Integrity Line HomeSecurity

The EQS Integrity Line whistleblowing hotline: secure and certified

As a RegTech company which offers software products for the compliance and investor relations industries, IT security is the top priority at EQS Group.

Our EQS Integrity Line whistleblowing hotline therefore conforms to the highest standards of IT security and data protection.

TP Penetration TestISO 27001 CertifiedGDPR Independantly verified by PWC Global Auditors

Certified data security

Both EQS Group and our data centres are certified according to ISO/IEC 27001, which guarantees high security standards.

With the information security management system (ISMS) established in this context we have created binding processes and responsibilities across all areas of the company - from IT development to system support - thereby protecting confidential data from misuse, loss and disclosure.

Hinweisgeber bleiben auf Wunsch anonym
ISO 27001 certified
ISAE 3000 Type I

ISAE 3000 certified data protection

The EQS Integrity Line whistleblowing hotline ensures that your organisation fully complies with European data protection requirements and the EU Whistleblowing Directive (GDPR compliant).

An external audit conducted by PwC has certified EQS Integrity Line to the ISAE 3000 Type 1 standard, which upholds high standards of personal data processing and protection.

Top marks for end-to-end encryption

We regularly earn top scores for our secure end-to-end data encryption and for using the strongest ciphers and secure mechanisms when handling keys.

Hinweisgeber bleiben auf Wunsch anonym
Top marks for end-to-end encryption
Integrity Line accessibility
EQS Integrity Line is accessible

Compliant with Web Accessibility Guidelines

EQS Integrity Line complies with the Web Accessibility Guidelines. That means that the system can also be used by people who are for examply visually impaired.

Anonymity thanks to high-security encryption

Your report and case data are encrypted at all times. We use the latest encryption algorithms and SSL certificates, meaning that EQS Group can at no time access your or your whistleblowers' data.

In addition to complete anonymity for the whistleblower, the EQS Integrity Line enables an anonymous dialogue between the whistleblower, case handler and external experts. The system does not employ any tracking mechanisms on users.

Hinweisgeber bleiben auf Wunsch anonym
EQS Group can at no time access your or your whistleblowers' data
Environmental management ISO 14001

ISO 14001 certified data centre

Our data centre in Munich East is ISO 14001 certified and relies 100% on green electricity from renewable sources (sun, wind, water and biogas) for its operation. The use of CECC (Combined Energy and Cooling Cells) has also helped to reduce energy consumption for cooling and operation by 70%.

Modern firewalls for greater protection

We use a web application firewall in addition to our standard firewall. If the firewall detects suspicious or dangerous patterns, it blocks further communication. This provides the platform with additional protection against SQL injections or XSS attacks.

TP Penetration Test
Penetration test certified

Proven system security

EQS Group regularly carries out external penetration tests to verify our high levels of IT security.

As part of this process, both the user interface and case management are checked in detail with regards to:

  • Threat analysis in accordance with OWASP 10 vulnerabilities
  • Test of cryptography, architecture and system design
  • Session and identity management
  • Authorisation concepts

Transparency in cloud computing

EQS Groups promotes transparency and compliance when it comes to security in the cloud.

This is why we adhere to the STAR Registry program of the Cloud Security Alliance for the Integrity Line. For more information see here.

Hinweisgeber bleiben auf Wunsch anonym
Transparency in cloud computing

Comprehensive protection

Additional security is guaranteed through daily backups which are stored for several years in geographically distributed data centres.

Regular backup tests are carried out to ensure that no data is lost, even in the event of a emergency.

Application security & access controls

Two-factor authentication

It is better to be safe than sorry. This is why EQS has included an additional security level to the EQS Integrity Line whistleblowing hotline - login with two-factor authentication as standard.

Standardmäßig Login per Zwei-Faktor-Authentifizierung
Login with two-factor authentication as standard

Single Sign On

Single sign-on enables caseworkers to seamlessly transition between different applications, creating efficiencies.

OpenID Connect enables simple, state-of-the-art authentication and authorisation of caseworkers and administrators.

Authorisation concepts

Granular authorisation concepts mean that the need-to-know principle is firmly in play. Working in tandem with our automatic case routing, caseworkers are only authorised for countries and case categories for which they are explicitly responsible. In line with duty segregation requirements, administrators can also be clearly divided according to their responsibilities in the user and system administration. Dual control can also be configured to ensure better monitoring of critical functions.

Individual policies

The EQS Integrity Line whistleblowing hotline adapts to your organisation - password settings and other rules can be customised to meet your individual requirements.

EQS Integrity Line Backend

Convinced by EQS Integrity Line?

Configure your whistleblowing hotline now and get in touch!