The whistleblowing channel that protects your organization and builds employee trust

It complies with all security, data protection and confidentiality requirements.

Play Video

Adapt to the new Whistleblowing regulation with us

myReport!n responds to the need for companies to have a mandatory Whistleblower Channel for their employees as required by Law 2/2023.

The main purpose of this regulation is to ensure that all employees have access to a tool that allows them to report possible violations or irregularities that may occur in the company. The Whistleblowing Directive also emphasizes the importance of preserving the confidentiality of the individual making the report.

In short, it seeks to foster an ethical environment in the company by providing avenues for reporting illegal activities and at the same time ensuring whistleblower protection.
myReport!n responds to the need for companies to have a mandatory Whistleblower Channel for their employees as required by Law 2/2023.

The main purpose of this regulation is to ensure that all employees have access to a tool that allows them to report possible violations or irregularities that may occur in the company. The Whistleblowing Directive also emphasizes the importance of preserving the confidentiality of the individual making the report.

In short, it seeks to foster an ethical environment in the company by providing avenues for reporting illegal activities and at the same time ensuring whistleblower protection.

Features

Technical characteristics

Technical characteristics

Ease, customization and security

Discover the many possibilities offered by myReport!n

myReport!n was developed to comply with the current global regulations
in all aspects.

DIRECTIVA (UE) 2019/1937 applies to individuals reporting irregularities, violations, or crimes within companies belonging to the European Union.

LAW 2/2023, of February 20, regulating the protection of persons who report regulatory violations and the fight against corruption.

REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL. of 27 April 2016 regarding the protection of individuals with regard to the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

Organic Law 3/2018 of December 5, 2018, on the Protection of Personal Data and the Guarantee of Digital Rights.

We guarantee compliance with the regulations and the right
to data security and confidentiality,
in 4 simple steps

Encryption of information

When a user inputs information into the system, it is encrypted (transformed into an unreadable set of characters) using an algorithm and an 'encryption key.'

Secret
Key

The user will be provided with a special password or secret key that they must use to access the aforementioned key, necessary for encrypting and decrypting information. Only those with this key can access the encrypted information.

Secure
Storage

Once the data is encrypted, it is stored in the database. The original text (known as plaintext) is not stored; instead, the encrypted text is saved.

Storage of the Encryption Key

The key used to encrypt the information must also be stored securely, so that it can be used in the future to decrypt the data. In this case the keys are stored in a second database and are additionally protected.

Encryption of information

When a user inputs information into the system, it is encrypted (transformed into an unreadable set of characters) using an algorithm and an 'encryption key.'

Secret Key

The user will be provided with a special password or secret key that they must use to access the aforementioned key, necessary for encrypting and decrypting information. Only those with this key can access the encrypted information.

Secure Storage

Once the data is encrypted, it is stored in the database. The original text (known as plaintext) is not stored; instead, the encrypted text is saved.

Storage of the Encryption Key

The key used to encrypt the information must also be stored securely, so that it can be used in the future to decrypt the data. In this case the keys are stored in a second database and are additionally protected.

myReport!n prioritizes the data security of our users. All data related to a case or report stored in our platform is end-to-end encrypted. This means that even if the data were somehow intercepted, it would be unintelligible without the decryption key provided exclusively to the user generating the cases or reports.

The information from the cases is always stored in our systems in encrypted form. No one with access to the system or database can decrypt the information without having the corresponding key for each case.

This security measure ensures that our users’ information is safeguarded from any unauthorized access and complies with privacy and data protection standards.

When the whistleblower generates a new case, the system provides them with an access key. The user is emphasized on the importance of this key, as without it, they won’t be able to access the case in the future to check its progress or accept a future resolution proposal.

The user has the option to copy this key or download a PDF report as an acknowledgment receipt, which also includes the key.

The key associated with a case is never sent via email and is only provided at the time of case creation.

Through a specific role within myReport!n associated with a specific user, it is configured which manager can access the generated cases to manage them.

Only one manager can access, in addition to an acting manager who ensures access for a delegated user in case the main manager is on vacation or on sick leave.

myReport!n allows the whistleblower to create two types of reports:

  • Anonymous: In this case, the system does not require any identifying information from the client, allowing them to generate the report without providing such details.
  • Confidential: In this other option, the whistleblower has the possibility to provide their identifying information so that the personnel responsible for managing the reports can contact them if desired.

Currently, myReport!n provides the option for the whistleblower to indicate whether they want to receive email updates about their case. In these notification emails, only the presence of updates in the case is mentioned, with no reference to the content of the updates.

If the whistleblower does not want to receive notifications about the case, they can indicate this during the creation process, opting out of receiving emails informing them of updates about their case.

Our servers are hosted in high-security facilities under the AWS platform, with certifications and services from AWS including CSA STAR and ISO.

AWS holds certification of compliance with ISO/IEC 27001:2013, 27017:2015, 27018:2019, 27701:2019, 22301:2019, 9001:2015 and CSA STAR CCM v4.0 standards.

Here are a series of measures we implement on our servers:

  • Firewall Configuration
  • Access Configuration
  • Software Upgrades
  • Network layer security
  • Security monitoring
  • Audit Logs
  • Data backups
  • Resource control
  • Vulnerability Scanning

Do you want more information?

Contact us,
we will provide you with the best personalized advice.

Do you want more information?

Contact us,
we will provide you with the best personalized advice.

Scroll to Top