Code of Conduct

BILLENNIUM VALUES

The foundation of Billennium’s organisational culture is built on a set of values whose initials form the acronym TIGER. 

These values define the standards of conduct that guide our relationships with customers, business partners, and our day-to-day cooperation within the organisation. 

TRUST 
We tell the truth and deliver on our promises. 

INNOVATION 
We are challenging the status quo with courage and constancy, striving for excellence by creating change. 

GROWTH 
We are growing and thus improving our skills to achieve our goals and meet the needs of our customers. 

ENERGY 
We have the energy to constantly strive for efficient performance. 

RESPONSIBILITY 
We care about results, so we act with awareness and respect for the needs of others: Billennium team members, customers, and the environment. 

HOW DO WE ACT AT BILLENNIUM?

The Code of Conduct demonstrates how each of us is expected to act in our daily work – lawfully, ethically, and responsibly – while building a consistent and safe organisational culture.  

  • We act in accordance with the law and applicable rules
  • We comply with the regulations, standards, and commitments that apply to us.
  • We act honestly and ethically
  • In our business relationships and internal interactions, we choose a fair approach.
  • We take responsibility for our decisions and actions
  • We are accountable not only for the outcomes we achieve, but also for the manner in which they are achieved.
  • We act in the best interests of the organisation, our customers, and our partners
  • We think beyond our own area of responsibility.
  • We respect others and create a safe working environment
  • We do not tolerate discrimination, workplace bullying, or any form of abuse.
  • We communicate openly and transparently
  • We share information and build trust within our teams and throughout the organisation.
  • We protect company data, information, and assets
  • We safeguard confidentiality and ensure their responsible use.
  • We use technology responsibly, including AI
  • We use available tools consciously and securely.
  • We strive for continuous improvement
  • We learn, improve, and raise our standards of work.
  • We respond to irregularities and have the courage to report them
  • Failure to act is also a breach of the rules. 

WHY WAS THIS DOCUMENT CREATED?

The purpose of this document is to define the intentions and strategic direction of Billennium S.A. and to ensure that its business strategy takes into account social interests, environmental protection, and relationships with stakeholders. The Code emphasises the importance of corporate responsibility and the prevention of corruption and other violations of law, both within the organisation and in relationships with business partners. 

WHO DOES THIS CODE APPLY TO?

This Code applies to all employees of Billennium S.A. and its subsidiaries in Poland and abroad, regardless of the basis of employment, form of cooperation, position, or location. It also applies to members of the Company’s governing bodies. Suppliers and subcontractors are required to apply standards consistent with this Code to the extent specified in the final provisions and in the Supplier Code of Conduct. Billennium may verify compliance with these standards, and non-compliance may result in corrective actions, including suspension of cooperation or termination of the contractual relationship. Familiarisation with this Code and compliance with its provisions are mandatory. Billennium provides access to the Code in electronic form (website link to be inserted) and organises regular training sessions. Completion of the training is mandatory and must be acknowledged by the employee or contractor. 

WHAT ARE MY RESPONSIBILITIES?

Billennium expects employees, contractors, and business partners to take responsibility for the quality of their work, the timely fulfilment of their obligations, and compliance with internal procedures. This esponsibility arises from the employment relationship or contractual arrangement and is a prerequisite for the proper functioning of the organisation. 

Billennium does not tolerate the concealment of problems, the hiding of errors, or the downplaying of violations.  Any person who is aware of a violation and fails to report it is themselves in breach of this Code. 

Where an irregularity is identified, it must be reported without delay in accordance with the procedure described in Part IV of this Code. Managers bear enhanced responsibility, not only for the performance of their teams but also for shaping behaviours and a workplace culture aligned with the values and principles set out in this Code. 

Managers are required to create an environment in which concerns and irregularities can be raised without fear of retaliation or other adverse consequences. 

Fulfilment of this responsibility is assessed on an equal basis with the achievement of business objectives. 

WHAT LEGAL FRAMEWORK IS THIS DOCUMENT BASED ON?

Billennium complies with applicable laws and regulations in every location in which it operates. This Code also applies where it establishes a higher standard than that required by law, provided that such standard does not conflict with applicable legal requirements. 

The Code is based on the principles of the United Nations Global Compact (Appendix 1), the United Nations Universal Declaration of Human Rights (Appendix 2), and the ILO Declaration on Fundamental Principles and Rights at Work (Appendix 3), in accordance with applicable local laws and practices. 

Violations of law and ethical standards may be reported internally through the designated reporting channels and in accordance with the procedure specified in the Internal Reporting Policy for Legal Violations at Billennium S.A. and in Part IV of this Code. 

I. ETHICAL AND SOCIAL STANDARDS

At Billennium, respect for people forms the foundation of our actions, both in conducting business and in workplace relationships. We do not tolerate discrimination, workplace bullying, or conduct that undermines human dignity. Each of us is responsible for creating a safe and fair working environment. We protect human rights and do not tolerate forced labour, child labour, or human trafficking. We provide dignified working conditions, respect freedom of association, and ensure equal treatment regardless of origin, gender, age, identity, beliefs, or form of cooperation. 

Together, we create a working environment in which: 

  1. We have the right to respect and equal treatment. 
  2. Decisions regarding recruitment, promotion, and remuneration must be based on objective criteria (role, responsibility, competencies, experience, and performance). 
  3. Employees may associate freely and make use of employee representation without the risk of adverse consequences. 
  4. Workplace bullying, harassment, and psychological violence are unacceptable, and if I witness or experience such conduct, I may report it confidentially and without fear of retaliation. 
  5. We are entitled to a lawful and dignified working environment (working time, rest periods, and fair financial conditions), including in remote and hybrid working models. 
  6. We do not bear employment-related costs, and no one may compel us to work or restrict our freedom. 
  7. Everyone, and managers in particular, is expected to respond to irregularities. 

Child Labour and Young Workers

Billennium does not employ children. 

A “child” means any person below the minimum legal working age applicable in the relevant jurisdiction. Where no such minimum age is specified, the minimum working age shall be no less than 15 years. The employment of young workers must not be detrimental to their health, safety, education, or development. 

Individuals under the age of 18 shall not perform night work, overtime work, or hazardous work. Risks related to child labour and forced labour within the supply chain, particularly in relation to IT equipment, IT components, and outsourcing services, are taken into account during supplier qualification and ongoing supplier monitoring processes. 

Forced Labour

Billennium does not use forced labour or slave labour. Employees have freedom of movement, retain control over their identity documents, and are not required to pay recruitment fees. Workplaces must be free from harassment, violence, intimidation, corporal punishment, psychological or physical coercion, retaliation, abuse of authority, and discrimination. Risks related to forced labour are assessed as part of supplier due diligence processes. 

Human Trafficking

Billennium complies with laws prohibiting human trafficking and slavery and exercises due diligence to identify, assess, and mitigate the risk of direct or indirect involvement in such practices. Particular attention is given to risks arising within the supply chain and in relationships with recruitment agencies and labour intermediaries. 

Dignified Working Conditions

Working conditions, working hours, remuneration, and benefits comply with applicable local laws and internationally recognised labour standards, including the principles established by the International Labour Organization. 

Billennium ensures equal access to dignified working conditions regardless of the type of contractual arrangement and prohibits unlawful deductions from remuneration. The organisation monitors and complies with legal requirements relating to remote and hybrid work. Remuneration must not be lower than the statutory minimum wage applicable in the relevant jurisdiction. 

Freedom of Association

Billennium recognises the right to freedom of association and collective bargaining to the extent permitted by applicable law. Employees are free to join, participate in, or withdraw from employee representative bodies without adverse consequences. 

Non-Discrimination

Billennium treats employees and business partners fairly and promotes a workplace environment that supports diversity and inclusion. Recruitment processes are conducted in a transparent and fair manner. Remuneration is based on objective criteria. We are committed to equal pay for work of equal value and monitor remuneration practices, taking appropriate action where unjustified disparities are identified. 

Prevention of Workplace Bullying and Discrimination

Billennium does not tolerate discrimination, whether direct or indirect, or psychological violence in the workplace. The organisation provides mechanisms for reporting incidents of workplace bullying and ensures a prompt response in accordance with the Anti-Bullying and Other Unacceptable Behaviour Policy, while maintaining confidentiality and protecting individuals from retaliation. Managers bear particular responsibility for preventing workplace bullying and fostering a work environment free from harassment. 

II. INTEGRITY AND FAIRNESS IN CONDUCTING BUSINESS

At Billennium, we conduct business honestly, transparently, and responsibly. We do not use relationships, positions, or information for personal gain, and we do not accept actions that undermine the trust of customers, business partners, or colleagues. Each of us is responsible for making decisions that comply with the law, principles of fair play, and Billennium’s ethical standards. 

Together, we create a working environment in which: 

  1. We make business decisions in the interests of the Company and not for personal gain. 
  2. Corruption, bribery, and illegal payments are unacceptable. 
  3. Gifts and invitations are permissible only when they are occasional, reasonable, and do not influence decision-making. Cash and cash equivalents are prohibited. In the event of any doubt regarding a gift or invitation, the matter must be consulted with a supervisor before any decision is made. 
  4. Any conflict of interest, or even the appearance of a conflict of interest, must be reported without delay. 
  5. Misconduct and abuse (including, among other things, document falsification, unauthorised use of Company resources, and manipulation of processes) are unacceptable, and any reasonable suspicion of a breach of the principles set out in this Code must be reported in accordance with the applicable procedure. 

Illegal Payments, Corruption and Bribery

Any involvement in corruption is strictly prohibited. It is prohibited to offer, authorise, or accept, whether directly or indirectly, gifts, benefits, favours, or other advantages if they are intended, or may appear to be intended, to influence a decision, action, omission, or to obtain a competitive advantage. Billennium does not engage in extortion, fraud, embezzlement, corrupt practices, or bribery, including facilitation payments made to public officials. Detailed anti-corruption requirements and the rules governing facilitation payments are set out in the internal Anti-Corruption Policy. 

Gifts and Hospitality

Gifts and hospitality (including, for example, dinners, industry events, and conferences) are permitted only when they are occasional, proportionate, and do not create an obligation or expectation of reciprocity in business decisions. Otherwise, they may constitute a form of corruption. 

Monetary Thresholds

Cash and cash equivalents (including gift cards and vouchers) are prohibited regardless of value. Gifts with a value of up to PLN 200 are permissible without additional restrictions. Gifts with a value between PLN 200 and PLN 500 require prior written approval from the recipient’s direct supervisor. For directors, gifts with a value between PLN 200 and PLN 1,000 require prior written approval from the Member of the Management Board responsible for the relevant area. Non-standard proposals, particularly those made during a tender process or commercial negotiations, must be reported before acceptance.  Notification after the fact does not replace the requirement to obtain prior approval. 

Conflict of Interest

Conflicts of interest must be reported without delay, including circumstances that create even the appearance of a conflict of interest.  Examples include, but are not limited to: 

  • family or personal relationships with an employee of a supplier, customer, or competitor; 
  • ownership of shares or equity interests in an entity that has a business relationship with Billennium or competes with Billennium; 
  • PEP (Politically Exposed Person) status or connections with a PEP. 

Reporting a conflict of interest does not automatically result in sanctions. Its purpose is to ensure the objectivity and integrity of the decision-making process. 

Abuse and Misconduct

Billennium does not tolerate financial or asset-related abuse. Abuse includes, among other things: 

  • misappropriation or unauthorised use of funds and resources; 
  • falsification of documents, invoices, or records; 
  • manipulation of procurement or tender processes for personal benefit; 
  • knowingly reporting false information. 

Any reasonable suspicion of abuse must be reported. 

Failure to report such suspicion may be treated as a separate breach of this Code. 

III. MARKET RESPONSIBILITY AND EXTERNAL RELATIONSHIPS

At Billennium, we take responsibility for the way we operate in the marketplace and for our relationships with customers, suppliers, and business partners. We conduct our business in accordance with applicable regulations, principles of fair competition, and standards of responsible business conduct. 

Together, we create a working environment in which: 

  1. We act in compliance with the law and the principles of fair competition. 
  2. We do not participate in price-fixing arrangements or bid-rigging practices, nor do we engage in informal arrangements with competitors. 
  3. Money laundering and the circumvention of sanctions are unacceptable, including where carried out indirectly through business partners or suppliers. 
  4. In our business relationships, we comply with applicable trade and export regulations. 
  5. In our cooperation with suppliers, we expect compliance with ethical standards and respect for human rights throughout the supply chain. 
  6. If we become aware of conduct that is inconsistent with this Code, we have an obligation to report it. 
  7. In regulated areas, the principle of caution and consultation before taking action applies, rather than after the fact. 

Anti-Money Laundering and Sanctions

Billennium complies with regulations concerning the prevention of money laundering and terrorist financing and verifies national and international sanctions lists. Billennium does not establish or continue business relationships with entities subject to sanctions, embargoes, or other legal restrictions. Verification is conducted prior to entering into a business relationship and on an ongoing basis throughout the course of cooperation. If circumstances arise during the course of cooperation indicating that a business partner may have become subject to sanctions, all relevant activities must be suspended without delay and the matter must be reported to Legal and/or Compliance. Any further course of action requires a decision by Billennium. 

Fair Competition

We compete exclusively on the basis of the value and quality of our products and services. 

We do not engage in unfair or misleading market practices, nor do we provide false information regarding our own products and services or those of others. We do not participate in bid-rigging practices, including the submission of courtesy bids, artificial inflation of bid values, bid rotation, bid suppression, price-fixing arrangements, or the exchange of confidential information with participants in procurement or tender processes. 

Trade and Export Regulations

We conduct our business in compliance with regulations governing exports, imports, economic sanctions, and embargoes. Verification of compliance with export control regulations forms part of the due diligence process prior to establishing a business relationship and prior to the execution of projects involving a cross-border component. In the event of any uncertainty, the matter must be referred to Compliance before any action is taken. 

Supplier Management

We expect our suppliers to comply with ethical standards consistent with this Code. This responsibility extends throughout the entire supply chain. Key suppliers are subject to assessment with regard to ESG risks, human rights risks, and anti-corruption practices before cooperation is established. A condition for entering into a contractual relationship is confirmation that the supplier has familiarised itself with this Code or has demonstrated the existence of equivalent standards. Where non-compliance is identified, we expect a corrective action plan. Failure to respond or failure to remedy identified non-compliance may result in termination of the business relationship. The obligation to maintain compliance continues throughout the duration of the cooperation. Any identified violations must be reported without delay to the Vendor Management Office. 

IV. COMMUNICATION AND RESPONSIBLE USE OF TECHNOLOGY

At Billennium, artificial intelligence and communication tools are an integral part of the way we work and deliver services. 

We use them consciously, responsibly, and in compliance with applicable laws, contractual obligations, and information security requirements. 

Each individual is responsible for ensuring that the use of technology and public communications do not compromise data confidentiality, customer interests, or Billennium’s reputation. 

Together, we create a working environment in which: 

  1. We use AI responsibly, taking into account legal, compliance, and reputational risks. 
  2. We do not provide AI systems with confidential information or personal data, including information relating to customers, projects, source code, and internal documentation. 
  3. We use only AI tools approved by Billennium and, in the event of any doubt, we consult the appropriateness of their use before taking action. 
  4. We verify AI-generated outputs before using them, particularly before sharing them with customers or using them as a basis for decision-making. 
  5. AI does not relieve us of responsibility, and the final decision always remains with a human being. 

Responsible AI

The use of AI is subject to a risk-based approach and must comply with applicable legal requirements, in particular the GDPR and Regulation (EU) 2024/1689 (AI Act).  AI systems are subject to an approval and registration process, and their use must minimise risks associated with the processing of confidential information, personal data, and intellectual property. Sensitive data (including financial information and other confidential business information) must not be entered into AI services without appropriate anonymisation. The use of AI for processing trade secrets or information protected by confidentiality agreements is prohibited. It is prohibited to paste into AI systems any source code fragments or content that may compromise information security or contain personal data. Content generated by AI should be clearly identified as having been generated with the assistance of AI. AI-generated outputs must be verified and analysed in every case. 

Decisions must not be made solely on the basis of AI-generated output. In areas requiring professional legal, compliance, or ethical assessment, AI may serve only as a supporting tool, and responsibility remains with the employee. For business purposes, only AI systems approved by the relevant organisational units (e.g. the IT Department or other authorised function) may be used. The use of unapproved systems (including high-risk systems without the required approvals) or prohibited systems is forbidden. 

Policies and Reporting Concerns

Billennium maintains an AI Systems Security Policy that sets out detailed rules governing the use of AI, including confidentiality and privacy requirements, restrictions relating to data, and tool approval requirements. Users are required to familiarise themselves with the policy, acknowledge its acceptance, and comply with its provisions. Any doubts regarding the permissibility of using a particular tool must be referred to the appropriate Compliance function before use. 

Social Media and Public Communications

Billennium respects employees’ freedom of expression; however, it requires that the use of social media does not compromise Billennium’s reputation, customer interests, or confidentiality obligations. It is prohibited to publish confidential information concerning Billennium, its customers, projects, or internal processes, including information presented in an ostensibly “anonymised” form. It is also prohibited to disclose information concerning technologies, system architecture, security tools, or organisational structures where such disclosure could facilitate an attack against Billennium or its customers. Particular caution should be exercised when interacting with unknown contacts on social media in matters related to professional activities. Such contacts must be reported without delay to the IT Department and Compliance. The use of corporate email addresses for registering social media accounts is discouraged, except for accounts expressly approved for business purposes. Security incidents related to social media (including attempted account takeover, phishing, social engineering, information theft, or unauthorised use of an individual’s image or identity) must be reported to the IT Department without delay. 

Any public statements made on behalf of Billennium (including posts, comments, interviews, and other forms of communication) require prior authorisation by the Communications and Public Relations Department or by the Management Board. Personal professional opinions must be clearly identified as personal views; however, this does not release the individual from confidentiality obligations. The publication of discriminatory, defamatory, offensive, rights-infringing, or confidential content is prohibited. In cases of doubt, the principle of consultation before publication applies. 

V. SAFETY, DATA, AND INFORMATION

At Billennium, the safety of people, data, and information is a shared responsibility. 

It applies to working conditions, the way information is processed, and the use of systems and tools. 

We protect data and technologies consciously, lawfully, and in accordance with Billennium’s internal standards. 

Together, we create a working environment in which: 

  1. We have the right to safe and healthy working conditions (including remote and hybrid work), while at the same time having a responsibility to take care of our own safety and to respond to physical and digital threats. 
  2. We process personal data exclusively in accordance with applicable laws and internal rules. 
  3. We report every personal data breach and every security incident without delay, even if it occurred unintentionally. 
  4. Concealing an incident or delaying its reporting constitutes a breach of the rules. 
  5. We maintain the confidentiality of information obtained through our work, do not disclose it to unauthorised persons, and use it solely for business purposes. 
  6. We use only those systems, tools, and access rights assigned to our role. 
  7. We do not share passwords or access credentials and do not bypass security controls. 

Occupational Health and Safety (OHS)

Billennium implements occupational health and safety standards appropriate to its activities, conducts risk assessments, and provides the training and resources necessary to ensure safe working conditions. 

As cybersecurity regulations continue to evolve, workplace safety also includes a digital dimension, including social engineering risks. In remote working arrangements, workplace safety considerations include, among other things, ergonomics and psychosocial risks. Occupational risk assessments are conducted and documented in the designated location. 

Personal Data Protection

Billennium processes personal data in accordance with the GDPR and applicable national legislation in every jurisdiction in which it operates. The organisation applies the principles of privacy by design and privacy by default and maintains technical and organisational measures to ensure the confidentiality, integrity, and availability of personal data. Any personal data breach must be reported without delay to the Data Protection Officer at: privacy@billennium.com. 

Confidentiality (Confidential Information)

The obligation of confidentiality applies to all non-public information obtained in the course of work, whether relating to Billennium or to customers, business partners, or suppliers, regardless of the form in which such information is communicated. Confidential information includes, among other things: 

  • business and strategic plans; 
  • financial and accounting data; 
  • transfer pricing information; 
  • remuneration structures; 
  • project and technical documentation; 
  • know-how; 
  • trade secrets; 
  • customer and business partner data; 
  • personal data; 
  • intellectual property. 

The above list is not exhaustive. Information may also be considered confidential based on the context in which it is disclosed or the potential harm that could result from its disclosure. We use confidential information solely for the purposes arising from the relevant contractual relationship and do not take actions based on confidential information received accidentally or unintentionally. The obligation of confidentiality continues after the termination of employment or any other form of cooperation. 

Integrity of Financial Records

The creation of false or misleading accounting records, the concealment of transactions outside official records, manipulation of financial data, and the approval of invoices, expenses, or settlements where there is knowledge of, or a reasonable suspicion of, irregularities are prohibited. Any person approving expenses, invoices, or settlements is responsible for the accuracy and completeness of the supporting documentation. 

In the event of doubt, the individual is required to withhold approval and report the matter to Compliance without delay. 

Information Security (ISMS / ISO 27001)

The protection of Billennium’s and its customers’ information assets is a fundamental responsibility of every employee. Security incidents may result in financial, legal, and reputational harm. Billennium manages information security through an Information Security Management System (ISMS) compliant with ISO/IEC 27001:2022 and communicates its certifications through the Intranet. 

From an ISMS perspective, the organisation is committed to protecting the confidentiality, integrity, and availability of information and to pursuing continual improvement through audits and management reviews, as set out in the ISMS Policy.

In practice, this means, among other things: 

  • using devices and systems securely; 
  • not installing unauthorised software; 
  • not sharing passwords or credentials; 
  • recognising that the IT Department will never ask for passwords. 

Access rights are granted in accordance with the need-to-know principle and based on assigned roles. Access permissions are reviewed and revoked when roles change or cooperation ends. Segregation of duties is maintained in order to reduce the risk of abuse and misconduct.Any event that may constitute a security incident (including loss of a device, unauthorised access, phishing, malware, disclosure of data, or loss of data) must be reported to the IT Department without delay in accordance with the internal Information Security Incident Management Procedure. 

VI. ENVIRONMENTAL STANDARDS

In its Code of Conduct, Billennium declares its commitment to operating in a manner that reduces its environmental impact to the extent relevant to the nature and scale of its activities. 

Billennium understands environmental responsibility as the conscious management of resources, compliance with applicable regulations, and a shared commitment to standards that support sustainable development. 

Together, we create a working environment in which: 

  1. Billennium conducts its business in an environmentally responsible manner and in compliance with applicable laws and regulations, and environmental responsibility is intended to be part of everyday operations rather than a one-time initiative. 
  2. Employees are required to use resources responsibly (including energy, water, and office materials) and to minimise waste, including through the proper handling of electronic equipment and electronic waste. 
  3. Environmental activities are subject to monitoring and reporting, particularly as part of ESG obligations, and environmental commitments are incorporated into relationships with suppliers and customers as an element of responsible business conduct. 
  4. Environmental policies and procedures form part of the organisation’s internal management systems. 
  5. Everyone is required to familiarise themselves with, and comply with, the documents applicable to their area of work. 

Environmental Protection

Billennium assesses its activities in terms of their potential adverse impact on the environment and implements systems designed to prevent, identify, and eliminate environmental risks and hazards. 

Reporting and ESG (CSRD / ESRS)

This Code recognises that the Corporate Sustainability Reporting Directive (CSRD) and the European Sustainability Reporting Standards (ESRS) may impose reporting obligations relating to environmental impacts, environmental policies, and emission reduction targets. 

Environmental risk management is treated as a strategic matter and is taken into account, among other things, in supplier assessments and in responses to customer requests for proposals that include ESG criteria. 

Permits and Regulatory Reporting

Billennium shall ensure that all required environmental permits, licences, approvals, and authorisations are obtained and remain valid. 

The Company shall comply with all legally required environmental reporting obligations by monitoring regulatory developments and implementing procedures that support timely and accurate reporting. 

Natural Resources

Billennium strives to ensure the responsible and sustainable use of natural resources, in particular through reducing energy consumption (including in offices and data centres), responsible water management, and reducing the consumption of office materials. 

Emissions and Waste

Billennium seeks to minimise greenhouse gas emissions, including CO₂ emissions, in a manner proportionate to the scale of its operations. 

The Company also seeks to minimise waste generation, with particular emphasis on electronic waste (e-waste) and the obligation to ensure its proper disposal in accordance with applicable legal requirements. 

Targets and Monitoring

Billennium shall establish measurable emission reduction targets, monitor progress against those targets, and report results as part of its ESG reporting obligations. 

Environmental targets and performance results are available within the Company’s internal documentation. 

Management System

Key policies, procedures, and operational guidelines are maintained within the BILLENNIUM WAY documentation system. Employees are required to use the current versions of applicable documents and to comply with their requirements. 

VII. SPEAK-UP AND PROTECTION CHANNELS

At Billennium, we foster a culture of open and responsible reporting of concerns and misconduct. Any person working with or for the Company may raise concerns without fear of adverse consequences. Reporting mechanisms exist to protect employees, the organisation, and its stakeholders, and to support the fair and ethical operation of Billennium. 

Together, we create a working environment in which: 

  1. We have the right to report, in good faith, violations of the law, this Code, or ethical standards. 
  2. Reports may be submitted openly, confidentially, or anonymously. 
  3. Individuals who report concerns in good faith are protected from retaliation, and retaliatory actions are prohibited. 
  4. The identity of a whistleblower is protected and kept confidential unless the whistleblower consents to its disclosure. 
  5. Reports are assessed fairly, with due respect for the rights of all parties and the principle of the presumption of innocence. 
  6. The reporting system is intended solely to identify and eliminate violations. Everyone has a duty to cooperate in the investigation of reports, and reports submitted in bad faith may result in consequences.

Billennium maintains a whistleblowing mechanism that enables the secure and confidential reporting and fair investigation of violations. The mechanism operates in accordance with Directive (EU) 2019/1937 and the Polish Whistleblower Protection Act of 14 June 2024.Billennium expects its suppliers and business partners to actively support a culture of honesty and integrity within their own organisations, including by providing employees with safe and accessible channels for reporting violations of law and ethical standards. This obligation includes, in particular, ensuring that employees and contractors are able to raise legal and ethical concerns in a safe manner, without fear of retaliation or other adverse consequences. Any form of retaliation against individuals who report concerns in good faith is strictly prohibited, regardless of the outcome of the investigation. Suppliers and business partners are required to inform Billennium without delay of any serious irregularities that may affect Billennium, its customers, or ongoing projects. 

Reports relating to such matters should be directed to the designated Billennium representative or to compliance@billennium.com. 

Billennium may verify suppliers’ and business partners’ compliance with this Code during qualification, onboarding, and periodic due diligence processes. Such confirmation may take the form of a declaration or a compliance questionnaire. 

Whistleblower Protection

Billennium protects individuals who report violations in good faith, regardless of the outcome of the investigation, in accordance with the Polish Whistleblower Protection Act of 14 June 2024 implementing Directive (EU) 2019/1937. 

This protection includes an absolute prohibition on retaliation, including but not limited to: 

  • termination of employment or contractual cooperation; 
  • deterioration of employment or cooperation conditions; 
  • denial of promotion opportunities; 
  • harassment. 

It also includes the right to anonymity. The identity of a whistleblower is confidential and may be disclosed only to persons directly involved in handling the report. Any unauthorised disclosure of a whistleblower’s identity constitutes a violation and may result in liability. Whistleblower protection does not apply to reports made in bad faith. 

Reporting Channels and Reporting Structure 

Reports may be submitted: 

  • electronically through the Convercent whistleblowing platform; 
  • orally to a member of the Committee; 
  • by telephone at 00 800 141 0113 or 00 800 111 3819; 
  • in writing to the registered office of Billennium S.A. in Warsaw. 

 Billennium acknowledges receipt of a report and provides feedback within three months. Whistleblower data is not disclosed without the whistleblower’s consent. Personal data related to a report is retained for a maximum period of three years. Regardless of the availability of internal reporting channels, reports may also be submitted externally to the competent authority. In matters relating to competition and consumer protection, the competent authority is the President of the Office of Competition and Consumer Protection (UOKiK). 

Protection of the Company

Investigations are conducted with due regard for the presumption of innocence and for the right of the person concerned to defend themselves and present their position. The person concerned is informed of the report only to the extent that doing so does not compromise confidentiality or reveal the identity of the whistleblower. Before any final conclusions are reached, that person must be given an opportunity to respond to the allegations. The entire investigation process, including the content of the report, the course of the investigation, and its outcome, is strictly confidential and accessible only to individuals directly involved in the process. The whistleblower receives information regarding the outcome of the investigation to the extent permitted by applicable law and confidentiality requirements. The reporting mechanism is intended solely to identify and eliminate violations. The misuse of the mechanism for purposes such as harming others, exerting pressure, or obtaining personal benefit constitutes abuse and may result in disciplinary action. Billennium expects suppliers to continuously improve the standards arising from this Code and to implement corrective measures where non-compliance is identified. The Company also encourages suppliers to establish their own ethical guidelines consistent with the principles of responsible business conduct.  

A breach of this Code may result in disciplinary consequences, including termination of employment or contractual cooperation. Such consequences do not exclude civil or criminal liability where the violation constitutes an offence or gives rise to legal claims.