TRUST CENTER
trust Starts Here
At Spyglass, securing your data isn’t just a responsibility – it’s our commitment. Our team enforces rigorous security practices so you can feel confident about the safety of your data.
How Spyglass Earns Your Trust
Trust is built on integrity over time. We understand our role in the compliance network and work diligently to earn the trust of our customers, their customers, and the public. That’s why we’ve implemented strong controls and tools and continuously evolve to meet and exceed industry standards.
In this Trust Center, you’ll find everything you need to know about how Spyglass prioritizes Security, Privacy, and Compliance to give you the confidence to partner with us.
“Spyglass gives us the confidence that our data is secure and compliant, allowing us to focus on delivering value to our customers across three continents.”
– COO of a leading logistics company

SECURITY
Protecting Your Data at Every Step
Spyglass takes a layered, security-by-default approach, embedding best practices into everything from product design to system scalability. Our solution goes beyond industry standards, offering advanced controls to centrally manage security requirements, including end-to-end encryption, user access levels, multi-factor authentication, and real-time alerts.
This ensures a highly secure platform our partners and their users in the field.
Partnering with AWS
AWS is a trusted partner for Spyglass, hosting our platform and your data in secure, world-class data centers in multiple global regions. These facilities ensure the highest levels of physical and operational security, including SOC 1, SOC 2, and ISO 27001.
Building on AWS’s foundation, Spyglass implements a secure-by-default approach including multi-tenancy to isolate data, end-to-end encryption to protect information, and adherence to principles like least privilege and zero trust.
To further enhance security, we integrate additional monitoring and threat detection layers, proactively safeguarding your data and ensuring platform resilience.
Learn more about AWS at their own trust center.

Spyglass is an AWS Partner
Beyond Best Practice
Encryption
All data in Spyglass solutions is encrypted in transit and at rest using TLS/SSL and AES-256 protocols. Application-level defenses, such as protections against SQL injection and Cross-site scripting, are implemented to prevent attacks. Spyglass also monitors for intrusion attempts to detect and address threats in real time.
Access Control
Spyglass enforces role-based access controls (RBAC) and the principle of least privilege, ensuring users only access the data necessary for their roles. Detailed user activity logs enable audits, and malicious or unauthorized users can be immediately identified and deactivated to mitigate misuse.
Detection & Analysis
Spyglass uses a zero trust architecture to continuously verify the identity and permissions of every user, device, and application before granting access. Real-time analytics detect anomalies and suspicious behavior across the platform. Alerts are automatically triggered, and incidents are escalated to our response team for immediate containment and remediation.
Vulnerability & Threat Management
Spyglass leverages layered defenses, including advanced intrusion detection and DDoS prevention systems, to identify and mitigate emerging threats. Vulnerabilities in third-party libraries are tracked and patched as part of a continuous integration and deployment process. Machine learning algorithms analyze activity patterns to proactively detect and neutralize potential risks before they escalate.

PRIVACY
Robust Data Privacy Comes First
At Spyglass, we take privacy and security seriously and we know our customers do too. That’s why our platform is built on privacy-by-design principles, ensuring compliance with all relevant privacy regulations.
As privacy laws and standards evolve, we continually adapt our platform and practices to stay ahead. Spyglass empowers customers to collect, manage, and share data lawfully and respectfully, protecting individual rights while enabling operational excellence.
Privacy Begins with People
We adhere to a set of universal privacy principles, ensuring our solutions put people first and comply with privacy laws worldwide, no matter where our customers are based.
We Help You Comply with Privacy Laws
We support you in ensuring that your data collection, storage, and usage practices meet modern data privacy and compliance requirements.
Keeping data local
Spyglass provides organizations with control over where their data is stored, ensuring compliance with regional privacy laws. Our platform supports localized data residency across the USA, UK, EU, and Australia, helping businesses meet regulatory requirements such as GDPR, CCPA, and other national privacy frameworks. By keeping data within its intended jurisdiction, we reduce risks associated with cross-border data transfers while maintaining security and performance.
Ensuring responsible and lawful data use
Organizations rely on the Spyglass solution to collect and share intelligence that enhances safety, security, and operational efficiency. Designed with privacy at its core, the Spyglass platform enforces strict controls over the use and sharing of personal information, reducing reliance on informal or unregulated data-sharing methods.
Helping organizations collect and use personal information lawfully
Many organizations already collect and share personal information, but these processes often lack proper controls. Spyglass helps businesses move away from manual workflows and unsecured data-sharing by providing built-in tools, processes, and security mechanisms that modernize data collection, distribution, use, and de-identification.
Secure storage with industry-leading infrastructure
Spyglass securely stores personal information using AWS’s world-class infrastructure, which meets the highest security and compliance standards, including SOC 2, ISO 27001, and GDPR requirements. All data is encrypted at rest and in transit, with strict access controls to ensure only authorized users can access sensitive information. Our platform leverages AWS’s built-in security tools alongside additional safeguards to protect against unauthorized access, breaches, and data loss. Check out the Security section for more information.

COMPLIANCE
Trust, but Verify
Spyglass’ compliance program provides customers with transparency into our robust security controls and commitment to service availability. We recognize our role in the compliance ecosystem and diligently adhere to the cybersecurity laws, regulations, attestations, and frameworks that matter to our customers.
Spyglass works closely with partners to provide security, privacy and compliance information as a part of your due diligence process.