Whistleblowing
Through the Whistleblowing channel, we encourage reporting of any violations that may be relevant to MAXIMA Eesti OÜ (the Company). The information you provide can help make timely decisions that can reduce harm to MAXIMA Eesti OÜ employees, other individuals, or the MAXIMA Eesti OÜ itself. We are grateful for your help in maintaining an environment of honest and responsible business.
Your courage and honesty are highly valued, and we want to assure you that your confidentiality is our priority. All reports done to the Whistleblower channel will be handled with the utmost discretion and processed in strict confidence.
If a report concerns a Maxima Group company, please submit it via the specific company's whistleblowing channel listed at the webpage[1] of MAXIMA GRUPĖ, UAB.
1. What kind of violations do we encourage you to report?
We encourage you to report any conduct that could harm the Company or its Group companies, including but not limited to the following types of violations:
Corruption-related activities: Bribery, fraud, graft, conflicts of interest, or breaches of the Company’s Anti-Corruption Policy or the Group's Corruption Prevention Policy.
Violations of the Code of Business Ethics: Discrimination, sexual harassment, bullying, or other breaches of relevant applicable policies.
Health and safety breaches: Violations of employee safety, fire safety regulations, or health and safety policies.
Environmental violations: Actions that cause environmental harm or breach environmental protection laws and standards.
Business partner misconduct: Fraud, breach of contract, or failure to comply with the Supplier Code of Conduct.
Non-compliance: Personal data breaches, anti-competitive behavior, violations of information security, or mishandling of confidential information.
Other legal violations: Breaches of any applicable laws or regulations, including consumer protection, privacy, public health, or animal welfare laws.
This list is not exhaustive, and any Wrongdoing or unethical behavior should be reported.
2. How to report?
Reports can be submitted via the Company's whistleblowing channels:
- Email: report@maxima.ee
- Registered post: MAXIMA Eesti OÜ, Legal Department, Aiandi tn 13/2, Tallinn, 12918 Estonia. The report is confidential, and the envelope must not be opened by unauthorized people.
If the report contains special categories of personal data (such as data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purpose of uniquely identifying a person, health data, or data concerning a person’s sex life or sexual orientation), the information should, if possible, be encrypted using DigiDoc[2] software. If the Whistleblower is unfamiliar or unable to use DigiDoc, the report may still be sent without encryption; however, encryption ensures that technologically no one except the addressee can access the content. The encrypted folder (report and evidence) should be addressed to the Head of the Legal Department or member of management board of the Company. To obtain the necessary personal identification code and full name of the authorized recipient, please send a request to report@maxima.ee. The information of the management board member is available via e-Business Register.
3. Confidentiality & Anonymity
The Company guarantees confidentiality for all reports, with whistleblower identities protected to the extent possible. Anonymity will be maintained unless legal obligations or the rights of accused parties necessitate disclosure.
4. Whistleblower Protection
The Company prohibits retaliation against whistleblowers, including dismissal, discrimination, or any other form of adverse action. Whistleblowers will not receive immunity for their own involvement in any reported Wrongdoing.
5. Investigation Procedure
Upon receiving a report, the Company will assess the information and, if necessary, conduct an independent investigation. The investigation will be carried out in an independent, expeditious, and confidential manner, taking care to protect the identity of the persons involved and to ensure that the investigation is not impaired in any manner. Feedback on the investigation will be provided to the Whistleblower within three months or, in duly justified cases, within six months after the receipt of the report, unless doing so compromises confidentiality.
If the report relates to food safety, the Head of Quality Control and Processes Management shall decide whether to proceed with an evaluation or investigation, possibly consulting with other departments as needed. Customer complaints regarding goods and services are to be forwarded to the Customer Service Manager for handling and resolution. For all other matters, the Head of Legal (or a delegated lawyer within the Legal Department if no conflict of interest exists) shall conduct the initial evaluation. If the Company finds no basis to proceed (e.g., the report of breach is manifestly unfounded or unrelated to Company activities), the Whistleblower may be notified of such outcome, subject to confidentiality considerations.
If, after assessing the information received, it becomes clear that the possible violation is related to a Maxima Group company and such a report would be more effectively investigated in that specific company, we reserve the right to forward the report for further investigation to the responsible person of that Maxima Group company, if this does not endanger the whistleblower.
Confirmation of receipt of the misconduct report must be sent to the Whistleblower within seven days of receiving the report, unless the Whistleblower has explicitly prohibited confirmation or if there is a reason to believe that providing such confirmation could jeopardize the Whistleblower’s confidentiality. If it is determined upon receipt of the report that it is not within the competence of the Company to handle the report, the report must be forwarded to the competent authority without delay, but no later than the fifth working day after receipt. The whistleblower shall be notified of this action, unless the whistleblower has explicitly prohibited confirmation or if there is a reason to believe that providing such confirmation could jeopardize the whistleblower’s confidentiality. The Company undertakes to consider any disclosure of information or report seriously and start an internal investigation of the relevant circumstances if deemed necessary.
The Company will take necessary measures to investigate, rectify, and prevent wrongdoing (any illegal, improper, or unethical behavior) and if necessary, will take appropriate follow-up actions or forward the report to the competent authority for processing. Feedback on the implementation of follow-up actions will be provided to the whistleblower as soon as possible, but no later than three months after receiving the report or, in duly justified cases, within six months after the receipt of the report. Feedback is not required if the Whistleblower has explicitly prohibited it or if there is a reason to believe that providing feedback could jeopardize the Whistleblower’s confidentiality.
The Company will provide the whistleblower with feedback on the final outcome of the investigation, except where the whistleblower has explicitly prohibited such feedback or where there is a reason to believe that providing feedback could jeopardize the Whistleblower’s confidentiality.
If criminal or misdemeanour proceedings are initiated based on the report, the confidentiality of the fact of reporting will be ensured in accordance with the provisions of the Code of Criminal Procedure or Code of Misdemeanour Procedure.
6. False Reporting
Whistleblowers must ensure the truthfulness of the information provided. The Company may take legal action against anyone who intentionally submits false or misleading reports. Nevertheless, if whistleblower reasonably believes the information is true at the time of reporting, this is not considered false nor misleading, even if subsequent findings reveal the information to be incorrect.
7. Data Protection
Personal data related to whistleblowing reports will be handled in accordance with the European Union Regulation (EU) 2016/679 General Data Protection Regulation (“GDPR”) and the Company's Privacy Policy[3]. Personal data related to Whistleblowing and related actions shall be processed shall be processed in accordance with GDPR and the Personal Data Protection Act, addressing the specific requirements related to whistleblowing.
8. Law Compliance
This Policy complies with the Law on the Protection of Whistleblowers, ensuring whistleblower protection under Estonian and EU law.
For more information on whistleblower protection and applicable legislation, visit
Act on Protection of Persons Who Report Work-Related Breaches of European Union Law.
[1] https://www.maximagrupe.eu/trust-line/
[2] DigiDoc software is an Estonian electronic document management system developed by the Information System Authority (RIA). The DigiDoc software can be downloaded for free from the following website: Home - ID.ee
[3] Company's Privacy Policy can be found on the webpage: maxima.ee