Hintbox IT-Security & Data Protection

A whistleblower system must implement a variety of IT-Security and data protection requirements. Below we show you that the Hintbox meets the technical, organisational and legal requirements of the General Data Protection Regulation and the EU Whistleblower Directive (2019/1937).

Get in touch with us
Deutscher Bundestag

Our IT-Security & Data Protection Seal

GDPR
German Server
SSL Encryption
End to End Encryption

* available from spring 2021

Our IT-Security & Data Protection Seal

GDPR
German Server
SSL Encryption
End to End Encryption

* available from spring 2021

Each Hintbox is a self-contained system. Through isolated data storage, your data is in your own database.

Test the HINTBOX free of charge
Test free of chargeGet in touch with us

Our checklist for data protectors

Check

Use of the latest encryption technologies

Hintbox’s databases are comprehensively protected against unauthorised access using state-of-the-art encryption technologies. TLS encryption (Transport Layer Security) ensures secure data transmission between you and Hintbox and our website.

In addition, we already provide you with end-to-end encryption (available from spring 2021). This means that all personal data and company information, such as business secrets, are encrypted in our whistleblower system via all transmission stations. Only authorised persons can decrypt and view this data and information. The encryption takes place exclusively at the whistleblower’s or compliance manager’s premises. This means that the data arrives on our servers already encrypted, so that neither we, the lawcode, nor other third parties can read the information at any time.

Check

Data hosting at an ISO/IEC 27001 certified data centre in Germany

All data of our whistleblower system is hosted in Germany in an ISO/IEC 27001 certified data centre. There is no data hosting and no data transfer to countries outside the EU.

Check

Ensuring the confidentiality of the data

We offer secure 2-factor authentication to every Hintbox user. Each customer receives their own separate Hintbox instance, ensuring stringent separation and processing of data.

Check

Ensuring the integrity of the data

By using the highest and most modern encryption technologies and indexing data inputs and their changes, we also ensure data integrity in the Hintbox.

Check

Implementation of deletion specifications

All personal data in the Hintbox can be deleted in accordance with the requirements of the General Data Protection Regulation and the EU Whistleblower Directive. This enables you to actually implement deletion requests and also deletion concepts in a legally compliant manner.

Check

Ensuring anonymity

The Hintbox technically ensures the anonymity of a whistleblower in the case of an anonymous report. No IP or MAC addresses, location data or other information that allows conclusions to be drawn about a data subject are stored. The login data for an anonymous whistleblower for the purpose of anonymous communication between the whistleblower and the compliance officer or responsible person are also randomly and automatically generated.

Check

Implementation of an authorisation concept

Our Hintbox enables the implementation of an authorisation concept. Only individual authorised persons are given access to the reports in the whistleblower system. In this way, you fulfil the requirements of data protection and ensure the necessary confidentiality.

Check

GDPR-compliant data processing

Our Hintbox complies with the rules for processing personal data and therefore complies with the General Data Protection Regulation and the Federal Data Protection Act. We process the personal data exclusively according to documented instructions and on your behalf as an order processor. For this purpose, we conclude an agreement on commissioned processing with you. This agreement contains the high standards of technical and organisational measures that we guarantee with our whistleblower system.

Check

Help and support

Of course, our customer support will assist you with all IT-Security and data protection concerns. We support you in the processing of data protection rights of data subjects. We also support you in carrying out a data protection impact assessment and much more.

Are you prepared for the Whistleblower Directive?

CONTACT US WITHOUT OBLIGATION

6 + 2 =