Overview

Protecting our customer data is a key value at ChartMogul. We pride ourselves on ensuring that your data is always maintained in a safe and trustworthy environment. We understand the importance of safeguarding your data, which is why we have implemented the necessary controls and best practices to provide the highest standard of security for our users and customers.

We constantly improve our services and processes to protect your data and update this document accordingly.
The following is an overview of the main areas of our privacy and security protocols.

Data privacy

  • GDPR compliant: ChartMogul and all our third-party providers are compliant with the EU’s General Data Protection Regulation.
  • Credit cards: ChartMogul does not process or store any credit card details belonging to you or your customers. Your card details are never transmitted through or stored on ChartMogul’s infrastructure.
  • Passwords: Your password is encrypted and never stored in our database in a readable/unencrypted format. You are responsible for choosing a strong password and keeping it secret. Two-factor authentication is available to all ChartMogul users and we strongly recommended enabling it on your account for an additional layer of security.

Data access

We invest a lot of time in hiring the best people. Our teams are made up of people who have built highly-secure enterprise applications at companies of varying sizes, from startups to large public companies. At ChartMogul, all new hires, regardless of role, are trained on up-to-date security policies and industry standards.

Your data is your property and will never be sold to third parties. We will only access your ChartMogul account with your permission, in the case of suspicious account activity or if we suspect the ChartMogul terms of service are being violated. All employee access to your data is monitored, persisted, and reviewed continuously.

Application security

  • Encryption in Transit: Data sessions are always protected with TLS protocols and 2,048-bit keys.
  • Crafting security: ChartMogul considers security during all phases of our software development lifecycle from product ideation to deployment and release. We run automated and manual code analysis and use industry best practices to ensure the highest standards of quality for our services.
  • Incident policy: Incidents are handled through well-defined and documented process to ensure we do the right things right. We run post-mortems on each incident we experience, in order to prevent such incidents from happening again, and to learn.

Resiliency and availability

  • 99.9% Uptime: ChartMogul’s availability consistently exceeds 99.9%. Customer data is backed up to replicas with additional backup snapshots.
  • 24x7 Monitoring: Our engineering team monitors application, software, and infrastructure behavior through industry-established services that are highly reliable and compliant.
  • Fault tolerance: ChartMogul provides multiple failover instances to prevent outages due to single points of failure.

Data centers and network

Our data center providers maintain ISO 27001, SOC2, along with other certifications.
Network attacks are prevented through monitoring and controlled network-level firewalling.