Ethical code

The Grupo Puma Code of Ethics, approved by the management bodies of each company within the group in October 2016, reflects the group's core values and outlines the general principles that should guide the actions of all professionals who are part of it.

Accordingly, the Grupo Puma Code of Ethics is a key element in ensuring the integrity of our business and represents who we are and how we operate as a company. This applies both internally, in relation to the companies that make up the group and all their employees, managers, and directors, and externally, in the market and in dealings with competitors. All professionals within the group, regardless of their position in the organization or their location, must be familiar with the mission and values outlined in the Code of Ethics, embrace them, and use them as guidelines for their daily conduct and decision-making.

This document, also available on the group's corporate intranet, is periodically checked to incorporate necessary updates in response to new internal and external requirements and to ensure its continuous improvement.

The management bodies of the companies that are part of Grupo Puma have also approved a series of corporate policies aimed at promoting the organization's behaviour according to ethical standards and the applicable regulations in each identified risk area. These policies establish a set of procedures and actions designed to prevent, detect, and respond to irregular conduct, fraud, or any acts contrary to the group's Code of Ethics or current regulations. The combination of these corporate policies and action protocols, together with the group's Code of Ethics, represents the organization's strong commitment to its professionals, clients, suppliers, competitors, and other stakeholders. This commitment ensures that all activities are conducted in full compliance with applicable laws and regulations, as well as the highest ethical standards and values.

Additionally, the company has established a communication and whistleblowing channel via the email address canaldedenuncias@grupopuma.com for use by employees and other stakeholders. This channel is intended to support the objectives set out in both the Code of Ethics and the internal policies and processes approved within the organization.

Likewise, a safe and anonymous channel is also provided for employees and other stakeholders to report any behaviours, actions, omissions, or events that may constitute a potential criminal or administrative offence, a violation of the company's Code of Ethics, or a breach of its internal regulations as established in its corporate policies and specific action protocols. This channel is intended to address violations occurring in the course of the offender’s professional duties, or those that have an impact on contractual relationships with clients or suppliers, as well as on the company's interests and reputation with third parties.

Send an anonymous complaint

For the purposes outlined above, the following PRINCIPLES govern the operation of the whistleblowing channel:

  • i. Employees, shareholders, partners, and members of the entity’s management body may be both whistleblowers and subjects of a report.
  • ii. Reports may be made through the internal channel as well as to the competent authority via existing external channels.
  • iii. Communications must adhere to principles of truthfulness and proportionality. This mechanism may not be used for purposes other than ensuring compliance with legal requirements or the internal policies and protocols implemented by the company.
  • iv. The whistleblower has the option to report misconduct anonymously.
  • v. The identity of both the whistleblower and the subject of the report, as well as all related information and data, will be treated as confidential where applicable.
  • vi. The whistleblowers and the reported individual’s data and identity may be disclosed to administrative or judicial authorities if required as part of any legal proceedings arising from the report. Disclosure may also extend to individuals involved in any subsequent investigation or judicial procedure. Any data transfer will comply with the applicable personal data protection regulations in force at the time.
  • vii. The Compliance Committee, specifically the Whistleblowing Channel Officer, is responsible for managing communications submitted through the channel and managing related investigations.
  • viii. Possibility of reporting behaviours, actions, omissions, or events that may constitute a potential criminal or administrative offence, a violation of the company's Code of Ethics, or a breach of its internal regulations as established in its corporate policies and specific action protocols. This applies to misconduct occurring in the course of the offender’s professional duties, or those that have an impact on contractual relationships with clients or suppliers, as well as on the company's interests and reputation with third parties.
  • ix. Acknowledgement of receipt of the report will be sent to the whistleblower within a maximum of seven (7) days from the date of receipt, unless doing so would compromise the confidentiality of the communication.
  • x. A reasoned response regarding whether or not the reported incident warrants further proceedings will be sent via email, based on the factual elements provided by the whistleblower, within a maximum of ten (10) days from the report’s receipt.
  • xi. The maximum response time for addressing the reported matter is three (3) months from the date of receipt. This period may be extended for an additional three (3) months if the case is particularly complex.
  • xii. The whistleblower may be required to provide additional information and/or documentation necessary to substantiate the reported misconduct.
  • xiii. The subject of the report will be informed of the alleged conduct and their corresponding rights, as well as granted the opportunity to be heard at any stage of the process.
  • xiv. If applicable, the individual against whom the report is filed must abstain from participating in the investigation or decision-making process.
  • xv. Data processing will be conducted in accordance with Regulation (EU) 2016/679 of the European Parliament and the Council of April 27, 2016, as well as Organic Law 3/2018 of December 5 on Personal Data Protection and the guarantee of digital rights. Access to such data will be restricted to the Compliance Committee and the Whistleblowing Channel Officer, the HR Department (when disciplinary measures may be required), the Legal Department (if legal action needs to be taken), designated data processors if applicable, and the Data Protection Officer.
  • xvi. If the reported facts constitute a criminal offense, they will be immediately reported to the Public Prosecutor’s Office.

Furthermore, and without prejudice to the above, actions or omissions that may constitute a serious or very serious criminal or administrative offense, as well as those that may violate European Union law—provided they fall within the scope of the EU acts listed in the annex of Directive (EU) 2019/1937 of the European Parliament and the Council of October 23, 2019, impact the EU’s financial interests, or affect the internal market—may be reported to the Independent Authority for Whistleblower Protection, A.A.I., the corresponding regional authorities, or, if applicable, directly to EU institutions and bodies through their designated external reporting channels.

Download Code of Ethics PDF



You could be interested in: