Data in the Legalsys whistleblower portal are stored in a European data centre at Amazon Web Services - AWS. AWS is a European subsidiary of the American Amazon Web Services and data are stored according to an agreement between Legalsys and the European subsidiary. AWS has data centres in Ireland, Germany, France and Sweden, and although AWS is an American-owned company, the data centres in the EU/EEA are operated by AWS, which is subject to the European Personal Data Regulation etc. It is part of Legalsys' agreement with AWS that data must be located in an EU/EEA country - i.e. a country in Europe - and may not be transferred outside the EU/EEA at any time.
All countries in the EU/EEA are subject to the General Data Protection Regulation and have the same minimum requirements for the protection of personal data.
Although AWS is owned by a large American company with many data centres, Legalsys is entitled and AWS is obliged to ensure that data are stored in the agreed data centre at all times, and Legalsys can verify this at any time.
Legalsys’ data are encrypted immediately upon receipt, when transmitted, when stored in Legalsys’ whistlerblower portal and up to the user's web browser. All personally identifiable data, images and documents in the Legalsys whistleblower portal are automatically encrypted.