Extern utredare?Logga inProva gratis
GDPR-compliant
EU-hostad
AI-driven
5 min setup

Acceptable Use Policy

Last updated: October 31, 2025

1. Introduction

This Acceptable Use Policy ("Policy") governs your use of the Whistla Platform and services. By using the Platform, you agree to comply with this Policy.

Scope: This Policy applies to:

  • Company users (employees, administrators, case managers)
  • External investigators using the Marketplace
  • Whistleblowers submitting reports
  • Any person accessing the Platform

2. Acceptable Uses

✅ Permitted Activities

  • Managing whistleblowing reports and investigations
  • Creating and maintaining compliance policies
  • Conducting workplace investigations
  • Communicating with whistleblowers and witnesses
  • Storing investigation evidence and documentation
  • Tracking case timelines and outcomes
  • Generating compliance reports
  • Training employees on whistleblowing procedures
  • Accessing External Investigators for conflict-of-interest situations

3. Prohibited Activities

❌ Illegal Activities

The following activities are strictly prohibited and may result in immediate account suspension or termination:

  • Using the Platform to commit or facilitate crimes
  • Money laundering or terrorist financing
  • Fraud, embezzlement, or theft
  • Bribery or corruption
  • Harassment, stalking, or threats
  • Child exploitation or abuse
  • Violating GDPR or other data protection laws
  • Violating employment laws

❌ Retaliation and Intimidation

Retaliation against whistleblowers is illegal under EU Directive 2019/1937 and Norwegian law:

  • Firing, demoting, or disciplining whistleblowers
  • Threatening or intimidating whistleblowers
  • Harassing or bullying whistleblowers
  • Revealing whistleblower identity without consent
  • Creating a hostile work environment for whistleblowers

We will report suspected retaliation to appropriate authorities and terminate accounts of retaliators.

❌ System Abuse

  • Attempting to gain unauthorized access to accounts or data
  • Hacking, cracking, or penetration testing (without permission)
  • Introducing viruses, malware, or harmful code
  • Denial-of-service (DoS) attacks
  • Exploiting security vulnerabilities
  • Circumventing access controls or security measures
  • Using automated tools to scrape or download data
  • Reverse engineering or decompiling the Platform

❌ False Reports

Submitting knowingly false or malicious reports is prohibited:

  • Making up allegations to harm others
  • Exaggerating or distorting facts
  • Reporting trivial issues as serious misconduct

Note: Good-faith reports that turn out to be incorrect are NOT prohibited. Only intentionally false reports are a violation.

❌ Breach of Confidentiality

  • Sharing case details with unauthorized persons
  • Posting case information on social media
  • Discussing investigations in public forums
  • Leaking whistleblower identities
  • Using case information for personal gain

4. Reporting Violations

4.1 How to Report

If you witness a violation of this Policy, please report it immediately:

Email: abuse@whistla.io

Subject Line: AUP Violation Report - [Brief Description]

Include:

  • Your name and contact information (confidential)
  • Description of the violation
  • Date and time of violation
  • Evidence (screenshots, links, logs)
  • Names of individuals involved (if known)

4.2 What We Do

Upon receiving a report:

  1. Acknowledge receipt within 24 hours
  2. Investigate the alleged violation (1-7 days)
  3. Take Action if violation is confirmed
  4. Notify Reporter of outcome (if appropriate)

5. Enforcement and Consequences

5.1 Consequences for Violations

Warning

First-time minor violations - Written warning sent via email

Temporary Suspension

Repeat violations - Account suspended for 7-30 days

Permanent Termination

Severe violations (illegal activity, retaliation, fraud) - Account permanently deleted, no refund

Legal Action

Criminal activity reported to law enforcement, civil lawsuits for damages

5.2 Appeals Process

If your account is suspended or terminated, you may appeal:

  1. Email appeals@whistla.io within 14 days
  2. Provide account information and explanation
  3. Include evidence supporting your position
  4. We will review within 7 days
  5. Decision is final

6. Whistleblower Protections

Special Protections

If you are a whistleblower reporting misconduct through the Platform, you are protected by:

  • EU Directive 2019/1937
  • Norwegian Whistleblower Protection Act
  • This Acceptable Use Policy

Your Rights:

  • Report anonymously (identity never required)
  • Protection from retaliation
  • Confidentiality of your identity
  • Access to remedies if retaliation occurs

Reporting Retaliation

If you experience retaliation after making a whistleblowing report:

  1. Report to your organization's whistleblowing system
  2. Report to ICM AS: retaliation@whistla.io
  3. Report to Norwegian authorities: Arbeidstilsynet (Norwegian Labour Inspection Authority)
  4. Consult a lawyer (you may be entitled to compensation)

7. Contact Information

Policy Questions

legal@whistla.io

Report Violations

abuse@whistla.io

Report Retaliation

retaliation@whistla.io

Security Issues

security@whistla.io

Platform IP Owner: SAAZLY FZCO (License No. 23488, Dubai, UAE)

Company: ICM AS | Organization Number: 995 372 304 | VAT Number: NO 995 372 304 MVA

ICM AS distributes the Whistla platform in Europe. The platform is owned and developed by SAAZLY FZCO and licensed to ICM AS.

Acceptable Use Policy | Whistla.io