Compliance with US SOX Law, the UK Bribery Act and other relevant legislation
The purpose of SOX Law is to guard against unethical, improper or illegal business conduct including, for example, accounting and financial fraud, conflicts of interest and white collar crime. The purpose of the FCPA and the Bribery Act is to guard against bribery in business conduct.
BPP’s Parent Group Companies may appoint one or more service providers to assist them in managing a whistleblowing helpline and a webpage which acts as a reporting mechanism (Helpline) to ensure compliance with Conduct Legislation.
It is possible that a BPP employee, student or faculty teacher may report matters of concern through the Helpline and that your personal data may be used by BPP’s Parent Group Companies, its service provider(s) which manage the Helpline and by BPP for the purpose of investigating any such report and taking remedial action thereafter. For example, if a BPP employee suspects that another employee is misusing company records for his own purposes or is committing fraud involving your personal data, they may report this through the Helpline.
Should this happen, your personal data will only be used for the purpose of ensuring compliance by BPP’s Parent Group Companies with the relevant laws and regulations. Wherever reasonably possible, your personal data will be anonymised prior to use for the purpose of investigations and remedial action so that it does not relate to you. However, in some specific circumstances this may not be possible as it may prohibit a full investigation and prevent compliance with a relevant regulation or Conduct Legislation.
Any transfers to BPP’s Parent Group Companies and their service provider(s) which manage the Helpline and which may also be in the US or elsewhere in the world will be carried out in accordance with the Act. There will be contractual measures in place with those service providers to protect your personal data (please see the "Who do we share your personal data with?" section above) to ensure that, first, it is used only in accordance with BPP’s Parent Group Companies’ instructions (in particular, the instructions of the relevant BPP company) and for the purpose of investigating suspected compliance issues, and, secondly, that it keeps such personal data is kept secure. In addition, reasonable efforts are used to ensure that the website related to the Helpline and messages sent through that portal are secure and in particular, that they are encrypted.
A limited number of specially trained employees from BPP’s Parent Group Companies will only have access to your personal data which is disclosed through the Helpline where and to the extent that this is necessary for the purposes of carrying out their roles and for the purpose of compliance. In any event, their access will be limited, secure, controlled and justified as BPP considers is fair and necessary in the circumstances. These employees will be subject to appropriate confidentiality obligations.
We encourage our employees to use the Helpline in good faith and only for serious or substantial issues which cannot properly be reported via other means.