Security & privacy
We are committed to maintaining the highest standards of security, privacy, and compliance across all our products and services
SOC 2 Type 2 Certified
We’re proud to share that GlamAR is SOC 2 Type 2 compliant, reaffirming our commitment to maintaining the highest standards of data security and operational integrity
This independent third-party attestation confirms that our systems and processes are consistently aligned with the rigorous trust principles of :
This independent third-party attestation confirms that our systems and processes are consistently aligned with the rigorous trust principles of :
Security
Availability
Confidentiality
Processing Integrity
Privacy
Note: A copy of the latest SOC 2 report is available upon request for customers and partners under NDA
GDPR Compliant
Fynd is committed to global privacy best practices and has implemented GDPR-compliant data handling across multiple products. We ensure:
Lawful and transparent data processing
Robust consent and preference management
Data subject rights (access, rectification, deletion)
Strong data encryption and breach response mechanisms
We continuously review and enhance our privacy frameworks to align with evolving regulations and customer expectations.
We continuously review and enhance our privacy frameworks to align with evolving regulations and customer expectations
ISO/IEC 27001:2013
At Fynd, we prioritize customer data protection and secure operations. Our ISO/IEC 27001:2013 certification demonstrates our commitment to information security excellence through a systematic, risk-based approach that ensures data confidentiality, integrity, and availability. Our security program includes:
Robust access controls and data protection practices
Continuous risk assessment and mitigation
Incident response and business continuity planning
Regular audits and compliance reviews
Employee training and awareness programs
“ Our SOC 2 Type 2 audit covers a six-month operating
effectiveness period, ensuring that security controls are not just in place, but also consistently followed.”
A copy of the latest SOC 2 report is available upon request for customers and partners under NDA
Privacy by Design. Security by Default
Security is not an afterthought — it’s built into every layer of our infrastructure and product lifecycle. At Fynd, we adopt a defense-in-depth strategy across our platforms to safeguard data, ensure privacy, and enable secure scalability
Our applied security controls include:
Secure SDLC with integrated automated security testing tools (SAST, DAST, IAST) across development and staging environments
DevSecOps Integration within CI/CD pipelines to enable early detection and mitigation of vulnerabilities before deployment
Regular Vulnerability Assessments & Penetration Testing conducted by internal teams and third-party experts
Intrusion Detection and Prevention Systems (IDS/IPS) to monitor, detect, and block suspicious network behavior in real time
Network-based Intrusion Detection Systems (NIDS) for continuous traffic analysis and threat detection across cloud and edge workloads
Cloud-native Security leveraging GCP including:
* VPC Service Controls
* Identity-Aware Proxy (IAP)
* Shielded VMs and workload isolation
* VPC Service Controls
* Identity-Aware Proxy (IAP)
* Shielded VMs and workload isolation
Data Encryption at rest and in transit using industry standards (e.g., AES-256, TLS 1.2+)
Role-Based Access Control (RBAC) and Least Privilege Enforcement across all critical systems and production environments
Security Information and Event Management (SIEM) systems to centralize logs and detect anomalous behavior
Multi-Factor Authentication (MFA) for all administrative accounts and access to sensitive systems
Configuration Management and CIS Benchmarking to ensure secure system and container hardening
These layered controls reflect our commitment to a zero trust architecture, aligning with industry standards like SOC 2, ISO 27001, and GDPR requirements
Governance, Risk & Compliance
GlamAR is proudly:
SOC 2 Type 2 Compliant – Validated by independent third-party auditors, demonstrating effective controls over Security, Availability, Confidentiality, Processing Integrity & Privacy
GDPR Aligned – Ensuring data privacy rights, consent management, and secure handling of personal information across global operations
ISO/IEC 27001:2013 Certified – Internationally recognized for our robust Information Security Management System that protects customer data through rigorous controls and risk-based approaches
Commitment to Ethical Operations
GlamAR believes in a security-first, people-centric culture where ethical reporting is encouraged, supported, and rewarded. All concerns are handled with seriousness, and remediation actions are tracked through a structured governance framework
Whistleblower Policy & Anonymous Reporting
Fynd maintains a formal Whistleblower Policy that enables internal and external stakeholders to report concerns about:
Fraud or unethical behavior
Security or privacy violations
Breach of legal or regulatory obligations
We provide a secure, anonymous communication channel for whistleblowers to raise concerns without fear of retaliation. Every report is reviewed by our Compliance & Infosec leadership, with confidentiality and fairness at the core of our process.
You can report via:
You can report via:
Anonymous Reporting Portal
ethics@fynd.com
Schedule a call with our team
Discover how AR, VR and 3D can drive revenue growth in 2025
Trusted by global brands
Backed by enterprise grade security and scale
Get in touch
Thank You for Scheduling Your Demo Call
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Trusted by global brands
Backed by enterprise grade security and scale
Infrastructure layer for immersive commerce
GlamAR in a Glimpse
