Whispr is designed to keep intake, follow-up, and handling inside a controlled system
Access is limited by role and scope, reporter follow-up uses a dedicated mailbox model, and audit activity is recorded in the product.
Trust Center
Security, confidentiality, and access control for Whispr
Whispr is built to keep reporting, follow-up, and case handling inside a controlled environment. Buyers, privacy teams, and IT reviewers can use this page to see the controls in the product, the hosted stack, and the areas that remain contract-dependent.
Documented controls around cases, replies, exports, and legal hold
The platform includes role-aware access, audit events, case routing, legal hold enforcement, and separation between reporter-visible and handler-only activity.
Pair this page with DPA, subprocessors, retention, and your own governance review
Security is only one part of the decision. Teams should also confirm roles, retention rules, and operating responsibilities.
Reporter follow-up and internal handling are deliberately separated
In compliance mode, the product creates a dedicated reporter mailbox token and return code for secure follow-up. Internal notes, assignment actions, and administrative audit history stay separate from the reporter-facing thread.
- Written intake and handler-created oral intake are stored as structured cases.
- Reporter follow-up uses dedicated mailbox credentials rather than general email replies.
- Compliance cases include legal hold state and retention metadata fields.
Access is controlled by role, scope, and account state
Whispr uses role-aware permission checks in the admin application. Disabled users are blocked, team roles are normalized, and access can be limited by assignment or organizational scope depending on the product mode.
- Administrative actions use authenticated session tokens.
- TOTP-based 2FA endpoints exist for admin accounts and can be enforced by deployment settings.
- Compliance cases support assignment, reassignment, note creation, and export control through explicit handlers.
Current production stack is Cloudflare plus Resend, with Stripe only for billing if used
Provider
Role
Notes
ProviderCloudflare
RoleWorkers, KV, queues, custom domain provisioning
NotesPrimary application infrastructure and data storage layer
ProviderResend
RoleTransactional email delivery
NotesUsed for notifications and service email flows
ProviderStripe
RolePayment processing
NotesApplies only when billing functionality is in use
Data travels over managed infrastructure with transport encryption and platform protections
Whispr is deployed on managed cloud services that provide encrypted transport and platform-level storage protections. If you need deeper assurance details, request the security packet during procurement or technical review.
Important: Whispr does not claim certifications or custom cryptographic controls on this page beyond what is supported by the current product and hosted stack. If your review requires deeper assurance detail, request it during procurement.
Case actions are recorded, and legal hold blocks sensitive actions in compliance mode
The compliance backend defines audit events for case creation, acknowledgment, assignment, replies, note creation, file activity, exports, legal hold changes, retention changes, and closure. Export and close actions are blocked when an active legal hold is present.
- Audit trail exists as part of case handling, not as a separate spreadsheet process.
- Exports are explicit actions and are logged.
- Incident response and customer notifications should follow the applicable contract and legal obligations for the deployment.
What this page does not claim
To keep trust materials defensible, this page does not make unsupported promises about session inactivity windows, backup cadence, uptime SLAs, certification scope, or procurement turnaround times. Those items should appear only in signed agreements or technical review materials when they are actually available.