Security at Chatwoot

Chatwoot is committed to protecting your data and privacy. We follow the industry best practices to ensure that your data is secure and safe.

Looking to report a security concern?  Please visit our Responsible Disclosure page.

Data Security

Chatwoot encrypts data at rest and in transit for all of our customers. We use tools like Amazon Web Service’s Key Management System (KMS) to manage encryption keys using hardware security modules for maximum security in line with industry best practices.

Application Security

Chatwoot uses high-quality static analysis tooling provided by GitHub Advanced Security such as CodeQL, Secrets Scanner, and Dependabot to secure our product at every step of the development process.
Our open-source codebase and deployment environments are reviewed and audited by some of the industry’s best security experts.

Infrastructure Security

Chatwoot uses Amazon Web Services to host our application. We make full use of the security products embedded within the AWS ecosystem, including KMS, GuardDuty, and Inspector.