We answer the most frequently asked questions
REGULATIONS
What is the Whistleblower Protection Directive?
Since when and to whom does the Whistleblower Protection Directive apply?
What obligations does the Whistleblower Protection Directive impose on organisations?
Who is a whistleblower?
SERVICE
What is the whiblo service?
How does whiblo protect the whistleblower’s anonymity?
Does the whistleblower have the option to delete the submission after it has been sent?
Does whiblo allow adding submissions sent through other channels?
Does whiblo provide an option to keep a record of internal submissions?
How will organizations benefit from implementing whiblo?
What is the cost of purchasing the whiblo service?
What is the setup cost of the whiblo service?
How long is the rollout process?
What is the process of implementing whiblo in an organisation?
Is it possible to test the app before making a purchase decision?
What is the minimum duration of the service?
Will client data be stored after the contract is terminated?
SECURITY
Does whiblo have safety certificates?
How are submissions encrypted on the server?
How is the data transmission encrypted?
Where is the decryption key stored?
How are metadata removed from attachments?
What does it mean that whiblo does not collect IP address information?
Does whiblo have protection against bots, the so-called captcha?
Is it possible to tamper with the content of the submissions?
Does braf.tech have access to its customer’s data?
What sort of infrastructure does whiblo use?
Are backups of databases made?
PRIVACY
Have the principles of Privacy by Design and Privacy by Default been incorporated in the application?
What tracking cookies are used in the whiblo application?
Are the servers used for the whiblo service located within the EEA?
Is it possible to add an information notice on the processing of personal data?
How does whiblo support compliance with the data minimisation principle?
Does whiblo allow archiving and deletion of data?
How does whiblo mitigate the potential risks of a personal data breach?