Security at Chatwoot

We are committed to protecting your data and privacy. We follow the industry best practices to ensure that your data is secure and safe.

Looking to report a security concern? Please visit our Responsible Disclosure page.

Secure by design

We're SOC 2 Type II compliant. This certifies that we have met rigorous standards for information security, including strict policies and procedures to ensure the security, availability, processing, integrity, and confidentiality of user data. You can be assured that the highest levels of security protect your data.

Data Security: We encrypt data at rest and in transit for all of our customers. We use Amazon Web Service's Key Management System (KMS) to manage encryption keys using hardware security modules, adhering to industry best practices for maximum security.
Application Security: We use advanced static analysis tools like CodeQL, Secrets Scanner, and Dependabot from GitHub Advanced Security to secure our product at every stage of the development process. Our open-source codebase and deployment environments are regularly reviewed and audited by leading security experts.
Infrastructure Security: We use Amazon Web Services to host our application. We leverage AWS security products like KMS, GuardDuty, and Inspector to ensure your data is secure. Your information is protected by top-of-the-line infrastructure security measures.