Trusty Whistleblowing Solution

常见问题

Why do we need a whistleblowing channel?

If your organisation has more than 50 employees, you are required to implement internal channels for reporting breaches to comply with the EU Whistleblower Protection Directive and equivalent regulations in the US and other jurisdictions. It also just makes sense. Protecting whistleblowers and organisations, promoting a speak-up culture and dealing with problems internally will substantially decrease costs of any reported breaches and reduce negative publicity.

How does signing up to Trusty help?

When you sign up to Trusty, you will have your internal reporting channel set up in a matter of minutes — easier and faster than setting up an email account or telephone line. Trusty handles documentation, acknowledgements, follow-up deadlines, confidentiality controls, and access restrictions automatically.

What exactly is included in Trusty?

Trusty has two parts: a reporting channel for whistleblowers and a case management tool for your team.

The reporting channel is a secure web page where employees and stakeholders can submit reports — anonymously or identified, their choice — and access a private inbox for secure follow-up communication with your designated responders (Standard and Advanced plans). The login credentials for the inbox are shown on screen when a report is submitted, so reporters can note them down without needing to provide an email address.

The case management tool lets you categorize reports, track status and follow-up, set retention periods, write notes, attach files, and communicate securely with reporters (Standard and Advanced plans).

Does Trusty support Cybersecurity Vulnerability Reporting under NIS2?

Yes. Cybersecurity Vulnerability Reporting is available on the Advanced plan, providing a dedicated secure channel for responsible disclosure from employees, researchers, or external partners — running on the same ISO 27001-certified infrastructure as the whistleblowing channel.

Where is Trusty hosted and how secure is it?

Trusty is hosted in a high-security data centre in Germany, certified to the ISO 27001 standard and provided by Hetzner Online GmbH. We use advanced encryption and conduct regular third-party penetration tests.

What languages are supported?

The reporting channel supports all languages. The case management tool is available in: Bulgarian, Czech, Danish, Dutch, English, Estonian, Finnish, French, German, Greek, Croatian, Hungarian, Irish, Italian, Latvian, Lithuanian, Norwegian, Polish, Portuguese, Romanian, Russian, Slovak, Slovenian, Spanish, and Swedish.

Localised whistleblowing policies reviewed by partner law firms are available for Germany, Italy, Spain, Poland, Czechia, and Slovakia.

What plans are available and what do they cost?

Trusty offers three plans, all billed annually. A 7-day free trial is available on all plans.

• Lite: For organisations that only need to receive and document reports. Includes a secure reporting channel, tamper-proof documentation, and read-only report list. Does not include case management, whistleblower inbox, or two-way dialogue.
• Standard: Everything you need to actively manage whistleblowing cases including case management, secure two-way whistleblower dialogue, whistleblower inbox, guided reporting questionnaire, email notifications, and 2FA.
• Advanced: Everything in Standard, plus unlimited users, all languages, role-based permissions, custom branding, supply-chain reporting, advanced workflows, dashboards, Cybersecurity Vulnerability Reporting (NIS2 Directive), and 24-hour support.

Full details and pricing at https://trusty.report/plans/

What do I get when I sign up?

Once you sign up you will receive the unique URL of your Trusty reporting channel (for example, https://yourcompany.trusty.report) together with a link to set your password. These details are shown directly in WordPress and also sent to your registered email address.