Security

We are on a mission to help companies unlock the potential of their data - and that requires trust that your data remains secure, private, and under your control while using Chartio.

Chartio enables you to keep complete control of your data and is built with security in mind at every step, giving you peace of mind however you choose to connect your data.

Chartio's Soc2 Compliance Badge'

Certifications

Chartio is compliant with SOC2 Type II, an independent audit designed to ensure good policy and compliance in the five key areas of security, availability, processing integrity, confidentiality, and privacy.

Our most recent SOC2 Type II audit was completed in January 2019 and Chartio plans to complete this audit annually. This report is available upon request.

Architecture

Chartio is built with privacy and security in mind. When you connect your data to Chartio, we use a read-only connection to ensure that your data remains unmodified by your Chartio users. We also offer SSH tunnelled connections for databases behind firewalls which allows for secure connectivity to cloud, hybrid, or on-premise environments.. Finally, we query your database directly -- we don’t mirror or retain your data beyond what is needed to display your query results quickly and completely.

And, of course, all our servers are hardened, kept up to date with the latest security patches, and protected behind firewalls.

Encryption

Encryption is vital to keeping your data safe, so Chartio encrypts all your data at rest and in flight. All database connections that support SSL offer encrypted data transfer, and additional security is available with our reverse SSH tunnels that put your database connection on your terms -- no need to expose your server to the internet to use Chartio.

When you use the Chartio application, you’re using industry standard HTTPS to keep your data safe and secure whether you’re in the office or travelling.

Enterprise Security Made Easy

Security matters to companies of all sizes so we provide a suite of advanced security tools for all our customers. Governance tools empower Chartio administrators to quickly and easily secure their data a variety of access controls:

  • Login with Google Apps
  • SAML compatibility with Okta, OneLogin, and more
  • Granular role-based permissions which allow fine-grained control of access to dashboards, reports, and data sources on an individual or team level

Responsible Disclosure

Please see our responsible disclosure policy page.

Privacy

Chartio takes user privacy seriously and has strict policies to keep your personally identifiable information safe, as especially emphasized and supported by our annual SOCII Type 2 audit.

Chartio complies with GPDR and is Privacy Shield self-certified. We have Data Protection Agreements available for customers, and our Data Advisors are happy to work with companies to ensure that we satisfy all privacy requirements to do business.

For more information, visit our privacy policy page.