Vendor information #
This page identifies the contracting party behind EthicsPortal and provides the baseline information typically requested during procurement, legal review, and DPA review.
Last updated: April 22, 2026.
Contracting party #
- Service name: EthicsPortal
- Operator / contracting party: Yaroslav Shmarov
- Business form: Sole proprietorship registered in Poland
- Registered address: ul. Obrzeżna 1A, 02-691 Warsaw, Poland
- Tax identification number (NIP): 5272755790
- Registration jurisdiction: Poland
- Commercial register number: Not applicable to a Polish sole proprietorship
Contracting and signatures #
- Authorized signatory for commercial agreements, DPAs, and security questionnaires: Yaroslav Shmarov
- Commercial contact: support@ethicsportal.eu
- Security contact: security@ethicsportal.eu
Current registry evidence and signed contracting documents are provided on request during procurement.
Procurement position #
- Customer relationship: In the standard subscription model, the customer is the controller and EthicsPortal acts as processor for customer report data.
- Primary hosting region: Nuremberg, Germany (EU)
- Public due-diligence documents: DPA, subprocessors, security, incident register, SLA, privacy, terms
- International transfers: Core whistleblower report data is hosted in the EU. Limited marketing-site and admin-side processing may involve specific published subprocessors outside the EU/EEA, currently Cloudflare and Honeybadger, as described in the DPA and subprocessors pages.
Assurance status #
EthicsPortal does not currently claim ISO 27001, SOC 2, or equivalent certification on this site. If that changes, the certification name, scope, and effective date will be published here.
Procurement materials #
If your procurement process requires a completed questionnaire, signed DPA, registry extract, tax proof, or written answers on operational controls, request them during procurement review.
Available materials may include:
- Signed DPA
- Registry evidence and NIP / tax proof
- Completed security questionnaire
- Backup and restore summary
- Privileged production-access summary
- Incident-response summary
- Business continuity and exit / export responses
See the procurement page for the public overview of what is available.
Continuity and exit #
EthicsPortal publishes the baseline public documents typically requested in smaller-vendor procurement: DPA, subprocessors, security, incident register, SLA, privacy, and terms.
If your review requires continuity, key-person-risk, or exit-planning answers, request written responses during procurement. Customer export and deletion commitments are described in the DPA.
Last updated: