Cloud based hosting of whistleblowing solutions – why we choose GleSYS 

In this article, we’ll discuss the consequences of the Schrems II judgement and why companies must choose a European provider in order to fully comply with GDPR. We will also explain why Whistlelink has chosen GleSYS as our provider and hosting of whistleblowing solutions.  

New requirements for European organisations 

Since the implementation of the EU Whistleblower Directive on 17 December 2021, there have been new legal requirements for all organisations with over 50 employees. They must establish internal reporting channels (in other words, whistleblowing systems) and implement processes to follow up and act on incoming reports.  

For organisations with 250 or more employees, the implementation deadline of 17 December 2021 is already overdue. Smaller organisations with 50 to 249 employees must implement secure reporting channels before 17 December 2023.  But Klas Karlsson, CEO of Whistlelink, does not think companies will, or should, wait for the deadline.  

„Requirements in public procurement will most likely force smaller companies to act sooner. Having a safe and secure whistleblower solution in place will be necessary for any company looking for a competitive advantage,“ Klas says.  

A safe and secure whistleblowing service 

When the EU Whistleblowing Directive was adopted in 2019, Whistlelink decided to create a whistleblowing system that meets all the requirements of the EU Directive. This includes a user-friendly design, accessibility, as well as top-notch information and data security.  
 
When working with whistleblowing, trustworthiness and security are extremely important. This is the main reason for choosing GleSYS for the hosting of Whistlelink’s whistleblowing solutions. They are a leader in Cloud and IT Infrastructure as a Service in the Nordics, with data centers in Falkenberg, Stockholm and Oulu, Finland. 

„For a company offering whistleblower services, it is vital to actively work with information and data security. Whistlelink has a longstanding collaboration with GleSYS and we can trust them to meet all requirements that we expect from an infrastructure provider,“ Klas confirms.  

GleSYS, a leader in Cloud and IT Infrastructure as a Service in the Nordics 

GleSYS was founded in 1999 by Glenn Johansson, who remains the CEO and majority shareholder. All servers, along with the company’s head office, are located in Falkenberg. With continued steady growth, GleSYS is now one of the Nordic region’s leading sustainable server hosting and network infrastructure providers.  

GleSYS currently has customers in over 60 countries; however, its focus is still on the Nordic market. Thomas Engelbrektsson, Security Manager at GleSYS, points out the need for local alternatives. 

„We can see that the interest in local hosting solutions is higher than ever – largely due to lower climate impact and better information security. In addition, many people appreciate European data protection laws that protect their customers.“ 
 

GleSYS is certified according to ISO 14001 – Environmental Management, and all data centers run on 100% renewable energy. All excess heat from the data centers in Stockholm and Falkenberg is sent to the district heating network. By recycling the surplus energy, GleSYS can reduce the company’s and its customers’ climate footprint. 
 

Schrems II created a demand for European data solutions, including hosting whistleblowing solutions 

In July 2020, the European Court of Justice invalidated the EU-US Privacy Shield in the Schrems II judgement. This was the most widely used mechanism for transferring personal data between the EU and the US. According to the GDPR, the agreement did not provide sufficient protection for personal data due to shortcomings in US laws.   

The Schrems II judgement has implications for the entire European hosting market. Organisations that process personal data of European citizens can no longer use the Privacy Shield for data transfers outside of the EU/EEA. GleSYS is a safe alternative where you can trust your customers’ personal data will stay in Europe.  
 

Even without considering the Schrems II judgement, Whistlelink would have chosen GleSys for hosting of Whistlelink’s whistleblowing solutions, Klas says. He also acknowledges that in order to fully comply with the GDPR, a European data hosting solution is an absolute must. 

„We are continuously making improvements with regards to information and data security. GleSYS is also ISO 27001 – certified, which makes them the perfect partner to Whistlelink,“ Klas says.  

You can read more about sustainable IT services at www.glesys.com.  

Would you like to learn more about the EU Whistleblowing Directive or are you looking for a safe and secure whistleblowing solution? You can book a free demo to discuss a whistleblowing service for your organisation!