Compliance with US SOX Law
In this privacy policy we have explained that your personal information may be used for the purpose of ensuring compliance with legal, regulatory and other good governance obligations and that it may be disclosed to service providers. This includes use for the purpose of enabling Apollo Group Companies to comply with The US Sarbanes–Oxley Act of 2002 (“SOX Law”).
The purpose of the SOX Law is to guard against unethical, improper or illegal business conduct including, for example, accounting and financial fraud, conflicts of interest and white collar crime.
The Apollo companies may appoint one or more service providers to assist them in managing a whistleblowing helpline and a webpage which act as a reporting mechanism (the “Helpline”) to ensure compliance with the SOX Law, local laws and regulations relating to similar purposes and any other laws and regulations which relate to fraudulent, illegal or unethical behaviour.
It is possible that a BPP employee, student or faculty teacher may report matters of concern through the Helpline and that your personal data may be used by the Apollo companies, its service provider(s) which manage the Helpline and by BPP for the purpose of investigating any such report and taking remedial action thereafter. For example, if a BPP employee suspects that an earlier employee is misusing company records for his own purposes or is committing a fraud which involves your personal information, he may report this through the Helpline.
Should this happen, your personal information would only be used for the purpose of ensuring compliance by the Apollo companies and the BPP companies with the relevant laws and regulations. Wherever reasonably possible your personal information would be anonymised prior to use for the purpose of investigations and remedial action so that it does not relate to you, but in some specific circumstances this may not be possible as it may prohibit a full investigation.
Any transfers to the Apollo companies and its service provider(s) which manage the Helpline and which may also be in the US would be carried out in accordance with the Data Protection Act 1998 (please see the section directly above). There would be contractual measures in place with those service providers to protect your personal information (please see the “Who do we share your personal information with?” section above) to ensure that (first) it is used only in accordance with Apollo’s instructions (in particular, the instructions of the relevant BPP company) and for the purpose of investigating suspected compliance issues, and (secondly) that it keeps such personal information secure. In addition, reasonable efforts are used to ensure that the website related to the Helpline and messages sent through that portal are secure and in particular, they are encrypted.
A limited number of specially trained Apollo and BPP employees only will have access to your personal information which is disclosed through the Helpline where and to the extent that this is necessary for the purposes of carrying out their roles. In any event, their access will be very limited, secure, carefully controlled and justified. To this end they will be subject to appropriate confidentiality obligations.
We encourage our employees to use the Helpline in good faith and only for serious or substantial issues which cannot properly be reported via other means.
Provided reports are made through the Helpline in good faith, we try to protect your identity as much as possible. However, we cannot guarantee this (especially in subsequent court or tribunal proceedings) and we are required to inform the subject of the reports about the allegation(s). Those subjects have the right to request their own personal information, as do you. See our privacy policy for full details.
