Privacy & Security

1. Information We Collect

We collect only the information necessary to provide our services effectively. This may include:

• Contact information (name, email, phone number) for service inquiries
• Business information for consulting and corporate services
• Technical data (IP address, browser type) for security and service improvement
• Anonymous usage data for platform optimization

For whistleblowing services, we do not collect or store any personally identifiable information unless voluntarily provided.

2. How We Use Your Information

Your information is used exclusively for:

• Providing and improving our services
• Responding to inquiries and support requests
• Processing business transactions and contracts
• Complying with legal obligations
• Sending service-related communications (with your consent)

We never sell, rent, or share your personal information with third parties for marketing purposes.

3. Data Protection & Encryption

We employ industry-leading security measures to protect your data:

• 256-bit SSL/TLS encryption for all data transmission
• End-to-end encryption for sensitive communications
• Secure data centers with 24/7 monitoring and redundancy
• Regular security audits and penetration testing
• Multi-factor authentication for account access
• Encrypted backups with geographically distributed storage

4. Confidentiality Commitment

Our whistleblowing platform guarantees:

• Complete anonymity - no IP logging or tracking on secure channels
• Zero-knowledge architecture - we cannot access encrypted content
• Secure communication channels with no metadata retention
• Legal protection and guidance for whistleblowers
• Strict internal access controls with audit trails

5. Data Retention

We retain personal data only as long as necessary to fulfill the purposes outlined in this policy or as required by law. You may request deletion of your data at any time by contacting our privacy team. Whistleblowing reports are retained according to legal requirements and case resolution timelines, with all personally identifiable information removed upon case closure.

6. Your Rights

Under GDPR and applicable data protection laws, you have the right to:

• Access your personal data
• Correct inaccurate or incomplete data
• Request deletion of your data
• Object to processing of your data
• Data portability (receive your data in a structured format)
• Withdraw consent at any time

To exercise these rights, contact our Data Protection Officer at privacy@confidewaysglobal.com.

7. Cookies & Tracking

We use essential cookies to ensure proper functioning of our website. Analytics cookies (with your consent) help us improve user experience. You can manage cookie preferences through your browser settings. Our whistleblowing platform does not use any tracking cookies or analytics to preserve complete anonymity.

8. Third-Party Services

We may use trusted third-party service providers for specific functions (e.g., payment processing, email delivery). These providers are contractually bound to protect your data and use it only for specified purposes. We conduct due diligence on all third parties to ensure they meet our security standards.

9. International Data Transfers

As a global organization, we may transfer data across borders. All international transfers comply with applicable data protection laws and are protected by appropriate safeguards, including Standard Contractual Clauses approved by regulatory authorities.