Privacy Policy & Data Protection

Our Commitment to Your Privacy

We are committed to protecting your privacy and maintaining the confidentiality of all reports submitted through this system.

Key Privacy Protections:
  • Anonymous Reporting: Complete identity protection for anonymous submissions
  • Data Encryption: All data encrypted in transit and at rest
  • Access Controls: Strict limitations on who can view your information
  • Confidential Investigation: Need-to-know basis for all case information
  • Secure Storage: Enterprise-grade security for all data
Information We Collect
For Anonymous Reports:
We Collect:
  • Report description and details
  • Category of concern
  • Date and time of submission
  • Uploaded files and evidence
  • Communication messages
We DO NOT Collect:
  • Your name or personal information
  • IP addresses or location data
  • Device fingerprinting information
  • Browser history or cookies
  • Any identifying metadata
For Identified Reports:
We Collect:
  • All anonymous report information, plus:
  • Your name (optional)
  • Contact email address
  • Phone number (if provided)
  • Department/role (if provided)
  • Communication preferences
Purpose:
  • Direct communication about your case
  • Status updates and notifications
  • Investigation coordination
  • Follow-up support
How We Use Your Information
Investigation
  • Assign cases to appropriate investigators
  • Conduct thorough investigations
  • Interview relevant parties
  • Document findings and outcomes
  • Take corrective actions
Communication
  • Send case status updates
  • Request additional information
  • Provide investigation results
  • Offer support resources
  • Maintain secure dialogue
Improvement
  • Analyze reporting trends
  • Identify systemic issues
  • Improve policies and procedures
  • Enhance workplace culture
  • Prevent future incidents
Information Sharing & Access
Who Has Access:
  • Assigned Investigator: Reviews and investigates your specific case
  • Investigation Supervisor: Provides oversight and guidance
  • HR Personnel: For policy and procedural guidance (as needed)
  • Legal Counsel: For legal compliance issues (as required)
  • Senior Management: For serious violations requiring executive action
  • System Administrator: Technical support only (no case content access)
We Never Share With:
  • Reported Individuals: Without proper investigation process
  • Unauthorized Personnel: Anyone not involved in the case
  • External Parties: Unless legally required
  • Other Reporters: Information from other cases
  • Social Media: Any information publicly
  • Marketing/Sales: No commercial use of data
Legal Exception: We may be required to share information with law enforcement or regulatory authorities when legally mandated.
Data Security Measures
Encryption
  • 256-bit SSL/TLS encryption in transit
  • AES-256 encryption at rest
  • Encrypted file storage
  • Secure communication channels
  • Encrypted database storage
Access Controls
  • Role-based access permissions
  • Multi-factor authentication
  • Regular access reviews
  • Audit logs for all access
  • Automatic session timeouts
Infrastructure
  • Secure cloud hosting
  • Regular security updates
  • Firewall protection
  • Intrusion detection
  • Regular security assessments
Data Retention Policy
Retention Periods:
  • Active Cases: Retained until case closure plus 30 days
  • Closed Cases: Retained for 7 years for legal compliance
  • Communication Records: Retained with case files
  • Evidence Files: Retained for legal hold periods
  • System Logs: Retained for 2 years for security purposes
  • Anonymous Reports: No personal data to purge
Deletion Process:
  • Automated Deletion: System automatically purges expired data
  • Secure Deletion: All data securely overwritten
  • Legal Holds: Data preserved if legally required
  • Backup Purging: Backups also purged on schedule
  • Confirmation: Deletion activities logged and verified
Note: You can request early deletion of your data by contacting the system administrator, subject to legal requirements.
Your Privacy Rights
You Have the Right To:
  • Access: Request copies of your personal data
  • Correct: Request correction of inaccurate information
  • Delete: Request deletion of your personal data (subject to legal requirements)
  • Restrict: Request limitation of processing in certain circumstances
  • Object: Object to processing based on legitimate interests
  • Portability: Request transfer of your data in machine-readable format
How to Exercise Your Rights:
  • Contact Method: Submit request through this system or email
  • Identification: We may need to verify your identity
  • Response Time: We will respond within 30 days
  • No Cost: Most requests are processed free of charge
  • Appeal Process: You can appeal our decisions
Anonymous Reports: We cannot fulfill data requests for anonymous reports as we cannot verify identity.
Contact & Policy Updates
Privacy Questions & Requests:

For any privacy-related questions or to exercise your rights:

  • Submit through this system: Use your case ID to send a message
  • Contact HR: For general privacy questions
  • Contact Legal: For legal compliance questions
  • System Administrator: For technical data questions
Policy Updates:

We may update this privacy policy from time to time:

  • Notification: Users will be notified of significant changes
  • Effective Date: Changes take effect 30 days after notice
  • Review: Policy reviewed annually
  • Version History: Previous versions available upon request

Last Updated: January 2025

Version 1.0