At GlassBox Verification Services, LLC, we understand that secure data routing requires absolute trust. As the secure infrastructure layer connecting referring institutions with receiving partners, safeguarding your proprietary business data, trade secrets, and client Personally Identifiable Information (PII) is our foundational priority.
We have engineered the GlassBox Platform to exceed the strict regulatory requirements of highly regulated institutions.
Our Compliance Posture
GlassBox acts as the referral rails, enabling your institution to automate the manual client handoff safely while ensuring a compliant, auditable paper trail for every transaction.
GLBA & Regulation P: We maintain strict physical, electronic, and procedural safeguards to protect Nonpublic Personal Information (NPI) in accordance with the Gramm-Leach-Bliley Act.
Third-Party Risk Management: For our referring partners, GlassBox acts as a vetted, compliant vendor channel, eliminating the risks associated with team members sending sensitive client documents or financials over unencrypted email.
Referral Auditability: Our platform standardizes the referral process, protecting institutions by maintaining a transparent, regulator-friendly record of all client routing and handoffs.
Enterprise-Grade Data Security
We do not compromise on the security of the Dedicated Referral Data Rooms or the AI verification engine.
Encryption: All data is encrypted in transit using TLS 1.2+ protocols and encrypted at rest using AES-256 encryption.
Access Controls: Data rooms are strictly siloed. Receiving partners only have access to the specific client files routed directly to them by the referring institution.
AI Data Isolation: Our AI verification tools are used strictly for document parsing, data formatting, and SOP compliance checks. We do not use your proprietary client data to train external public AI models.
Data Processing & Roles
GlassBox operates strictly as a Software-as-a-Service (SaaS) infrastructure provider. We are the referral rails, automating the manual client handoff to serve as your secure pipeline.
For Referring Institutions: We act as your Data Processor. We process data strictly according to your routing instructions to help you serve your clients.
For Receiving Partners: Upon receiving a routed referral into your systems for evaluation, you act as an Independent Data Controller, fully responsible for the compliance and security of the data under your own internal protocols.
Partner Agreements & DPA Download
To facilitate secure, frictionless B2B referral routing, we require all receiving partners accepting client handoffs through GlassBox to agree to our standard data handling terms. This assures our referring institutions that their clients' data is protected downstream.
If you are a receiving partner joining the GlassBox network, please download our pre-signed Data Sharing & Confidentiality Agreement below.
[๐ Download the Pre-Signed GlassBox Partner DPA (PDF) Here]
Instructions for Partners: Please download the PDF, counter-sign the agreement, and upload it directly into your GlassBox Partner Dashboard during your onboarding process, or email it to legal@glassboxverified.com.
Additional Legal Resources
Security Questions?
If your compliance or IT risk team requires a vendor security questionnaire or additional documentation, please contact our security team at legal@glassboxverified.com or call us at 623-377-4529.