Trust Center

ControlK

Overview

Welcome to Glartek's Trust Center. Use this Trust Center to learn about our security posture and request access to our security documentation.

We have implemented, maintain and continuously improve a formal Information Security Management System, in accordance with the requirements of ISO 27001:2022, to protect the confidentiality, integrity and availability of information processed and stored concerning customers and business partners associated with GLARTEK – Technology Solutions, S. A. products and services.

We handle information assets from customers and business partners that can take various forms including, but not limited to, data printed or written on paper, stored electronically, transmitted by electronic means, and spoken in conversations. Information assets may include personal data.

We actively look for potential security risks and implement adequate safeguards to eliminate or mitigate those risks and gain the trust of our customers and business partners that we will protect the confidentiality, integrity and availability of their information, unless otherwise required to do so by law.

We are also committed to continuously improving our policies and procedures according to new technologies that are emerging, according to the needs of our customers, and by social and human responsibility.

Compliance

21 CFR Part 11 Logo
21 CFR Part 11
AI Pact Logo
AI Pact
CCPA Logo
CCPA
Cloud Security Guidance Logo
Cloud Security Guidance
EU AI Act Logo
EU AI Act
GDPR Logo
GDPR
ISO/IEC 27001 Logo
ISO/IEC 27001
SOC 2 Type 2 Logo
SOC 2 Type 2

Glartek is reviewed and trusted by

Bosch-company-logoBosch
Daimler AG-company-logoDaimler AG
Deloitte-company-logoDeloitte
edp group-company-logoedp group
Embraer-company-logoEmbraer
ERM-company-logoERM
Fraunhofer-Gesellschaft-company-logoFraunhofer-Gesellschaft
GE Vernova-company-logoGE Vernova
International Paper-company-logoInternational Paper
Lactalis-company-logoLactalis
Sonae-company-logoSonae
Veolia-company-logoVeolia

Documents

COMPLIANCEISO/IEC 27001

Risk Profile

Data Access LevelRestricted
Impact LevelModerate
Recovery Time Objective2 hours
View more

Product Security

Audit Logging
Data Security
Integrations
View more

Reports

Data Flow Diagram (DFD)
Network Diagram
Pentest Report
View more

Self-Assessments

CAIQ
HECVAT Full
SIG Core
View more

Data Security

Access Monitoring
Data Asset Classification
Data Backups
View more

App Security

Application Penetration Testing
Code Analysis
Credential Management
View more

AI

We take the usage of AI seriously in our organization and work to ensure security and reliability of the AI.

ESG

We prioritize and take environmental, social, and governance (ESG) considerations seriously in our operations and decision-making processes.

Legal

SubprocessorsAmazon Web Services (AWS)-company-logoCloudflare-company-logoGitLab-company-logoGoogle Cloud-company-logoMongoDB-company-logo
Cyber Insurance
Data Processing Agreement
View more

Data Privacy

Cookies
Data Breach Notifications
Data Privacy Officer
View more

Access Control

Access Log Management
Internal Single-Sign-On (SSO)
Least Privilege
View more

Infrastructure

Status Monitoring
Anti-DDoS
BC/DR
View more

Endpoint Security

Anti-Malware
Disk Encryption
DNS Filtering
View more

Network Security

DMARC
Data Loss Prevention
Firewall
View more

Corporate Security

Asset Management Practices
Email Protection
Employee Handbook
View more

Policies

We are currently working with experts to put together our company policies. Please contact us for more details.

Security Grades

SecurityScorecard
app.glartek.com
Security Scorecard B grade
ImmuniWeb
app.glartek.com
A
Qualys SSL Labs
app.glartek.com
A
View more

Incident Response

We have a dedicated team that responds to security incidents. We are happy to provide more details about our incident response practices upon request.

Risk Management

We have a dedicated team that manages security risks. We are happy to provide more details about our risk management practices upon request.

Asset Management

We have strict asset management policies in place to ensure that all assets are accounted for and secure.

BC/DR

We have a business continuity plan in place to ensure that we can continue to operate in the event of a disaster.

Training

We provide security awareness training to all employees to ensure that they are aware of security best practices.

Change Management

We have a change and configuration management process in place to ensure that changes are properly reviewed and approved.

Physical & Environment

Access Monitoring
Alarms & Surveillance
Emergency Power & Lighting
View more

Continuous Monitoring

We continuously monitor our systems for security threats and vulnerabilities. We are happy to provide more details about our continuous monitoring practices upon request.

Subprocessors

If you need help using this Trust Center, please contact us.
Contact support
If you think you may have discovered a vulnerability, please send us a note.
Report issue
Built onSafeBase by Drata Logo