A fully compliant reporting channel, operational in minutes #

EthicsPortal provides a fully configured whistleblower reporting channel that meets EU Directive 2019/1937 out of the box. No implementation project, no IT department required.

Set up in 3 steps #

1. Configure your portal (2 minutes) #

Create your account, then customize:

• Organization name and brand color — your portal, your identity
• Report categories — fraud, harassment, safety, or define your own
• Welcome text — reassure reporters before they submit (a sensible default is pre-filled)
• Data retention period — 12, 24, 36, or 60 months, then auto-deleted

Your portal is live instantly at a unique URL. No deployment, no waiting.

ethicsportal.eu

2. Share the link (1 minute) #

Every portal gets a shareable link and a QR code. Put the QR code in break rooms, bathroom stalls, the employee handbook, onboarding packs. Employees access the portal from any browser — no app, no account, no company network required.

ethicsportal.eu

3. Start managing cases #

When a report comes in, you get an email notification. From the dashboard:

• Read the full report — description, category, and uploaded files
• Acknowledge receipt — the Directive requires this within 7 days. EthicsPortal tracks the deadline and flags overdue cases automatically
• Communicate with the reporter — secure two-way messaging via access code. The reporter stays anonymous, your handler names are never revealed
• Provide feedback — the Directive requires this within 3 months. Tracked automatically
• Assign, triage, add internal notes — route cases to the right handler, add notes invisible to the reporter
• Export to PDF — generate a complete case file for legal review, auditors, or compliance documentation
• Log external reports — received a report by phone, email, or in person? Create it manually so everything lives in one place

ethicsportal.eu

What reporters experience #

The reporter’s experience matters because it determines whether people actually use the channel.

• No account, no app, no login. Just a browser on any device — including a personal phone on mobile data
• Fully anonymous by default. No IP logging. File metadata (EXIF, GPS, author) stripped automatically before storage
• Optional identity disclosure. Reporters can share their name if they choose to — it’s never required
• Access code for follow-up. After submitting, the reporter gets a code (WB-XXXX-XXXX) to check back for updates and respond to handler messages
• Handler names are never shown. The reporter sees “Case handler” — nothing more

ethicsportal.eu

What’s under the hood #

Every technical decision serves one purpose: keeping you compliant and your reporters protected.

• Encrypted at rest. All report data is encrypted in the database
• Virus scanning. All uploaded files are scanned for malware server-side. Infected files are removed automatically
• Immutable audit trail. Every action is logged and cannot be edited or deleted. Auditors get who did what, when
• Automatic deadline tracking. 7-day acknowledgment and 3-month feedback deadlines with overdue notifications
• EU-hosted. Hetzner servers in Nuremberg, Germany. No data leaves the EU
• No tracking. No IP logging, no analytics cookies, no third-party scripts on the reporting portal

Deploy your reporting channel #

Set up your reporting channel in minutes. All features included in a single plan.

Deploy your reporting channel