We buy our computing capacity from Hetzner. Specifically, these servers are located in Nuremberg, Germany. The servers are run by our administrators and only we have access.
The data is stored in a MariaDB. Our MariaDB database is configured to encrypt the data with keys from konfidal. That means only the running program code of the konfidal app and the two konfidal superadmins can decrypt the data.
Even if an employee of the data center where the konfidal app is hosted physically read the hard drives, he would not be able to decrypt the data.
Our CTO and lead developer Frederik Wegner is involved in every step of the development. No development step is blindly handed over to external parties.
This means that if you choose konfidal, all you have to do is trust us. If you cannot trust us, then we recommend that you run open source whistleblowing software yourself. If you are interested, we can also advise you on this.
In fact, people are the greatest security risk in most systems. That's why there are only two employees at Konfidal (for redundancy in the event of a failure) with the highest level of authorization. These employees are trained in IT security and also follow high standards in private life in order to offer as few attack vectors as possible.
As demonstrated by the Log4J incident, one is never perfectly safe and an incident can always occur. Therefore, a fast response time is the key to safety here.
We are always up to date on the latest cyber security developments and can act immediately thanks to our agile in-house development team.
Depending on which version of the konfidal app you use, we can view different parts of the data. If you use konfidal free or business, our super admins can view all the data. This is very normal and almost always the case for proprietary closed-source applications. If you use konfidal enterprise, then we offer to setup full end-to-end encrypted communication between users so that even our superadmins would have no access to this data. Through further development and research we may eventually be able to offer end-to-end encryption for our entire product range.
We run an audit log for our database. These logs ensure that no unnoticed access is made to the data. If you are interested, you can request these logs at any time.
First and foremost, it is important that the whistleblower himself takes care not to disclose any information that reveals his identity. That's why the app gives informative warnings to alert the whistleblower.
Some technical features support anonymity. For example, the usual metadata is removed from image and pdf files when they are uploaded, so as not to reveal the time and place the file was created. We can also distort the user's voice in voice messages.
Because anonymity is not mandatory according to the regulations. So far, however, we have not placed any extraordinary focus on this functionality.
Are you interested in a perfectly anonymous reporting channel? Get in touch with us and we will discuss how the implementation can be made possible.
Internal company conflicts are processed in whistleblower systems. It is therefore quite possible that an attacker is the colleague next door. For this reason, you will be automatically logged out if you are inactive.
Consent banners are annoying. For this reason we have decided not to use personal tracking. Our website analytics are completely anonymous. This also makes it GDPR-compliant.