Chartbrew v4 is here! Learn more

Chartbrew Security Overview

At Chartbrew, we take data security seriously. While we are a small team, we follow industry best practices to ensure the safety and privacy of our customers' data.

Infrastructure & Hosting

Chartbrew is hosted on:

  • Worldstream (Netherlands) – for application and database hosting
  • AWS (London) – for asset storage (S3), media processing, and off-site backups

Applications are managed directly on secured VPS instances. Production environments are isolated from development systems.

Data Encryption

  • In transit: All data is encrypted using TLS 1.2+.
  • At rest: Data is stored using AES-256 encryption on both servers and AWS S3 buckets.

Access Control

  • Infrastructure access is limited to the founder and core engineers.
  • SSH access is key-based and restricted by IP.
  • 2FA is enforced on GitHub, infrastructure, and billing systems.

Backups & Disaster Recovery

  • Encrypted backups of the database are performed daily.
  • Backups are stored securely and retained for 30 days.
  • Recovery procedures are tested periodically.

Application Security

  • All user inputs are validated and sanitized to prevent injection attacks.
  • APIs are protected using authentication tokens and rate limiting.
  • Dependencies are continuously monitored and updated using npm audit and GitHub Dependabot.

Monitoring & Logging

  • Errors and performance are monitored in real time using internal logging systems.
  • Infrastructure usage is monitored to ensure uptime and detect anomalies.

Subprocessors

Chartbrew uses a minimal set of trusted third-party services:

  • Worldstream – Application & DB hosting
  • AWS S3 – File and asset storage
  • Mailgun – Transactional email
  • Bento – Marketing automation
  • Cloudflare – DNS and WAF services

Responsible Disclosure

We welcome security researchers to report vulnerabilities. Please refer to our Responsible Disclosure Policy for details.

For urgent security concerns, contact us at [email protected].

Compliance

Chartbrew is not currently SOC 2 or ISO 27001 certified, but we follow industry best practices in cloud and application security.