Contents

Safe Voices documentation

Enterprise-style whistleblowing and ethics intake: how reporters, investigators, and administrators work together while keeping data scoped and auditable.

Getting started

For new users

  • Prefer a guided conversation first? Open the AI assistant from the landing page, then continue with official intake when you are ready.
  • Open the reporting experience your organization publishes for intake.
  • Describe the concern with enough detail for reviewers to act without guessing.
  • Save the unique tracking code you receive after submission.
  • Return to the tracking page any time to read updates or reply securely.

What happens next

  1. The submission reaches your compliance or triage queue immediately.
  2. An owner typically performs first review within 24 to 48 hours.
  3. Investigators may request more detail through the secure channel.
  4. Status changes appear on the timeline as the case advances.

Anonymous reporting

Submitting a report

  • Pick the category that best matches the concern.
  • Include dates, locations, and names only if that helps clarify the facts.
  • Attach documents or media when they strengthen the record.
  • Submit, then store the tracking code outside of corporate email if needed.

Your privacy

  • Personal identifiers are optional unless your program requires them.
  • Transport is encrypted end to end to the application boundary.
  • Authorized case members see the matter; everyone else is blocked by policy.
  • The tracking code is how you follow up while staying anonymous.

Tracking your case

Using your tracking code

  • Enter the code on the tracking page supplied by your organization.
  • Read the current status and any investigator messages.
  • Review the timeline of actions for transparency.
  • Respond through the secure thread instead of ad hoc channels.

Typical statuses

Submitted
Received and waiting for triage.
Under review
A compliance owner is evaluating scope and severity.
Investigating
Assigned staff are actively working the matter.
Resolved
Corrective or policy actions are documented.
Closed
The record is complete and archived per retention rules.

For administrators

Dashboard overview

  • Monitor intake volume, aging cases, and SLA risk in one view.
  • Slice by category, priority, and business unit where metadata exists.
  • Jump into recent activity to coach new investigators.

Case management

  • Assign owners, set priority, and capture internal notes with timestamps.
  • Message reporters without exposing private contact details.
  • Export structured summaries for regulators or internal committees.

Team collaboration

  • Invite members with least-privilege roles such as admin, manager, investigator.
  • Coordinate through internal comments separate from reporter-visible messages.
  • Rely on audit logs for every privileged action.

Platform features

Example categories

Ethics and code of conduct, fraud or financial misconduct, harassment or discrimination, health and safety, data misuse, environmental issues, conflicts of interest, and other compliance topics your program enables.

Key capabilities

  • Anonymous and confidential modes per policy.
  • Secure uploads with virus scanning hooks where required.
  • Status timelines and immutable audit events.
  • Configurable workflows and assignment rules.
  • Analytics tuned for compliance reporting cycles.

Security and privacy

Data protection

  • Encryption in transit and at rest for application data and attachments.
  • Network controls and private storage buckets for sensitive files.
  • Periodic penetration tests aligned to your vendor assurance calendar.

Access controls

  • Role-based permissions with session timeouts for staff accounts.
  • Multi-factor authentication for administrative surfaces.
  • Row-level security patterns when backed by Postgres providers such as Supabase.

Compliance alignment

Design your retention, portability, and deletion flows with counsel to meet GDPR, CCPA, SOX, and whistleblower-protection expectations in your jurisdictions.

Testing workflows

Anonymous reporter

  1. Submit a synthetic report through the public intake page.
  2. Copy the tracking code and store it for later steps.
  3. Open the tracking page, confirm timeline entries, and send a test message.

Organization staff

  1. Sign in to the admin experience with a non-production account.
  2. Locate the synthetic case, change priority, and add an internal note.
  3. Assign the matter, reply to the reporter thread, and advance statuses.

Tip: use separate browser profiles when validating multiple roles so sessions never leak context.

FAQ

Is my report anonymous?

When your program allows it, you can submit without identifiers. Anything you voluntarily provide is stored according to your organization's policy.

How long do reviews take?

Timelines depend on severity and backlog. Most programs target first contact in a few business days and full resolution in a few weeks for standard matters.

What if I lose my code?

Many programs cannot recover lost tracking codes by design, because recovery flows could weaken anonymity. Treat the code like a password.

Documentation | Safe Voices