WHITEBOX
Grievance Mechanism
Data Protection & Privacy
Your data is safeguarded in transit with TLS and at rest through RDS AES-256.
We use automated vulnerability testing, and continuous monitoring technologies to test for and close any security gaps.
Our app utilises the servers of Amazon Web Services (AWS), which supports over 140 security standards and compliance certifications.
Our app runs on a SOC 2 Type II compliant software infrastructure service that conducts penetration tests annually (at minimum) following the comprehensive OWASP WSTG.
Data is shared with organisations participating on WhiteBox under strict rules. Likewise our own staff members are under strict confidentiality obligations, only have access to data when necessary, and access is logged and controlled.
We only share relevant data with sub-processors when it is necessary for the fulfilment of the assignment given to us, and under strict rules. We only use the services of reliable third parties (with compliant and adequate security practices).
Prioritising responsible data management as a cornerstone of continuous innovation, we uphold the value of personal data for our platform and users by meeting their expectations: ensuring data is handled with care, maintained accurately and completely, and securely destroyed when no longer needed. This commitment not only enhances our services but also builds and sustains user trust, setting us apart in the market.
WhiteBox embeds confidentiality and privacy into every aspect of our services. Protecting privacy is essential to building an effective and trusted grievance mechanism, from the initial report to resolution and beyond. We ensure that user expectations for confidentiality are met, forming the backbone of a secure and reliable grievance experience.
We have a specific objective in mind when collecting, using, or handling personal data that is consistent with our objectives and values. We collect and use only the amount of personal data we need for approved and lawful purposes.
We are forthright about the personal data we collect and how we’re using and sharing it. Furthermore, we give users clear choices about their privacy and controls that are easy to use so that they can manage their data.
Here you can find all the information regarding our practices regarding the handling of your personal data. Your personal data's protection and your privacy rights are paramount to us. It is very important to us that you feel safe during your visit to our website, while using our services, and over the course of all other interactions and transactions with us. Should you have any inquiries or doubts regarding this policy or how we handle your personal data, please get in touch at [email protected] . This main document is complemented by service or region specific addendums which you can access through the main document as well as through the below section.
[rcb-consent type="change" tag="a" text="Cookie settings"]
[rcb-consent type="history" tag="a" text="Cookie settings history"]
[rcb-consent type="revoke" tag="a" text="Revoke consents for cookies" successmessage="You have successfully revoked consent for services with its cookies and personal data processing. The page will be reloaded now!"]