Service

Whistleblower system

A secure whistleblower reporting channel, compliant with the whistleblower protection law and the EU directive. Anonymous, encrypted and with the register that the law requires.

Call +48 22 378 48 62
  • ISO/IEC 27001
  • 3000+ workstations
  • Since 2017

The obligation to have an internal reporting channel covers more and more companies and institutions. We deploy a ready, secure whistleblower system and the procedures around it, so that it meets legal requirements and genuinely protects those who report. We handle the technical and informational part, while you keep control over handling the reports.

What the service covers

A reporting channel, a procedure and maintenance, ready to meet the requirements.

  • Anonymous, encrypted channel

    A reporter can pass on a matter without revealing their identity, and the content of the report is encrypted and available only to authorised people.

  • Compliance with the law and directive

    The system and procedures meet the requirements of the whistleblower protection law and the EU directive, including deadlines and information obligations.

  • Register of reports

    Keeping a register of reports in line with the requirements, preserving confidentiality and the rules for storing data.

  • Deadlines and feedback

    The system keeps track of acknowledging receipt of a report and of feedback within the deadlines required by law.

Who the obligation applies to and from when

The obligation to set up an internal reporting channel applies to entities employing from a certain number of people, as well as to selected sectors regardless of size. In practice more and more companies must have a working channel, a procedure and a register, and failing to implement them carries the risk of sanctions.

It is not only a formality, though. A well implemented system genuinely protects the whistleblower from having their identity revealed and from retaliation, and gives the company an orderly way of responding to signals of irregularities before they grow into a serious problem.

Security and confidentiality at the centre

Whistleblower reports can be sensitive and concern real people, which is why the security of the system is a condition here, not an add-on. We take care of encryption, limited and accountable access and GDPR compliance regarding the processing and storage of data. The reporter anonymity is protected technically, not just in words.

We also help prepare the organisational part: designate the people who handle reports, describe the procedure and inform employees. As a result the channel is not a dead form, but a working element of the compliance culture in the company.

How we deploy it

From the requirements, through launching the channel, to maintenance and support.

  • channelsecure reporting system
  • procedurecompliant with legal requirements
  • registerkept and protected
  • supportmaintenance and help with handling
  1. Analysis of obligations. We check which requirements apply to your organisation and establish the scope of the channel, the procedure and the roles on the company side.
  2. Channel deployment. We launch a secure, anonymous reporting system, configure access, the register and deadlines, and prepare the procedure.
  3. Maintenance and support. We maintain the system, take care of its security and currency, and support the people who handle reports on your side.

Model rozliczeń

We bill the service as a subscription based on the size of the organisation and the scope of support. Deployment and maintenance are separated, so the cost is transparent.

Included

  • Launch of a secure reporting channel
  • Configuration of the register and deadlines
  • System maintenance and updates
  • Technical and informational support

Beyond the plan

  • Extended procedures for corporate groups
  • Substantive handling of reports by a law firm
  • Integrations with internal systems

It pairs well with a GDPR audit and Data Protection Officer support.

Frequently asked questions

Does our company have to have a whistleblower channel?

The obligation applies to entities from a certain number of employees and to selected sectors regardless of size. We help establish whether and to what extent it applies to your organisation, and we deploy a compliant solution.

Are reports really anonymous?

Yes. The system allows matters to be reported without revealing identity, and the content is encrypted and available only to authorised people. Anonymity is protected technically, not just written into the rules.

Who handles reports after deployment?

The substantive handling is carried out by a designated person or team on the company side, because it is your decision and responsibility. We provide the secure tool, the procedure and technical support, and if needed we combine the service with legal support.

Is the system GDPR compliant?

Yes. Reports often contain personal data, which is why we take care of encryption, limited access, retention rules and GDPR compliance. If needed, we combine the deployment with Data Protection Officer support.

Let us talk about your project

Answer 2 questions about your company. You will see a simple estimate right away, and we will prepare a full proposal within 24 business hours.

  • 2 minutes, no commitment
  • You talk to an engineer, not a salesperson
  • No spam, one contact about your quote