Menü

Whistleblower system



Reporting channels

Whistleblower telephone hotline: +49 160 96210839 (Monday - Friday, 8:30 a.m. - 5:00 p.m., except on public holidays)

By e-mail to: compliance@atarax.de

Via a whistleblower portal with contact form:
https://www.atarax.de/de/startseite/leistungen/hinweisgeberportal
The link will take you to the whistleblower portal of the atarax group. Of course, this forwarding will not be traced back.

Written reports by post to:
atarax Unternehmensgruppe, Luitpold-Maier-Str. 7, D-91074 Herzogenaurach

At the request of the whistleblower, it is also possible to report via these channels within a reasonable period of time in the context of a confidential personal meeting .

Rules of procedure for the complaints procedure pursuant to § 8 of the Supply Chain Due Diligence Act (LkSG)

I.    Purpose and scope of application

The law on corporate due diligence to prevent human rights violations in supply chains (Supply Chain Due Diligence Act – LkSG), which came into force on January 1, 2023, is intended to better protect human rights and the environment in the global economy.
To meet these objectives , we have established an effective complaints procedure in accordance with § 8 LkSG. This is intended to LkSG should be avoided or recognized at an early stage in order to avoid possible negative consequences for those affected .
Through the complaints procedure, business partners, customers and other third parties can provide information on violations of human rights and environmental obligations and the associated risks, anonymously if desired.
Human rights obligations include, among other things, the prohibition of child labor, protection against slavery and the prohibition of disregard for occupational safety. The environmental aspects include, on the one hand, substances that pose a risk to people and the environment and, on the other hand, actions or circumstances that may lead to human rights violations.
In the following, we have described the reporting channels, responsibilities and the exact procedure for a report.

II.    Reporting channels

In order to guarantee the greatest possible protection for whistleblowers and those affected, we have set up an independent confidential reporting office, the atarax group of companies.

The following communication channels are available to ensure complete confidentiality:

Whistleblower telephone hotline: +49 160 96210839 (Monday - Friday, 8:30 a.m. - 5:00 p.m., except on public holidays)

By e-mail to: compliance@atarax.de

Via a whistleblower portal with contact form:
https://www.atarax.de/de/startseite/leistungen/hinweisgeberportal
The link will take you to the whistleblower portal of the atarax group of companies. Of course, this forwarding will not be traced back.

Written reports by post to:
atarax Unternehmensgruppe, Luitpold-Maier-Str. 7, D-91074 Herzogenaurach

At the request of the whistleblower, it is also possible to report via these channels within a reasonable period of time in the context of a confidential personal meeting .

III.    Procedure

The following is a description of the exact procedure for reporting a case.

a)    Receipt of the report

After the report has been received, the person providing the information will receive confirmation of receipt from the reporting office within the specified time. This also applies to case of an anonymous report by post, provided that a reporting channel intended for the submission of anonymous reports is used, e.g. via a third party (lawyer or authorized person), or another anonymous contact option is provided.

b)    Examination, clarification of the facts and remedial measures

The report is then carefully checked for plausibility. If further information is required, the reporting office will, if possible, contact the person providing the information in order to obtain further information.

If concrete evidence of a violation, an internal investigation may be initiated, as well as other appropriate follow-up or remedial measures (e.g. improvement of internal processes) .

The information will be processed in a fair and confidential manner, in particular with regard to the identity of the person providing the information, and in compliance with data protection requirements . Furthermore, the principle of proportionality is observed.

Discrimination or punishment of the person providing the information due to a complaint about an actual or suspected violation will not be tolerated. For this purpose, we have set up an independent reporting office and the possibility to make an anonymous report.

If possible, contact will be maintained with the persons providing the information possible, contact is maintained with the persons providing the information in accordance with the respective legal requirements and, if necessary, the facts of the case are discussed. In addition, the persons providing the information are informed in a timely manner about the progress of the proceedings.

Information provided is only passed on to those persons who must be involved in the processing of the report to the extent that this is absolutely necessary for the investigation of the facts.

All incoming information is documented, stored and deleted in accordance with the legal provisions.

c)    Effectiveness control

Our complaint procedure is regularly reviewed for effectiveness and improved as necessary. 



Transparency and information obligations for whistleblowers and other persons involved in the matter within the framework of the whistleblower system according to the General Data Protection Regulation (GDPR)

With this document, we would like to inform you about the processing of your personal data by ORTLIEB Sportartikel GmbH and all participating companies and the rights to which you are entitled under data protection law . 

Responsible body/data protection

The responsible body for data processing is the respective participating company to which the report refers. 

ORTLIEB Sportartikel GmbH
Rainstr. 6
91560 Heilsbronn

Phone: +49 (0)9872-800-0
E-mail: info@ortlieb.com

Contact data protection
datenschutz@ortlieb.com

If you make a report via our whistleblowing system, the personal data you provide will be processed in order to be able to process your report and, if necessary, take further action. You the option of making anonymous reports. Which personal data is processed depends on the content of your report.

We may process your personal data if you are an accused person or otherwise involved in the matter in order to check the report made via the whistleblower system and to investigate the alleged compliance and legal violations. The data processed in this context depends on the specific report in each case and also on the information provided by the whistleblower about you, for example. The following data may be processed in this context, for example:

  • Contact details (e.g. private address, mobile and landline numbers if applicable, email address)
  • Master data (surname, first name, name affixes, date of birth)
  • Photos/video recordings
  • Time recording data

  • Special types of personal data:
    • health data


Purposes and legal basis for data processing

When processing your personal data, the provisions of the GDPR, the BDSG and all other legal provisions (such as the BetrVG, ArbZG, etc.) are always complied with.

If you are a reporting person, your data will be processed on the basis of the information you provide voluntarily and in accordance with the statutory provisions of the Whistleblower Protection Act, Art. 6 para. 1 sentence 1 lit. a, lit. c GDPR in conjunction with Section 10 of the German Whistleblower Protection Act (HinSchG) and, if you are employed by us, in accordance with Article 88 of the GDPR in conjunction with Section 26(2) of the German Federal Data Protection Act (BDSG). If we provide the whistleblower system without being legally obliged to do so, the processing of your data is based on Article 6(1)(1)(f) of the GDPR.

In addition, we process your personal data as the data subject, insofar as this is necessary to safeguard the legitimate interests of the company or a third party (Art. 6 para. 1 lit. f, lit. c DS-GVO in conjunction with § 10 HinSchG or § 130 OWiG). We have a legitimate interest in processing personal data for the prevention and detection of violations and abuses reported via the whistleblower system. In addition, your personal data is processed to the extent necessary to fulfill legal obligations.

Storage period of the data

As soon as your data is no longer required for the above-mentioned purposes and there are no further storage obligations, they will be deleted.

Recipients of the data/categories of recipients

In our company, we ensure that only those persons receive your data who need it to process the information submitted via the whistleblower system. 

The internal reporting office is taken over by atarax. Further information on the processing of your data can be found at https://www.atarax.de/de/datenschutz.

In addition, service providers (e.g. IT service providers) support us in certain cases in fulfilling our tasks. The necessary data protection agreements have been concluded with all service providers.

Depending on the focus of the report and in order to effectively initiate follow-up measures, the personal data may be passed on to our relevant specialist departments. 

Furthermore, in certain cases prescribed by law, we are obliged to pass on certain information to agencies, such as investigative authorities. 

Transfer to third countries/intended transfer to third countries

Data will only be transferred to third countries (outside the European Union or the European Economic Area) if this is absolutely necessary for processing the report, if it is required by law or if you have given us your consent to do so. 

We do not (currently) transfer your personal data to any service providers or group companies outside the European Economic Area.

Rights of the data subject

The rights of you as the data subject are standardized in Articles 15 – 22 of the GDPR.

This includes: 

  • The right of access (Article 15 of the GDPR)
  • The right to rectification (Art. 16 GDPR)
  • The right to erasure (Art. 17 GDPR)
  • The right to restrict processing (Art. 18 GDPR)
  • The right to object to processing (Art. 21 GDPR)
  • The right to data portability (Art. 20 GDPR)


If you have voluntarily provided data as a reporting person, you can revoke your consent to any data processing at any time with effect for the future. To revoke your consent and to assert the other rights, please contact: compliance@atarax.de.  The same applies if you have questions about data processing in our company. You can also lodge a complaint against data processing with a data protection supervisory authority.

If we process your data to safeguard legitimate interests, you can object to this processing at any time for reasons that arise from your particular situation, you can object to this processing at any time.

We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims . 

Automated individual decisions

We do not use purely automated processing to make a decision.