User Features

  • Multi-user system with customizable user roles (whistleblower, recipient, administrator)
  • Fully manageable via a web administration interface
  • Allows whistleblowers to decide if and when to confidentially declare their identity
  • Facilitates multimedia file exchanges with whistleblowers
  • Secure management of file access and visualization
  • Enables chat with whistleblowers to discuss reports
  • Provides a unique 16-digit receipt for anonymous whistleblower login
  • Simple recipient interface for receiving and analyzing reports
  • Supports report categorization with labels
  • Includes user search functionality for reports
  • Supports the creation and assignment of case management statuses
  • Customizable appearance (logo, color, styles, font, text)
  • Allows defining multiple reporting channels (e.g., by topic, department)
  • Enables creation and management of multiple whistleblowing sites (e.g., for subsidiaries or third-party clients)
  • Advanced questionnaire builder
  • Provides whistleblowing system statistics
  • Support for over 90 languages and Right-to-Left (RTL) languages

Technical Features

  • Designed in adherence to Directive (EU) 2019/882Directive (EU) 2016/2102ETSI EN 301 549W3C WCAG 2.2, and WAI-ARIA 2.2 recommendations for accessibility compliance
  • Multi-site support enabling the operation of multiple virtual sites on the same setup
  • Responsive user interfaces created with Bootstrap CSS framework
  • Automated software quality measurement and continuous integration testing
  • Long-Term Support (LTS) plan
  • Built with lightweight framework technologies (Angular and Python Twisted)
  • Integrated SQLite database
  • Automatic setup for Tor Onion Services Version 3
  • Supports self-service signup for whistleblowing SaaS setup
  • Compatible with Linux operating systems (Debian / Ubuntu)
  • Debian packaging with a repository for updates/upgrades
  • Fully self-contained application
  • Easy integration with existing websites
  • Built and packaged with reproducibility in mind
  • REST API

Legal Features

  • Designed in adherence to ISO 37002:2021 and EU Directive 2019/1937 recommendations for whistleblowing compliance
  • Supports bidirectional anonymous communication (comments/messages)
  • Customizable case management workflow (statuses/sub-statuses)
  • Conditional reporting workflow based on whistleblower identity
  • Manages conflicts of interest in the reporting workflow
  • Custodian functionality to authorize access to whistleblower identity
  • GDPR privacy by design and by default
  • Configurable GDPR data retention policies
  • GDPR-compliant subscriber module for new SaaS users
  • No IP address logging
  • Includes an audit log
  • Integrates with existing enterprise case management platforms
  • Free Software OSI Approved AGPL 3.0 License

Security Features

  • Designed in adherence to ISO 27001:2022CSA STAR, and OWASP recommendations for security compliance
  • Full data encryption for whistleblower reports and recipient communications
  • Supports digital anonymity through Tor integration
  • Built-in HTTPS support with TLS 1.3 standard and SSLabs A+ rating
  • Automatic enrollment for free digital certificates with Let’s Encrypt
  • Multiple penetration tests with publicly available reports
  • Two-Factor Authentication (2FA) compliant with TOTP RFC 6238
  • Integrated network sandboxing with iptables
  • Application sandboxing with AppArmor
  • Complete protection against automated submissions (spam prevention)
  • Continuous peer review and periodic security audits
  • PGP support for encrypted email notifications and file downloads
  • Leaves no traces in browser cache
Scroll to Top