KNOW THE BASICS
We want Venga to stay honest and safe. This is your guide for speaking up if you spot something wrong — with full protection.
Purpose and Regulatory Context
Who Can Report and What Can Be Reported
Reporting Process and Relevant Channels
Confidentiality and Investigation Procedures
Whistleblower Protections
Oversight, Record-keeping, and Updates
Whistleblowing Policy
1. Purpose and Regulatory Context
Venga is committed to upholding ethical conduct, regulatory compliance, and a transparent working environment. This policy sets out the procedures for reporting potential or actual violations related to compliance, business, ethics, and ensures that these concerns can be raised safely and confidentially, without fear of retaliation, and that all reports are assessed, documented, and addressed appropriately. This policy adheres to the regulatory standards set out in the Whistleblowing Directive, Directive (EU) 2019/1937, Spanish Law n. 2/2023 regulating the protection of persons who report regulatory violations and the fight against corruption, as well as other applicable laws.
We want Venga to stay honest and safe. This is your guide for speaking up if you spot something wrong — with full protection.
2. Who Can Report and What Can Be Reported
This policy applies to customers, employees (including management and board members), partners, contractors, consultants and third-party service providers If any breach to the law is identified, reports might be sent following the current Whisthleblowing Policy. In all cases, reports may relate to:
- Money laundering or terrorist financing
- Market manipulation or financial misconduct
- Workplace harassment or discrimination
- Conflicts of interest or internal policy violations
- Breaches of the law or MiCA Regulation Both current and former collaborators, internal or external, may use the whistleblowing system. All reports can be submitted anonymously or with identification, as detailed below.
Who can report and what:
- Anyone linked to Venga (past or present).
- Report things like fraud, shady trading, harassment, or rule-breaking.
- You can stay anonymous if you want.
3. Reporting Process and Relevant Channels
Whistleblowers can report concerns via:
- Online Submission: Form Accessible via the Company website; assigns a case number for secure tracking.
- Email: [email protected]
- Mail: Confidential letters may be addressed to the Notification Officer or, if necessary, to the CEO or a Management Board member. All reports should be marked clearly and sent in sealed envelopes. Reports containing sensitive personal data (e.g., health status, religious beliefs, union membership) will be redacted and deleted upon receipt in accordance with data protection laws.
How to report:
- Online form (get a case number)
- Email: [email protected]
- Mail: sealed “confidential” letter to the Officer, CEO, or Board.
4. Confidentiality and Investigation Procedures
All reports are handled with strict confidentiality, under the legal requirements of the applicable regulation. Upon receipt, the Notification Officer ensures that:
- An acknowledgment is provided within 7 calendar days
- The investigation is completed within 3 months, unless a justified extension is needed
- Ongoing communication is maintained with the whistleblower, where possible Whistleblower identity is protected and will not be disclosed without explicit consent, unless required by law. Investigations are conducted impartially, and access to report content is limited strictly to those involved in the resolution process. All reports are securely stored and never shared beyond authorized individuals
Your identity stays secret (unless law requires).
- We confirm in 7 days
- Investigate within 3 months
- Keep you in the loop where possible
5. Whistleblower Protections
Any form of retaliation against individuals who submit a report in good faith is strictly prohibited. Prohibited retaliatory actions include any form of dismissal or suspension; denial of promotion or contract renewal, harassment, intimidation, or isolation; or any kind of damage to professional reputation Retaliatory behavior is considered a serious breach of Company policy and may lead to disciplinary action, contract termination, legal liability, or criminal prosecution. The Notification Officer is responsible for detecting and addressing any signs of reprisal, including from external actors.
If you report honestly:
- No firing, blocking, or harassment
- Your reputation is safe
- Anyone trying to punish you for speaking up will face serious consequences
6. Oversight, Record-keeping, and Updates
All reports are logged in a secure, access-controlled register. Data is retained only for the time strictly necessary to fulfill legal and compliance obligations, and in line with data protection regulations. The Notification Officer is responsible for coordinating the review and proposing necessary updates. In accordance with internal governance standards, all employees are expected to familiarize themselves with the policy and have continuous access to it throughout their engagement with the Company.
- All reports are logged securely.
- The officer reviews this policy and updates it when needed.
- Everyone at Venga should know these basics.