Compliance

Glance maintains annual compliance with ISO/IEC 27001. The certification and audit were performed by A-LIGN Assurance. ISO/IEC 27001 is a comprehensive security management standard that specifies a set of best practices and controls. It is an internationally recognized standard and means that as an organization, Glance has done the following:

• Examined our information security risks.
• Designed a set of security controls to mitigate these risks.
• Adopted a management process that reviews these controls on an ongoing basis.
• Conducted an internal audit of the above to test for conformity.
• Had an audit of the above by an ISO accredited external party to test for conformity.

This certification confirms our ongoing commitment to the security, confidentiality, and high availability of our services. It is important to understand that ISO/IEC 27001 is not a one-off audit. Instead, it is part of an ongoing process of continuous improvement, review and engagement with security standards and processes.

The GDPR is Europe's regulation for data protection and privacy, but it also covers any data transferred outside the EU and EEA areas. As a result of Schrems 2, Glance utilizes Standard Contractual Clauses (SCC) for the legal and contractual movement of data.

Our Privacy Policy aligns to GDPR requirements.

Glance undergoes regular audits to ensure the requirements of each of the five trust principles (security, availability processing integrity, confidentiality, and privacy) are met and Glance remains SOC 2 Type 2 compliant. Glance's SOC 2 report extends to all Glance services.

Glance is STAR Registry Level 1 with Cloud Security Alliance (CSA). The CSA Cloud Controls Matrix is a cybersecurity control framework for cloud computing. It is composed of 197 control objectives that are structured in 17 domains covering all key aspects of cloud technology.