Send a report with the outmost confidentiality.

Frequently Asked Questions

What is a whistleblowing portal and when should I use it?

 

The whistleblowing platform (Legality whistleblowing) provides an opportunity to report unethical or illegal behavior and related information. If misconducts are reported in time, the organization can take the necessary measures to reduce or avoid possible damages and negative impacts on natural persons, the organization or Society.

 

The platform provides the possibility to report with name or anonymously. Whichever the whistleblower chooses, his/her protection is guaranteed. Those who investigate the report handle the information of the content and the persons affected by the report confidential.

 

 

Why should I report suspected misconduct?

 

Whistleblowing is fostering high ethical standards and thus maintaining customer and public confidence in the organisation and its operations. By reporting misconducts, you can contribute to prevent financial and reputational damages and can help to protect the victims of the case. Please, help us to ensure the compliance with our ethical standards and legal requirements.

 

How is my anonymity ensured?

 

DigitalPA is an independent service provider that establishes secured communication between you and the individuals receiving the message. The service is separated from our company’s IT environment. DigitalPA does not track IP addresses or other data that could identify a person sending a report unless the message is sent with registered account. Messages can only be decrypted by individuals are responsible for the investigation of the affected company.

 

Beside that we recommend you to access the platform from a device that is not connected to the company’s network.

 

What should I report?

 

The reports can refer to behaviors, risks, offences, irregularities that can damage natural or legal persons or that can damage the public interest. For example, including the followings but not limited to:

 

  • Criminal offenses such as corruption, theft, or fraud
  • Transactions that are likely to influence financial reporting or auditing
  • Violation of legislation to which the company is subject, e.g. competition law, labour law, environmental protection
  • Serious violations of internal policies, regulations, Code of Conduct
  • Violation of human rights (e.g., Code of human rights, social principles, discrimination, workplace harassment...)

 

 

What information should I include in my report?

 

To enable a successful investigation, you should include a detailed description of what has happened, as well as when and where it happened. You do not have to have proof of your suspicions, but the report should always be submitted in good faith. You may attach text files and evidences to your report.

 

What happens after I have sent a report?

 

After having submitted your message, you will receive a code. The receivers of your message may post a response or a follow-up question to you. This dialogue, during which you remain anonymous for as long as you want, ensures that you have the possibility to contribute to a successful investigation process.

How can I submit a report?

 

The Whistleblower can send the report in two different ways:

 

  1. Reserved: The identity of the reporter is hidden but available for the investigators (Compliance Management)
  2. Anonymous: The identity of the reporter is not available

 

Thereafter, the reporter has the opportunity to track the report, supplement it, and respond to any inquiries from Compliance Management through the messaging integrated into the platform.

 

The system encrypts all content entered into the platform and provides email notifications to the company’s Compliance professionals and the reporter (if he or she has indicated an email address for notifications).

 

 

How the application ensures information security?

 

Maximum data security and protection at the highest levels, guaranteed by the DigitalPA ISO 27001/2014 certification and by the certified server farm infrastructure. Each platform has an integrated firewall with very strict rules, which limit accesses and actions to the software. There are regular testing on the system vulnerability and safety. IP and SSL Certificate dedicated for each customer. All requests managed by the platform are protected by CSRF token. Complete statistics and system logs track all the operations performed on the platform. The system is installed on a TIER IV1 certified dedicated server infrastructure, which ensures the best performance in terms of security and data availability.

 

Is my report encrypted?

 

Yes, data is encrypted during transmission and storage. The cryptographic system guarantees that messages and their attachments can only be read by the sender and recipient through the pairing of the public and private cryptographic key.

 

What is the role of DigitalPA?

 

DigitalPA is an independent service provider that contracted to provide a secured and trusted whistleblowing solution Legality Whistleblowing at the disposal of Whistleblowers and organisations, both in the public and private sectors to manage reports of unethical behavior and violation of law. 

 

The DigitalPA solution makes available anonymous communication between the whistleblower and the organisation’s compliance team.

 

What should I do if I have forgotten the ID or password?

 

If you forget the ID or password, it cannot be restored for security reasons. You can send a new message and refer to your original report.