Before we describe our logging options we must understand that there are two different apps within our platform:

1. Whistleblowing app

2. Case management app


Whistleblowing app level

Our policy is to minimise logging at the Whistleblowing app since we must protect reporters. 

So, by default, we don't have any LOG collection feature at this level:

  • We don't collect digital footprints (IPs, cookies, device metadata, social media profiles, online shopping history, search engine queries, location data, public records, forum participation, cloud storage data, mobile app usage, e-commerce browsing behaviour, cloud-based email services, online gaming profiles, GPS data, biometric data from devices, smart home device data, voice assistant interactions, browsing history, and downloadable content etc.)
  • We don't use scripts which could potentially uncover reporters.
  • We don't use cookies or anything similar to it.

The minimum log contains events which are important for response teams to be able to react in due time:

  • report registration events,
  • comment events by reporters,
  • file upload events by reporters.

We must admit, despite we don't collect anything on the app level, there are still technical logs at the Web Application Firewall and Web server level. However, we made sure that these logs are:

  • restricted and not accessible by anyone below the board member level,
  • not giving possibilities to connect report events with logged events,
  • not stored by us and are automatically purged by third-party providers within a limited number of hours.


Case management app level

Our policy is to maximise logging at the Case management level since we must protect the confidentiality of data and the integrity of the platform.

In such a case we collect whatever is possible: IPs, cookies, scripts, actions etc.

Here we have several levels of logs:

  • In-app Activity Log
    • Available from the user interface for all case management users
    • Showing user actions and actions towards cases / tasks / files concerning a user
    • Showing user name and actions only
  • In-app Auditor / Admin Log
    • Available from the user interface for case management users with higher levels of access
    • Showing most user actions
    • Also used by our support team
    • Showing user name, IPs, locations, sessions, visits, actions.
  • Backend app Log
    • Not available for platform users
    • Used by our tech team in troubleshooting, performance improvement and code development
    • Used by the security team during information security incidents or self-assessments
  • Security tools (WAF etc) Logs
    • Not available for platform users
    • Used by the security team during information security management
  • Integrated infrastructure Log used by our 
    • Not available for platform users
    • Used by support / tech / security teams
  • Consolidated Security Events Log used by our SIEM
    • Not available for platform users
    • Used by support / tech / security teams


In the context of data management within a case management system, logs are retained for 12 months or until the end of the contract, whichever comes first. This retention period ensures compliance requirements are met while minimizing the risk of unnecessary data storage. This practice aligns with the principles of data minimization and purpose limitation, which are essential in modern compliance management.