TRUST CENTER

trust Starts Here

At Spyglass, securing your data isn’t just a responsibility – it’s our commitment. Our team enforces rigorous security practices so you can feel confident about the safety of your data.

How Spyglass Earns Your Trust

Trust is built on integrity over time. We understand our role in the compliance network and work diligently to earn the trust of our customers, their customers, and the public. That’s why we’ve implemented strong controls and tools and continuously evolve to meet and exceed industry standards.

In this Trust Center, you’ll find everything you need to know about how Spyglass prioritizes Security, Privacy, and Compliance to give you the confidence to partner with us.

SECURITY

Spyglass implements robust security measures like advanced encryption, access controls, and continuous monitoring to ensure your data is safe at every step.

PRIVACY

Spyglass adheres to global privacy standards, including GDPR and CCPA, ensuring your data is handled responsibly, transparently, and in compliance with regulations.

COMPLIANCE

Spyglass meets rigorous industry certifications, regulatory requirements, and standards, demonstrating our integrity and commitment to accountability.

“Spyglass gives us the confidence that our data is secure and compliant, allowing us to focus on delivering value to our customers across three continents.”

– COO of a leading logistics company

SECURITY

Protecting Your Data at Every Step

Spyglass takes a layered, security-by-default approach, embedding best practices into everything from product design to system scalability. Our solution goes beyond industry standards, offering advanced controls to centrally manage security requirements, including end-to-end encryption, user access levels, multi-factor authentication, and real-time alerts.

This ensures a highly secure platform our partners and their users in the field.

Robust Product Security

Our solution embeds security at every level, with robust user security like RBAC, MFA, and data protection protocols. Spyglass conducts ongoing vulnerability and penetration testing to proactively identify and mitigate threats.

Multi-Layered Infrastructure

Our cloud infrastructure meets stringent security standards with advanced encryption, role-based access controls, and secure configurations, strengthened by real-time monitoring and proactive threat detection.

Operational Resilience

Spyglass continuously monitors and detects threats to protect system integrity and defend against attacks, ensuring reliable performance and peace of mind for our customers.

Partnering with AWS

AWS is a trusted partner for Spyglass, hosting our platform and your data in secure, world-class data centers in multiple global regions. These facilities ensure the highest levels of physical and operational security, including SOC 1, SOC 2, and ISO 27001.

Building on AWS’s foundation, Spyglass implements a secure-by-default approach including multi-tenancy to isolate data, end-to-end encryption to protect information, and adherence to principles like least privilege and zero trust.

To further enhance security, we integrate additional monitoring and threat detection layers, proactively safeguarding your data and ensuring platform resilience.

Learn more about AWS at their own trust center.

Spyglass is an AWS Partner

Beyond Best Practice

Encryption

All data in Spyglass solutions is encrypted in transit and at rest using TLS/SSL and AES-256 protocols. Application-level defenses, such as protections against SQL injection and Cross-site scripting, are implemented to prevent attacks. Spyglass also monitors for intrusion attempts to detect and address threats in real time.

Access Control

Spyglass enforces role-based access controls (RBAC) and the principle of least privilege, ensuring users only access the data necessary for their roles. Detailed user activity logs enable audits, and malicious or unauthorized users can be immediately identified and deactivated to mitigate misuse.

Detection & Analysis

Spyglass uses a zero trust architecture to continuously verify the identity and permissions of every user, device, and application before granting access. Real-time analytics detect anomalies and suspicious behavior across the platform. Alerts are automatically triggered, and incidents are escalated to our response team for immediate containment and remediation.

Vulnerability & Threat Management

Spyglass leverages layered defenses, including advanced intrusion detection and DDoS prevention systems, to identify and mitigate emerging threats. Vulnerabilities in third-party libraries are tracked and patched as part of a continuous integration and deployment process. Machine learning algorithms analyze activity patterns to proactively detect and neutralize potential risks before they escalate.

PRIVACY

Robust Data Privacy Comes First

At Spyglass, we take privacy and security seriously and we know our customers do too. That’s why our platform is built on privacy-by-design principles, ensuring compliance with all relevant privacy regulations.

As privacy laws and standards evolve, we continually adapt our platform and practices to stay ahead. Spyglass empowers customers to collect, manage, and share data lawfully and respectfully, protecting individual rights while enabling operational excellence.

Privacy Begins with People

We adhere to a set of universal privacy principles, ensuring our solutions put people first and comply with privacy laws worldwide, no matter where our customers are based.

Data Minimization
Ensuring that data collected and retained on the platform is necessary.
Security, Accountability, Control
Ensuring personal information is protected and secure through robust controls and clear accountability.
Ethical Data Usage
Ensuring data practices align with ethical standards, respecting societal norms and avoiding misuse or harm.
Empowering Individuals
Ensuring individuals can exercise key privacy rights easily and effectively.
Use & Disclosure Limitation
Ensuring clear use and disclosure limitations to prevent overreach and maintain trust.

We Help You Comply with Privacy Laws

We support you in ensuring that your data collection, storage, and usage practices meet modern data privacy and compliance requirements.

Keeping data local

Spyglass provides organizations with control over where their data is stored, ensuring compliance with regional privacy laws. Our platform supports localized data residency across the USA, UK, EU, and Australia, helping businesses meet regulatory requirements such as GDPR, CCPA, and other national privacy frameworks. By keeping data within its intended jurisdiction, we reduce risks associated with cross-border data transfers while maintaining security and performance.

We are data custodians

As a data processor, we act as custodians of personal information, building our solution on strong privacy and security foundations. Our goal is to help users achieve great community outcomes while ensuring the privacy of the people involved.

Ensuring responsible and lawful data use

Organizations rely on the Spyglass solution to collect and share intelligence that enhances safety, security, and operational efficiency. Designed with privacy at its core, the Spyglass platform enforces strict controls over the use and sharing of personal information, reducing reliance on informal or unregulated data-sharing methods.

Helping organizations collect and use personal information lawfully

Many organizations already collect and share personal information, but these processes often lack proper controls. Spyglass helps businesses move away from manual workflows and unsecured data-sharing by providing built-in tools, processes, and security mechanisms that modernize data collection, distribution, use, and de-identification.

Secure storage with industry-leading infrastructure

Spyglass securely stores personal information using AWS’s world-class infrastructure, which meets the highest security and compliance standards, including SOC 2, ISO 27001, and GDPR requirements. All data is encrypted at rest and in transit, with strict access controls to ensure only authorized users can access sensitive information. Our platform leverages AWS’s built-in security tools alongside additional safeguards to protect against unauthorized access, breaches, and data loss. Check out the Security section for more information.

COMPLIANCE

Trust, but Verify

Spyglass’ compliance program provides customers with transparency into our robust security controls and commitment to service availability. We recognize our role in the compliance ecosystem and diligently adhere to the cybersecurity laws, regulations, attestations, and frameworks that matter to our customers.

Spyglass works closely with partners to provide security, privacy and compliance information as a part of your due diligence process.