WhistleB Trust Centre

WhistleB has made data privacy our top priority so that your data and the anonymous whistleblower are always protected. Read more about our market-leading security solutions here.

1 Advanced data privacy and security settings
2 Reliable and flexible service platform
3 Commitment to legal compliance globally
4 Adherence to ISO27001
1

Advanced data privacy and security settings

WhistleB’s security solutions protect sensitive data

Building trust in the service and protecting sensitive data is paramount for all WhistleB customers, which is why the principles of security by default and security by design are embedded in the WhistleB service. Data security is the basis for all functions in the service.

The WhistleB third-party solution safeguards the anonymity of the whistleblower and protects sensitive data.

Protection of customer data

  • Secure multi-factor authentication
  • Intrusion detection and prevention
  • Encryption of data in transmission and in storage
  • Activity logs by case and by users
  • Redundancy of data (to prevent loss of data)
2

Reliable and flexible service platform

Your data is stored securely

A truly global whistleblowing service requires the highest levels of reliability and flexibility. The WhistleB service platform has been designed to allow high scalability and flexibility, offering a future-proof service to our customers. WhistleB has chosen Microsoft Azure, which offers the most comprehensive set of compliance offerings, as its hosting and development platform.

Platform services are delivered to customers through data centres, each designed to run 24/7/365, and each employing various measures to protect operations from power failure, physical intrusion and network outages.

Certifications

Microsoft Azure has a multitude of certifications and is committed to their annual renewal. These include ISO 27001 (international standard for information security management), ISO 27018 (international standard for protecting personal data in the cloud) and Cloud Security Alliance. Management security and compliance statements for Microsoft Azure are available at Microsoft’s Trust Centre.

3

Commitment to legal compliance globally

Legal compliance

The WhistleB system is used in 150 countries and complies with current data protection laws. This includes compliance with the EU GDPR, the strictest such law in the world, and its requirements for the handling of personal data and protection by default and by design. The system also enables our customers to comply with the EU whistleblower protection directive.

National instructions are updated annually to make sure that your service is compliant wherever it is offered.

How we meet key GDPR requirements

Data is stored in the EU. The customer controls the encryption which means that neither WhistleB nor its suppliers can access sensitive customer data. For no-trace, safe machine translations, Microsoft Translator is included as an option in the WhistleB Case management tool. The functionality of this tool is GDPR compliant. The Microsoft Translator commitment includes the EU Model Standard Contractual Clauses and compliance with the EU-US Privacy Shield Framework. No text submitted using the safe machine translation function will be stored, nor written to persistent storage.

4

Adherence to ISO 27001 to protect customer data

WhistleB Information Security Management System

WhistleB works systematically to protect customer information. The WhistleB Information Security Management System (ISMS) complies with ISO/IEC 27001:2017, the international information security standard. It has been designed to ensure that information security, including personal data management, is taken into account in all decisions during development and throughout the lifecycle of the service.

Information security

The Information Security Management System (ISMS) governs WhistleB’s internal processes and our relationships with customers, partners and suppliers. We ensure the confidentiality, integrity and availability of customer data.

Whistleblowing made trustworthy

WhistleB has years of experience in business ethics and sustainability issues. WhistleB offers services related to the establishment and embedding of codes of conduct, ethical policies and sustainability reporting.

  • WhistleB reports on its sustainability work according to the Global Reporting Initiative (GRI). WhistleB GRI Report
  • All employees and sub-contractors sign a WhistleB Code of Conduct/Supplier Code.
  • WhistleB compensates for the carbon dioxide emissions caused by its business, the key source of which is business travel.
  • WhistleB’s founders, Gunilla Hadders and Karin Henriksson, are the authors of two books:
    A Sustainability Handbook, “Sustainable Profit”, translated into multiple languages and used by companies and organisations, including the Swedish Ministry for Foreign Affairs and The WhistleB handbook, “The ABC guide for establishing a whistleblowing solution that increases customer and employee satisfaction” for company boards and management teams.

Downloads

Kenneth Magnusson

Quality Manager, NIBE

"The WhistleB Case management tool provides us with a user-friendly interface that enables dialogue with an anonymous whistleblower, secure translations and third party investigations. The service was efficiently implemented. WhistleB took the lead for the entire implementation process.”

Håkan Zinders

Sustainability manager, Almi

"Both for our management and for the owner the whistleblower system is a hygiene factor.”

Pehr Ohlsson

Head of Labour Relations, Axfood

WhistleB delivers good service and is attentive to any possible development needs of the system.”

Anna Annerås

Director, Ecolean

“ With a credible whistleblowing system we show that we care about our employees and how we conduct our business. WhistleB filled all our criteria as a supplier; they had thorough whistleblowing expertise and a system that creates confidence through a high level of safety and stylish design. WhistleB has been incredibly professional and service-oriented.”

Sajan Parihar

Director, Microsoft Azure Platform, Microsoft

“We’re happy to welcome WhistleB’s solution to the growing Azure Marketplace ecosystem.” WhistleB – Microsoft Azure »

Madeleine Jennefelt

Legal Counsel, Resurs Holding

We are very satisfied with the service that WhistleB offers. The interface is user-friendly and the system ensures anonymity and transparency. The implementation was carried out efficiently and we got valuable advice and assistance throughout the roll-out phase.”

Caroline Jakobsson

Head of Corporate Governance, Stena Group

WhistleB is an easy to use system, with relevant features that facilitate the monitoring of reported cases. It is easy to stay in touch with the whistleblower, who remains completely anonymous and we are notified by e-mail as soon as a new report or a follow up answer is received. With the professional guidance of the WhistleB team the system was very easy to implement.”

Johan Ek

Senior Legal Counsel, Swedfund

WhistleB has a thorough knowledge in the field of organizational whistleblowing, provides a global tool, that is easy to adapt, and has a service minded attitude.”

Tuija Luukkanen

Corporate Responsibility Manager, Tornator

“The cooperation with WhistleB has been smooth and effortless. The whistleblowing system was implemented with a tight schedule. We have also opened a phone reporting hotline for one of our markets.”

Gunilla Hadders

Founder of WhistleB

“We have packaged our years of experience in the WhistleB off-the-shelf whistleblowing system, so our customers can enjoy a straightforward launch of a modern whistleblowing system.”

Biörn Riese

WhistleB Advistory Board

“The purpose of whistleblowing is to create a simple channel, reducing risks and increasing transparency. A whistleblowing system must be able to handle sensitive information and personal data in an accurate and credible way. This is why it is excellent that WhistleB’s whistleblower system is both ISO 27001 certified and GDPR reviewed."

WhistleB policies

Customers

Compliance and Sustainability