Security & Compliance Policies

From advanced encryption techniques to thorough employee training programs, we go above and beyond to guarantee the security of your work environment.


ISO.27001Glartek is certified by SGS for the ISO 27001 security certification, the international standard for Information Security Management Systems (ISMS). You can access our official certification document here.
GDPRWe respect the EU’s General Data Protection Regulation, which outlines strict protections for consumer data, prioritizing integrity and confidentiality and limiting how organizations can handle data.
SOC 2 Type IIWe build our products to be compliant with AICPA’s SOC for Service Organizations Trust Services Criteria (SOC 2).


1 | Platform Access

AuthenticationSingle Sign-on (SSO), Lightweight Directory Access Protocol (LDAP) and SAML to authenticate users in systems.
PasswordEnforce password complexity and expiration.s in systems.
Roles and PermissionsConfigurable user access to data and features.Enforce password complexity and expiration.s in systems.

2 | Customer Data

EncryptedIndustry leading standard protocols to protect data in transit (including TLS 1.2 and 256 AES encryption) and at rest (including FIPS 140-2 compliant encryption standards).
TransferData transfers within or between countries/regions respect the EU, Swiss, UK and CCPA legislations.
AuditableAll user and device actions and Data changes are logged for audit purposes.

3 | Availability

UptimeRedundant hosting partners providing 99.9% uptime SLAs.
Hardened Virtual Private CloudServers in separated infrastructure to prevent unauthorized access to/from our IT network.
BackupsAll customer Data is backed up off-site at least on a daily basis.


1 | Our Company

CISOWe have appointed an experienced CISO full-time employee.
Risk AssessmentsWe regularly perform Processes, Policies and Procedures (3P) and Privacy Impact self-assessments.
Security AssessmentsWe work with partners for independent company and product assessments, such as black-box penetration testing.

2 | Our Employees

TrainingAll employees undergo software development life-cycle security and awareness training annually.
ConfidentiallyAll employee and partner contracts include confidentiality clauses.
Data accessAll access to customer data is registered, logged and reported to the customer.

Contact Us

For further information, please contact Glartek’s security team by email at [email protected].

Still need help? Message Us