Disclosurely
Go to Disclosurely

anonymous-reporting

Anonymous Reporting

Disclosurely's anonymous reporting system provides military-grade encryption and secure two-way communication to protect whistleblowers.

Key Features

End-to-End Encryption

  • AES-256-GCM encryption for all report data
  • Organization-specific encryption keys
  • Zero-knowledge architecture - we cannot read your reports

Secure Two-Way Messaging

  • Communicate with reporters without revealing identities
  • Encrypted message threads
  • File attachments supported
  • Real-time notifications

Anonymous Access Codes

When a report is submitted:

  1. Reporter receives a unique 8-character access code
  2. Code is stored as a one-way hash (cannot be reversed)
  3. Reporter uses code to check status and respond to messages
  4. No personal information required

How It Works

For Whistleblowers

  1. Visit your organization's reporting portal
  2. Fill out the report form (no login required)
  3. Receive an access code via email or display
  4. Save the code securely
  5. Return anytime to check status or send messages

For Case Handlers

  1. New reports appear in your dashboard
  2. Review report details and attachments
  3. Assign to team members
  4. Communicate via secure messaging
  5. Update status and add internal notes

Security Features

Data Protection

  • All data encrypted at rest and in transit
  • PII automatically redacted when using AI features
  • Server-side encryption keys separate from data
  • Regular security audits

Privacy Controls

  • IP address logging disabled by default
  • No cookies or tracking for reporters
  • Optional location data (if provided)
  • GDPR & SOC 2 compliant

Custom Domains

Use your own domain for maximum trust:

  • report.yourcompany.com
  • whistleblow.yourcompany.com
  • Full SSL/TLS support
  • No visible Disclosurely branding

Best Practices

For Organizations

  1. Promote awareness - Share your reporting URL widely
  2. Respond promptly - Acknowledge reports within 24 hours
  3. Maintain confidentiality - Limit access to case handlers only
  4. Follow up regularly - Keep reporters informed of progress

For Whistleblowers

  1. Save your access code - Store it securely (password manager recommended)
  2. Provide detail - More information helps investigators
  3. Include evidence - Upload supporting documents/images
  4. Check back - Monitor for responses from case handlers

Compliance

Disclosurely meets the requirements of:

  • EU Whistleblowing Directive (Directive 2019/1937)
  • UK PIDA (Public Interest Disclosure Act)
  • SOX Section 301 (Sarbanes-Oxley)
  • GDPR (General Data Protection Regulation)
  • ISO 27001 information security standards

FAQ

Can reports truly be anonymous?
Yes. Our zero-knowledge encryption means we cannot identify reporters, even if compelled by law.

What if I lose my access code?
Unfortunately, codes cannot be recovered. This ensures true anonymity. You can submit a new report if needed.

Can my IP address be traced?
We do not log IP addresses for report submissions. For additional privacy, reporters can use VPN or Tor.

How long are reports stored?
Reports are stored according to your organization's retention policy (default: 7 years for compliance).

anonymous-reporting | Disclosurely Docs