GlassBox is fully compliant with the General Data Protection Regulation (GDPR). Here's what that means for you.
Request a copy of all personal data we hold about you.
Request correction of any inaccurate or incomplete data.
Request deletion of your personal data ('right to be forgotten').
Receive your data in a structured, machine-readable format.
Request limitation of how we process your data.
Object to processing of your data for certain purposes.
We process personal data based on legitimate interests (providing our service), contractual necessity (fulfilling our agreement with you), and explicit consent where required.
We have Data Processing Agreements (DPAs) in place with all sub-processors. Enterprise customers can request a copy of our DPA for their records.
For data transfers outside the EU/EEA, we use Standard Contractual Clauses (SCCs) approved by the European Commission to ensure adequate protection.
Our Data Protection Officer oversees GDPR compliance and can be reached at dpo@glassbox.live
In the event of a personal data breach, we will notify the relevant supervisory authority within 72 hours and affected individuals without undue delay.