Data recorded in the Legalsys whistleblower portal are stored in a European data center administered by Amazon Web Services (AWS). AWS is a European subsidiary of the American Amazon Web Services, and data are stored according to agreement between Legalsys and the European subsidiary. AWS has data centers in Ireland, Germany, France and Sweden, and even though AWS is a US-owned company, the data centers in the EU/EEA are operated by AWS, which is subject to the EU General Data Protection Regulation (GDPR), etc. According to the agreement between Legalsys and AWS, the recorded data must be stored in an EU/EEA country, meaning a country in Europe, and may not be moved outside the EU/EEA at any time.
All countries in the EU/EEA are subject to the EU General Data Protection Regulation (GDPR).
Even though AWS is owned by a large American company with numerous data centers around the world, Legalsys is lawfully entitled and AWS is obligated to have the data stored in the agreed data center at all times, and Legalsys is entitled to obtain verification hereof at any time.
Legalsys’ data are fully encrypted from the moment data are received, when it is transmitted, when it is stored in the Legalsys whistleblower portal and through to the user’s web browser. All personally identifiable data, images and documents in the Legalsys whistleblower portal are automatically encrypted.