Hintbox IT Security & Data Protection

Our whistleblower system meets all IT security and data protection requirements. In particular, through our ISMS and secure Hintbox, all technical, organizational and regulatory requirements of the General Data Protection Regulation and the EU Whistleblower Directive (2019/1937) are fulfilled.


Our IT Security & Privacy Seal

Fox Certification
German Server Badge
End-To-End Encryption

Hintbox is ISO 27001 certified

We have made it our mission to be the safest and easiest whistleblowing system on the market. To do this, we must always pay attention to our certifications.

 Logo Pentest Factory

The Hintbox is regularly checked for security vulnerabilities

At regular intervals, we have the Hintbox checked by professional penetration testers. To ensure the highest level of additional security for our customers.

Last successful penetration test on 19.06.2023.

Colored Background

The protection of your data has the highest priority

Each Hintbox is a self-contained system. With isolated data storage and end-to-end encryption, your data is secure in its own database.

Our security promise

Rendition object (626)

Information Security Management System (ISMS)

We have implemented an ISMS in accordance with the requirements of ISO 27001 to comprehensively ensure the protection of your data. The scope of our ISMS is defined as follows:

"In-house development, deployment and operation of software solutions as a service for use by end customers."

Rendition object (626)

End-to-end encryption

Through our end-to-end encryption, all sensitive information and data, such as trade secrets, are encrypted in our whistleblower system.

This means that the data arrives on our servers already encrypted, so that neither we nor other third parties can read the information at any time.

Rendition object (626)

Regular auditing of the Hintbox by external auditors

The Hintbox is regularly audited positively by external companies. An IT security company performs penetration tests to verify the IT security of the Hintbox. This ensures that the Hintbox and your data are secure.

Download Pentest Summary

Rendition object (626)

Ensuring the integrity of the data through revision security

By using the highest and most modern encryption technologies and an audit-proof indexing of data entries and their changes, we also ensure data integrity in the Hintbox.

Rendition object (626)

Ensuring the availability of your data and information

The Hintbox our digital whistleblower system offers you an availability of 99.9% per year.

This ensures the availability of your data and information at all times.

Rendition object (626)

Ensuring anonymity

The Hintbox technically ensures the anonymity of a whistleblower in case of an anonymous report. No IP or MAC addresses, location data or other information that allows conclusions to be drawn about a data subject are stored.

Rendition object (626)

GDPR compliant data processing

Our Hintbox complies with the rules for processing personal data and thus complies with the General Data Protection Regulation. We process the personal data exclusively according to documented instructions and on your behalf as a processor.

Rendition object (626)

Data hosting at an ISO/IEC 27001 certified data center in Germany

All data of our whistleblower system is hosted in Germany in an ISO/IEC 27001 certified data center. There is no data hosting and no data transfer to countries outside the EU.

Rendition object (626)

Implementation of deletion specifications

All personal data in Hintbox can be deleted in accordance with the requirements of the General Data Protection Regulation and the EU Whistleblower Directive. This enables you to actually implement deletion requests and also deletion concepts in a legally compliant manner.

Rendition object (626)

Implementation of an authorization concept

Our Hintbox enables the implementation of an authorization concept. Only individual authorized persons are given access to the messages in the whistleblower system. In this way, you meet the requirements of data protection and ensure the necessary confidentiality.

Rendition object (626)

Ensuring the confidentiality of the data

We offer secure 2-factor authentication to every Hintbox user.

Each customer receives its own separate Hintbox instance, ensuring stringent separation and processing of data.

Rendition object (626)

Help and support

Of course, our customer support will assist you with all IT security and data protection concerns. We support you in the processing of data protection rights of data subjects. We also provide support, for example, in carrying out a data protection impact assessment, and much more.

Would you like a no-obligation consultation or more information about the Hintbox?

Then make an appointment with our experts or call +49 261 988 03 700