DATA SECURITY AND PROTECTIONKeeping your data safe
When it comes to regulatory compliance, data protection is critical. Trustlinks is built with the highest security standards to safeguard your organisation’s sensitive information across all compliance processes.Â
Security by design
Placing your organisation’s compliance processes in a new platform requires confidence. That’s why data security is at the core of Trustlinks. Our system is built with multiple layers of protection to safeguard sensitive regulatory data, operational information, and all assets connected to your compliance work.
How we protect your data
Our platform is engineered to protect sensitive regulatory and operational information with industry-leading safeguards, ensuring full resilience and confidentiality. Trustlinks protects your data through:
- Encryption in transit and at rest
- Daily, encrypted backups
- 24/7 monitoring of servers
- Intrusion detection systems
- Perimeter firewall
- TLS encryption for inter-server communication
- Regular penetration testing
- ISO 27001 certified
- Data hosted in EU
- Automatic data retention & deletion policies
- Configurable retention times
- Single Sign-On (SSO)
- Multi-factor authentication
- Granular role permissions
- Tamperproof log
- No ID logging of whistleblowers
- Metadata removal
- Data export controls
- Legal hold functionality
- Privacy-by-design architecture
- Vendor risk audits & compliance reporting
Hosted in the European Union
Trustlinks is Swedish-owned and operates exclusively on EU-based servers. Keeping data within the European Economic Area (EEA) ensures GDPR compliance and maintains the highest standards of data protection.
ISO 27001 security standard
Trustlinks is developed and operated by a Swedish company, Whistleblowing Solutions, certified to the ISO/IEC 27001 standard for information security management.
This certification demonstrates our commitment to protecting data, managing security risks, and maintaining robust technical and organisational controls. It ensures that information security remains central to our product development and operations.
GDPR compliant
We host all data on EU-based servers to ensure full GDPR compliance and meet the highest standards of data protection.
Your information is stored securely and automatically deleted according to GDPR-defined retention periods, giving you one less thing to manage. For full details, see our Privacy Notice.
TRUSTLINKS IN DETAILSee how it can work for your business
Let's talk
Have questions about data security or compliance? Our team can guide you through technical safeguards, platform controls, and how Trustlinks helps you meet regulatory requirements.
Annelie Demred
Frequently asked questions about Trustlinks data security
How does Trustlinks protect customer data?
Trustlinks uses a combination of technical, organisational and administrative security measures to protect customer data, including secure infrastructure, access controls, encryption and continuous monitoring.
Is data encrypted in Trustlinks?
Yes. Data in Trustlinks is protected using encryption both in transit and at rest, helping ensure that information remains secure when it is stored or transmitted.
Where is Trustlinks data hosted?
Trustlinks uses secure hosting within the EU to ensure data protection, reliability and compliance with applicable European data protection and security requirements.
Who can access data stored in Trustlinks?
Access to data is strictly controlled using role-based permissions. Only authorised users can access information, and access levels can be managed to align with organisational responsibilities.
Does Trustlinks support compliance with GDPR and security regulations?
Yes. Trustlinks is designed to support compliance with GDPR and other regulatory requirements by providing secure data handling, access controls, audit trails and clear documentation.
How does Trustlinks support audit and security reviews?
Trustlinks maintains structured records, logs and documentation that support internal reviews, external audits and security assessments, helping organisations demonstrate how data is protected.
How is customer data isolated between organisations?
Each organisation’s data in Trustlinks is logically separated to ensure confidentiality and prevent unauthorised access between customers.
How does Trustlinks handle incidents and vulnerabilities?
Trustlinks has processes in place to detect, manage and respond to security incidents and vulnerabilities, helping minimise risk and ensure timely remediation when issues are identified.
Does Trustlinks follow recognised security standards?
Yes. Trustlinks is ISO/IEC 27001 certified, demonstrating our commitment to internationally recognised standards for information security management and data protection.
