Glance Trust Center

Every day, the world’s most recognizable brands trust Glance to power their human-to-human collaboration in moments that matter.

DOM-based cobrowse: architected for security

Glance is uniquely architected without the use of proxy servers, which can create vulnerabilities for "man in the middle" attacks. With Glance, both the company's representative and the customer view the same web page at the same time using patented, DOM-based technology, which doesn't store or communicate customer log-in data, cookies, or any other identifying information.

Session data in Glance is always encrypted and always in motion - never at rest - and Glance never records, captures, or stores session content. Available SAML and SSO technology adds additional layers of security to your agents' experience, as well.

Role-based masking: controls for privacy

Masking in Glance offers your in-house administrators complete control over what is shared during a Glance session. When personally identifiable information (PII) and other sensitive data or IP is masked, it is never included in the Glance session, never communicated with the representative, and - in fact - never leaves the customer's browser.

And masking is role-based: providing different levels of access to different types of employees across your organization, if necessary. Masking can apply to text, form-fields, buttons, and more: keeping PII from being communicated to ensure your customers' privacy and security.

Certifications and attestations

ISO 27001

ISO 27001 is a globally recognized standard for the establishment and certification of an information security management system (ISMS). Our entire information security program is built on the ISO 27001 framework and we are annually audited.

Download now

SOC 2 Type 2

Glance undergoes a SOC 2 Type 2 examination of our security controls against the AICPA define standards on an annual basis with a third party audit firm to ensure the security of our platform.

ISO 27701

ISO 27701 is a globally recognized standard for the establishment and certification of a privacy information management system (PIMS) that builds on ISO 27001. Our privacy program is built on the ISO 27701 framework.

CSA

Cloud Security Alliance

Glance is STAR Registry Level 1 with Cloud Security Alliance (CSA). The CSA Cloud Controls Matrix is a cybersecurity control framework for cloud computing. It is composed of 197 control objectives that are structured in 17 domains covering all key aspects of cloud technology.

View registry

GDPR and Privacy

General Data Protection Regulation

Glance previously was a member of the EU/US Privacy Shield but due to Schrems 2, Glance utilizes Standard Contractual Clauses (SCC) for the legal and contractual movement of data. Our privacy notice aligns to GDPR requirements.

View privacy notice

How Glance protects your data

Cloud architecture

Our cloud architecture is designed to segregate and restrict data access based on the customer and provides role-based access privileges, all controlled on a customer-specific level.

Robust encryption

We employ strong encryption protocols to secure data, both in transit and at rest, ensuring that it remains protected from unauthorized access.

Processing integrity

We maintain the consistency, accuracy and reliability of our customers' data throughout its lifecycle.

Access controls

We implement strict access controls limiting data access only to authorized personnel who have a legitimate need to interact with the data.

Regular audits

We conduct regular audits and assessments to monitor our systems, identify vulnerabilities, and maintain the highest level of data security.

Employee training

Our employees undergo comprehenzive security and privacy training to ensure they understand their responsibilities and maintain a strong culture of data protection.

Data privacy policies

We have clear and transparent data privacy policies in place, outlining how we handle and protect data, as well as your rights as a data subject.

Security

We submit regular application security and penetration test (Pen Test) assessmenet by an independent security firm in order to bolster the security of our applications and information systems.

Availability

Our systems are constantly and easily accessible 24 hours/day, 7 days/week, to meet all customer requirements.

Confidentiality

We have a dedicated information security team, and we also provide our clients configurable Single Sign-On (SSO) and Multi-factor Authentication (MFA) options.