Data security

We protect the disclosures we receive with AES256 encryption.

Our systems and controls ensure that only authorised recipients can access the confidential whistleblowing reports we have taken on our clients’ behalf.

Once an authorised recipient has received a report from us, its details are erased from our systems.

Physical security

Our operational headquarters are located within a solely occupied building, giving us complete control over physical security.

External security is assured via a three-stage entrance system, and our security procedures adhere to ISO 27001:2013 standard.

Our team of experienced hotline operators work within a secure area that cannot be accessed by unauthorised personnel.

Protecting the whistleblower

Maintaining the confidentiality preferences of a reporter (where regional law allows) is a key element of our service.

Alongside our other security controls, those seeking to raise their concerns are issued with a unique password which allows them to update or seek feedback on their report without revealing their identity.

Data privacy

Our service is 100% auditable and we are compliant with all relevant data protection laws (including GDPR) to which we are subject.

We can also work with you to handle reports in a manner that is consistent with your own data privacy controls.