Packages

Essential

Ready to use solution for small and medium-sized companies looking for quick and efficient compliance with the EU Directive and GDPR.

Professional

The flexible solution with a variety of customisation options and comprehensive case management complete with authorisation concept and real-time reporting.

Enterprise

A full-feature solution
with highest customization
possibility, extensive case management options and
advanced reporting with deep-dive.

100% compliance with the EU whistleblower directive and GDPR

integrity-line-eu-flag
integrity-line-eu-flag
integrity-line-eu-flag

Confidential and protected reporting channel with anonymous dialogue function

Customisation of the reporting process

Standard

Individually configurable

Individually configurable

Number of languages available for the reporting process

Over 80 languages

Case Management

Standard

Extended

Individually configurable

Translation service for case management

Automated

Individually configurable

Deadline monitoring, case documentation and reporting

Individual system configuration

Connection to the telephone reporting channel

High level of data encryption according to BSI standard

Two-factor authentication

Secure, ISO27001 certified hosting and data storage in Europe

Public

Public or Private

Public or Private

Report process accessible according to WCAG 2.1 standard

WACA-Certificate in Bronze

WACA-Certificate in Bronze

WACA-Certificate in Bronze

Training

Communication material*

Additional modules such as single sign-on, data deep dive, et.

*Free package with generic communication materials as digital files (individualised files at an extra charge)

» Our experience of cooperating with EQS Group during the implementation was an extremely positive one. We drew up a plan with initial steps and they always answered our questions quickly and flexibly. This positive experience has continued and, even when questions arise, EQS Group always reacts very fast. «

Kristina Schmieg, Compliance Manager at PUMA SE

Kristina Schmieg
Senior Manager Compliance,
PUMA SE

FAQ

Our whistleblower system (EQS Integrity Line) guarantees the whistleblower’s anonymity and ensures that their identity cannot be traced by technical means. EQS Integrity Line is hosted on external ISO 27001-certified high security servers. No IP addresses, location data, device specifications or other data that could allow conclusions to be drawn as to the identity of the whistleblower are stored on these servers.

The whistleblower can decide for themselves whether they want to remain anonymous or provide any personal information. In any case, the content of the report is transmitted in a highly encrypted form using a public-private key procedure (PGP) with 2048 RSA bit. In addition, all server communications take place via a secure HTTPS connection.

Learn more about security at EQS Group

Both EQS Group as a company and their software development for the EQS Integrity Line is certified to Information Security Standard ISO 27001. The product development and its continuous development follows the “Security by Design” principle.

In addition, the system ensures full compliance with EU GDPR and worldwide data protection regulations, both for the whistleblower in the reporting process and for the case handler in the integrated case management.

EQS Integrity Line meets the highest security and encryption requirements (data transmission and access) and thus guarantees absolute confidentiality for submitted reports.

– ISO 27001-certified high-security computer center

– Systems security confirmed by annual external penetration test

– SSL-certified connection

– Cryptographically complex storage procedure

– Case specific encryption

– Key in the customer’s hand (neither EQS Group nor other third parties have access to content)

– Access to content via detailed authorization system

– Various IT security modules e.g. for user administration and data protection

– Complete protection of the whistleblower’s anonymity

– Regular security audits and penetration tests

EQS Integrity Line is made for worldwide use and available in over 80 languages as standard.

EQS Integrity Line offers various packages and configurations to meet different customer requirements. Out of the box solutions can be available within a few days with minimal effort on the customer’s side. Customized solutions with extended case management functions are usually available for operational use within 4 to 8 weeks. During implementation, our experienced project managers are at the customer’s side for optimal implementation and best practice consulting.

EQS Group offers the client various best practice templates for quick and easy whistleblower system implementation. These templates can be adopted 1:1 or adapted according to the customer’s requirements. Templates are already available in a large variety of languages and can also be transferred into any language. In addition to templates, our experienced project managers are also available at any time to provide advice and support to the customer throughout the entire implementation phase of the whistleblowing software.

EQS Group supports compliance with the European Data Protection Regulation (GDPR) and other data protection regulations worldwide through various measures at the organizational, technical and functional level:

At the organizational level, through measures taken for information security and data protection in the form of a proper and certified ISMS according to ISO 27001 standards. This is subject to regular internal and independent audits.

On the technical level, EQS Integrity Line was developed according to the highest standards for data protection and security. This means

– no logging of personal data of visitors and whistleblowers

– encryption of data in transit and stored data

– no metadata analysis or research with our customer data

– opportunities for data protection notifications (disclaimers) and other information during the reporting process

– activating various security functions in relation to access and processing of data

At the functional level, EQS Integrity Line supports the case handler in the frequent tasks and activities related to internal data protection processes. This includes

– dynamic reminders and notifications when certain data protection criteria occur, including indication of necessary actions

– support with anonymization of case details (e.g. personal data) and optionally also file attachments

– automation of internal approval procedures and dual control principle for sensitive case handling actions

– granular authorization management and role concept for fine-tuning access to sensitive case contents

Whistleblowing systems are a central component of an effective compliance management system in companies according to international standards. Approximately two thirds of company irregularities detected are uncovered by whistleblowers. A functioning whistleblower system is therefore more important as a control element than management and external and internal audit combined.

In recent years, many countries have spoken out unequivocally in favor of the legal protection of whistleblowers and thus the establishment of safe and protected whistleblower systems, for example France with its Sapin 2 law and the EU with its directive on the protection of persons reporting on breaches of Union law. The EU Whistleblowing Directive came into force on 16 December 2019 and requires companies to make internal whistleblower systems available.

Whistleblower systems thus not only protect whistleblowers (employees, customers, suppliers, etc.), but also protect the company from reputational damage and financial risks.

EQS Integrity Line: certified secure

Our whistleblowing hotline EQS Integrity Line meets the highest standards of IT security and data protection. We prove this in regular external security audits.

integrity-line-isae-I-II-certification-logos