CN GROUP has implemented an Internal Information System, hereinafter IIS or Information Channel, in order to ensure the effectiveness of the Code of Ethics (see our Code of Ethics here), of the rest of the internal regulations relating to the supervision, monitoring, and control for the prevention of criminal risks, and situations and conduct contrary to the legal rules applicable to the Company and its internal regulations.

This Information System, which is constituted as a tool available to all CN GROUP employees, as well as to third parties who collaborate with the organization in any way, is designed, established, and managed securely, so that the confidentiality of the whistleblower’s identity and any third party mentioned in the communication is guaranteed.

The Channel is accessible via the corporate website to which the rest of the domains of the CN GROUP companies refer.

Anyone wishing to make any communication may do so, even anonymously, via any of the channels offered by the internal information system of CN GROUP, which are specified as follows:

  • By writing to the e-mail address expressly provided for this purpose at the following address: or by post to the Ethics Committee support center at Polígono Industrial de Arguedas, 4, 31513, Arguedas (Navarra).
  • By telephone at +34948026647.
  • In the case of employees, by means of a written or verbal report to their hierarchical superior, who will pass it on to the Ethics Committee.
  • By requesting a face-to-face meeting, which must take place within seven days of the request.

In the event that the communication is made verbally, including by telephone or voice messaging system, it shall be documented by means of recording, giving warning to the whistleblower, or by means of transcription, giving the whistleblower the possibility to review and validate such transcription.

All communications guarantee the confidentiality of the identity of the whistleblower, of any third party mentioned in the communication, and of the actions carried out in the management and processing of the communications, as well as data protection, preventing access by unauthorized personnel; however, the submission of anonymous communications is permitted. Additionally, confidentiality is guaranteed when the communication is sent via non-established channels or to members of the personnel not responsible for its processing. For this reason, the staff is duly informed on this matter and will immediately refer it to the Ethics Committee.

Likewise, breaches of the regulations referred to in Law 2/2023 may be reported to the Independent Whistleblower Protection Authority (I.W.P.A.) or to the corresponding regional authorities or bodies, with internal communication within the organization being the preferred channel for reporting this type of breach, providing that it can be dealt with effectively and there is no risk of reprisals.

CN GROUP has a management procedure for the Internal Information System, which describes in detail the procedure that is to be followed from the moment the information is received until, if necessary, the appropriate measures are adopted in response to it in the event that it constitutes a case of non-compliance with regulations.

The provisions of this Procedure respect, in any case, the guarantees of protection for whistleblowers in accordance with the provisions of Directive (EU) 2019/1937 of the European Parliament and of the Council of 23 October 2019 on the protection of persons who report breaches of Union law, Law 2/2023 of 20 February, regulating the protection of persons who report regulatory breaches and the fight against corruption, as well as the provisions of personal data protection legislation.

The body responsible within the Organization for managing the operation of the IIS, as well as for receiving information on the possible commission of an unlawful, irregular or improper action committed within the Organization, and the subsequent processing of the investigation proceedings, is the Ethics Committee, which shall periodically inform the Governing Body of the information received, with this body being ultimately responsible for making decisions on the resolution of the information received.

The CN GROUP’s IIS reaffirms its commitment that any illicit activity on the part of the Organization or any of its executives, employees or third parties who in any way collaborate with the Organization will be rigorously investigated, and the appropriate measures will be adopted in accordance with internal and external regulations.