Security Policy

At Chisel, we maintain top performance and give you the best user experience while keeping your data secure.


Chisel is hosted on Amazon Web Services, providing end-to-end security and privacy features built-in.

Data storage and password encryption

All user passwords are hashed with a PBKDF2-based robust hashing algorithm and individual salts per password.

Data encryption in transit

The industry-standard Transport Layer Security (TLS) is implemented in all communication between Chisel servers and the client browser for enhanced security.

Credit card & payment security

All payments are processed through our partner Stripe. We do not store any credit card information or related personal information on our servers.

Business continuity

The architecture of Chisel enables business continuity, daily backups, and disaster recovery strategies for resuming operations in the case of inevitable disruptions.

Privacy policy

Our privacy policy is designed to ensure that your data is always protected. You can read more about our privacy policy here.


Access to data within the Chisel application is governed by role-based access controls (RBAC). Chisel has 2 major permission levels for users (maker with admin access, contributor with limited access).

Separate Environments

Production environment is logically separated from the testing and staging environments. No Service Data is used in our development or test environments.


Security concern?

If you think you may have found a security vulnerability, please get in touch with our security team at


Top-rated, award-winning platform.

Craft Amazing Products Using Chisel!