Whistleblowing

Anonymous Internal Reporting Platform

Whistleblowing (reporting of irregularities or public interest disclosures) is the act by which an employee or a person associated with an organization reveals information about illegal, unethical, or inappropriate practices within the organization.

The Nature of the Information

Such information may concern:

  • Corruption or bribery
  • Violations of laws and regulations
  • Mismanagement or abuse of power
  • Risks to public health or safety
  • Manipulation of financial data or tax evasion

The Nature of Whistleblowers

Whistleblowers may be employees, former employees, associates, or anyone with access to such information. Disclosures may be made internally (within the organization) or externally (to authorities, the media, or independent bodies).

Legal Framework

In the European Union, Directive 2019/1937 establishes a common protection framework for those who disclose irregularities. In Greece, the legal framework is covered by Law 4990/2022, which provides protection for whistleblowers against retaliation, such as dismissal, intimidation, or adverse treatment.

Requirements of Law 4990/2022

Number of Employees

Private and public sector entities employing fifty (50) or more employees are required to appoint an Internal Reporting Officer (Υ.Π.Π.Α.).

Reporting Channel

Mandatory establishment of internal reporting channels.

Appointment of Internal Reporting Officer (ΥΠΠΑ)

Obligation to designate a Responsible Officer for Receiving & Monitoring Reports.

Whistleblower Protection

Any individual making a disclosure that falls under the scope of the law is entitled to protection under specific conditions.

Confidentiality Obligation

Entities must comply with confidentiality rules regarding data.

Personal Data

Entities must ensure the protection of personal data by implementing all necessary technical and organizational measures as required by the data protection regulatory framework.

TalkNow Platform Services

We provide the most comprehensive solution in the market through the TalkNow platform, ensuring full compliance with Law 4990/2022.

This solution includes both the technical specifications and the legal advice and services required for a complete system that fully meets regulatory requirements.

Reporting Policy

Drafting of a Reporting Policy for disclosure to all stakeholders.

Appointment of ΥΠΠΑ

Designation of the Responsible Officer for Receiving and Monitoring Reports.

Training

Training of the Responsible Officer and employees.

Consulting Services

Provision of consulting and legal support to the ΥΠΠΑ.

Code of Conduct

Drafting of a Code of Conduct for all stakeholders.

Protection

Effective protection of both whistleblower and reported parties.

User Manuals

User manuals for the Responsible Officer and employees.

Whistleblowing Platform

Installation, initial configuration, questionnaire setup, user management.

Platform Hosting

Hosting on secure servers within the EU.

Backup

Backup services to ensure continuous platform operation.

E-Learning Course

E-learning module in SCORM format, eliminating the need for in-person training of new employees.

LMS Platform

Option to provide a training platform for the e-learning course and beyond.

Why Choose TalkNow

100% Compliance with Law 4990/2022

TalkNow fully complies with all requirements of Law 4990/2022 both legally and technically.

Our Certifications, Your Security

TalkNow is certified under ISO 9001:2015, 27001:2013, 27701:2019, 22301:2019, 45001:2018, and 14001:2015.

GDPR Compliance

TalkNow implements all necessary technical and organizational measures for the protection of personal data.

Ease of Use

The TalkNow platform offers simple navigation and functionality, both for end-users and the Responsible Officer.

Platform Features

  • Easy management via Web Browser
  • Support for more than 90 languages
  • RTL (right-to-left) language support
  • Customizable appearance (logo, colors, styles, text)
  • Option for anonymous or named reporting
  • File exchange between whistleblower and Responsible Officer
  • Chat option between whistleblower and Responsible Officer
  • Creation of complex questionnaires
  • Reporting system statistics
  • Simple process for report reception and analysis by the Responsible Officer
  • Categorization of reports with tags
  • Predefined questionnaires for legal compliance
  • Conflict-of-interest management in reporting workflows
  • Guaranteed authorization for accessing whistleblower identity
  • Compliance with ISO 37002 and EU Directive 2019/1937
  • Data retention policies in line with GDPR
  • No IP address logs
  • No traces in browser cache
  • Full protection against automated submissions (spam)
  • Continuous evaluation through periodic security audits
  • Full encryption of all data

Questions & Answers

Private sector entities employing fifty (50) or more people, regardless of the nature of their activities or the duration of each employee’s employment during the year.

 

Businesses falling under the law must establish all necessary reporting channels in line with Law 4990/2022. Among these is the option of implementing an anonymous reporting platform, such as TalkNow. They must also appoint a Responsible Officer for Receiving & Monitoring Reports (ΥΠΠΑ), who may be an employee or an external partner.

Anonymity in TalkNow is guaranteed through full platform encryption, database file encryption, and the fact that the user does not enter any personal details (not even an email for follow-up communication). Follow-up is conducted using a unique 16-digit code assigned to the report. If this code is lost, it cannot be recovered, and communication will no longer be possible.

Reports can only be accessed by the authorized Responsible Officer (ΥΠΠΑ) appointed by the company. Even TalkNow platform technicians cannot access them, since the reports are stored encrypted in the database and can only be decrypted by the Responsible Officer.

The data is stored in an encrypted database file. This file can only be decrypted by the Responsible Officer’s role.

Data encryption ensures whistleblower anonymity. Only if the whistleblower chooses, they may submit a named report.

Yes. The law framework also includes cases such as public procurement, environmental protection, transport safety, public health, consumer protection, etc. The platform can also be used for cases such as workplace violence, sexual harassment, or bullying, as it supports multiple reporting forms.

  1. The whistleblower logs into the platform and starts a report.

  2. Through the questionnaire, they choose whether the report will be anonymous or named.

  3. Upon submission, they receive a 16-digit code. This code is used for anonymous communication with the Responsible Officer.

  4. The Responsible Officer may request clarifications or evidence (optional).

  5. Communication continues until the report is fully documented (optional).

  6. Once sufficient evidence is gathered, the Responsible Officer informs the relevant body of the organization.

  7. The whistleblower is informed by the Responsible Officer about the progress of their report.

  8. Once completed, the report is deleted within the timeframe required by applicable regulations.