any disciplinary measures against them, as well as the right to defense.

As soon as objective elements emerge suggesting that the Report is unfounded or has been presented in bad faith or with gross negligence, the Investigator must ensure that the application of any disciplinary sanctions against the Whistleblower is assessed.

The protection of the confidentiality of both the Whistleblower and the Reported Party is intended to protect him/her from harassment, retaliation or discrimination. To this end, the following measures are envisaged:

1. a) if available, personal data may be disclosed to the Whistleblowing Committee, the Supervisory Body and the Director. Further disclosure is permitted only if it is necessary, as decided by the Investigator with written justification;
2. b) use of the dedicated channel micronfilter.sic-wb.it as the preferred method for submitting Reports;
3. c) the use of paper documents is discouraged;
4. d) in all phases of case management, personal data must be kept strictly confidential (for example, by replacing names with numerical codes); and
5. e) anyone who is aware of cases of non-compliance with confidentiality must report it to the Investigator.

Failure to comply with confidentiality obligations may result in disciplinary action, without prejudice to any further liability provided for by law.

Anonymity is also protected: Micronfilter Srl will never try to reveal anonymity.

The Head of Human Resources (Head HR) and the General Counsel & BD Officer of Micronfilter Srl guarantee the availability, communication and training relating to this Policy.

This Policy will be published on the website on the Intranet of Micronfilter Srl.

The processing of personal data in the context of reports will take place in accordance with Regulation (EU) 2016/679 on the protection of personal data of natural persons (GDPR), as well as any other laws and/or regulations applicable within the limits of compatibility with the GDPR itself and the specific information available on the Digital Platform or on the company website at www.micronfiler.eu, which is intended to be fully incorporated in this document.

As part of the management of the Reports, personal data of the Reporting Person will be processed, where the Report is nominative, as well as personal data of the reported subject, such as name, surname, position held, etc. as well as personal data of any third parties, as well as any further information collected in the context of the investigations that is necessary and adequate to ascertain and verify the merits or otherwise of the Report.

Those concerned may exercise the rights provided for in the GDPR, where applicable under the applicable legal provisions and subject to the limitations referred to in Article 2-undecies of Legislative Decree No. 196/2003, by sending an e-mail to the following address: info@micronfilter.it

All Reports, regardless of the method of receipt, are archived by the Receiver in a specific electronic archive that constitutes the summary database of the essential data of the Reports and their management and also ensures the archiving of all attached documentation, as well as that produced or acquired during the analysis activities.

Reports and related documentation are kept for the time necessary to process the Report and, in any case, no more than five years from the date of communication of the final outcome of the Reporting procedure.

Action Plan: programmatic document containing all the activities, as well as the responsibilities for the execution and timing related to the corrective plan resulting from a case managed according to this Policy.

Code of Ethics: the Code of Ethics of the company Micronfilter Srl published on the website www.micronfilter.eu

Employees: (i) individuals with a subordinate employment contract with Micronfilter Srl (the definition includes directors and managers); (ii) seconded personnel; (iii) other collaborators of Micronfilter Srl, regardless of the contractual form and applicable laws.

Model 231: is the organizational model provided for by Legislative Decree No. 231 of 8 June 2001 containing the "Regulations on the administrative liability of legal persons, companies and associations, including those without legal personality, based on Article 11 of Law No. 300 of 29 September 2000".

Report: any denunciation of possible Violations.

Whistleblower: Person who submits a Violation Report, including all Employees, members of company committees and third parties who submit a Report.

Reported Party: Person directly or indirectly identified in a Report as responsible or jointly responsible for a Violation.

Supervisory Body: Corporate body appointed pursuant to Legislative Decree No. 231 of 8 June 2001 which operates as the Body responsible for Investigations in cases of Violations of Model 231.

Violations: attempted or committed conduct, actions or omissions among those indicated in section 1.

Whistleblowing Committee: is the committee defined in section 2.

USE OF THE ONLINE CHANNEL micronfilter.sic-wb.it
To submit reports via the online channel, you must access the company website and go to the Whistleblowing section by clicking on the link above and entering the report details.

USE OF THE WRITTEN ANALOGUE CHANNEL

With reference to the analog written method, the Report must be placed in two sealed envelopes, including, in the first, the identifying data of the Whistleblower, together with an identity document; in the second, the subject of the Report; both envelopes must then be placed in a third envelope bearing, on the outside, the words “Confidential to the Whistleblowing Report Manager”, sent to the address: Micronfilter Srl – Via Edoardo Agnelli 46, Leinì (TO).

USE OF THE ORAL CHANNEL

Reports communicated orally must be made using the dedicated voice mail telephone number 011.01214, or, at the request of the reporting person, through a direct meeting with the Reporting Manager, which must be requested using the same telephone number

1. Fundamental principles

All investigations must be managed in accordance with the following principles:

1. a) Observance: investigations may reveal information or evidence of unlawful action. The Director of Legal and Corporate Affairs of Micronfilter Srl, as a member of the Whistleblowing Committee, has the task of verifying the legal aspects, providing general legal and compliance advice on relevant issues and indicating whether there is an obligation to inform the local authorities. Some authorities may need to be informed immediately or within set deadlines (for example, authorities dealing with workplace accidents, securities regulators). Where established contact protocols with the authorities exist, these must be strictly adhered to.
2. b) Confidentiality: all parties involved in the assessment of the case and in the investigations must maintain the confidentiality of the information received/discussed, unless otherwise required by law and, as far as legally possible, the Director of Legal and Corporate Affairs of Micronfilter Srl must be informed before disclosure. The confidentiality of the investigation plan and the information obtained or developed as a result of the investigations must be maintained for:
3. protect all parties;
4. meet regulatory requirements;

• allow honest and sincere statements;

1. d) preserve evidence and protect the integrity of the process.
2. c) Privacy: investigations are often, by necessity, invasive. The Investigator must ensure that appropriate measures are taken for the collection, use, disclosure and storage of personal information and ensure that the needs of the investigation are balanced with that of privacy protection. It is important to comply with all applicable privacy laws and policies, taking them into account from the beginning of an investigation and before documents are collected from or provided to third parties.

2. Preliminary assessment

The preliminary assessment of a case should take into consideration the following aspects:

1. What specific professional negligence, action or omission has been reported or alleged?
2. Who is the source?
3. Is the source an employee or an external figure to the company?
4. Do the Reported Parties involved actually work for the company or are they affiliated with it?
5.  In which division and at what level are the Reported Parties involved?
6.  Does the accusation seem plausible and legitimate?
7.  What are the initial facts?
8. Are there any discrepancies?
9. Are there any mitigating circumstances?
10. What evidence exists to suggest that the violation occurred or not?
11. Is this a possible violation of the Code of Ethics? If so, which part of the Code of Ethics?
12. Is this a possible legal, civil, or criminal violation? If so, which rule?
13. Is this a possible violation of a specific policy or procedure? If so, which policy or procedure?
14. How serious does the possible violation appear to be?
15. What other information is needed to find out what happened?

3. Investigation Phase

The purpose of the investigation is to determine the relevant facts, not to "prove" a case. Managing the consequent corrective or disciplinary actions constitutes a separate part of the process once the facts have been ascertained.

Investigations must be conducted professionally by people with the necessary training, including some technical experience (in production, manufacturing, distribution, finance, etc.) insofar as such aspects are important to the investigation. There are circumstances in which investigations must be conducted by external companies (as in the case of possible conflicts of interest, the need for additional resources or skills, etc.). However, cases in which investigations will be conducted entirely or mainly by internal personnel occur more frequently.

3.1 Identification of the investigation team

In larger investigations, or in particularly important or urgent investigations, it will often be preferable or necessary to use an external supplier. It is important to choose an external supplier with both the resources and experience to conduct a credible investigation and to complete the investigation quickly.

The Director of Legal and Corporate Affairs of Micronfilter S (General Counsel & BD Officer) is responsible for formalizing the related service contract, ensuring the inclusion of the necessary confidentiality and/or data protection clauses.

3.2 Information gathering

Before investigating the Report, the Director must collect the basic elements, if available. In any case, the principle of data minimization must be duly applied: only personal information that is suitable, relevant and necessary for the specific case must be processed.

3.3 Interrogations

After collecting the preliminary information, the Director/Inquirer proceeds to listen to all relevant parties, ensuring that they provide the necessary information on how the personal data collected will be processed: for this purpose, a lawyer must be consulted. The parties subjected to the interview should include the Whistleblower (if known), the Reported Party and other witnesses or persons suspected or persons who may know the reported facts.

In preparation for the investigations, the following preliminary actions should be evaluated:

– plan – prepare a work schedule and establish the order in which to conduct the interviews;

– inform – inform members of the board of directors, senior management, and employees of the allegations only if strictly necessary;

– consult legal counsel – consult the Group's General Counsel for Legal and Corporate Affairs, the local legal department representative, or external legal counsel (approved by internal counsel);

– collect evidence – procedures for accessing and controlling evidence may be subject to other regulatory requirements that vary by jurisdiction. The Director and the Investigator must research these rules before acting in the jurisdiction. Physical evidence should be collected, protected, stored, evaluated, and recorded systematically to essentially determine how and why the event occurred;

– interviews, if possible, prepare an outline of questions to ask potential witnesses. In preparing the questions, the investigation should be designed to formulate the questions in a way that minimizes or eliminates the need to reveal, implicitly or explicitly, the source of the facts underlying the questions. The Director/Investigator will arrange all necessary meetings with any witnesses who may have first-hand knowledge of the circumstances surrounding the alleged Violation.

According to best practice, two investigators should be present at each interrogation;

– archive evidence – preserving and controlling evidence is essential for the completeness and credibility of investigations. The security and custody of evidence are necessary to prevent its alteration or loss and to establish the reliability of all evidence collected. In any case, personal information must not be kept for longer periods than necessary, considering the purposes for which it was collected.

3.4 Reporting

Once the investigation is complete, the facts should be recorded, generally in a written report. Depending on the recipients of the investigation report, the report itself may not include the identification of the persons interviewed and supporting documents.

Investigative reports normally have a limited distribution due to the sensitive information they contain.