Security & Cookies

Our Commitment to Security

Secure by Design

At Chart AI, security is built into every aspect of our service. We understand that you trust us with your data, and we take that responsibility seriously. Our security practices are designed to protect your information at every step.

1. Data Encryption

We use industry-standard encryption to protect your data:

In Transit

All data transmitted between your browser and our servers is encrypted using TLS 1.3 (Transport Layer Security). This ensures that your information cannot be intercepted or read by unauthorized parties during transmission.

At Rest

Sensitive data stored on our servers is encrypted using AES-256 encryption, one of the strongest encryption standards available. This includes account credentials and any personal information you provide.

2. Chart Image Handling

We take special care with the trading charts you upload for analysis:

Temporary Processing: Uploaded chart images are processed in real-time and are not permanently stored on our servers
Secure Transmission: Images are transmitted over encrypted connections directly to our AI analysis service
No Third-Party Sharing: Your charts are only shared with our AI provider (OpenAI) for analysis purposes and are subject to their data processing agreements
Automatic Deletion: Any temporary data is automatically purged after processing is complete

3. Authentication & Access Control

We implement robust authentication measures to protect your account:

Secure Password Storage: Passwords are hashed using industry-standard algorithms and are never stored in plain text
Session Management: Secure session tokens with automatic expiration to prevent unauthorized access
Account Protection: Rate limiting and monitoring to detect and prevent unauthorized access attempts

4. Payment Security

Your payment information is handled with the highest level of security:

PCI DSS Compliance: We use Paddle as our payment processor, which is fully PCI DSS compliant
No Card Storage: We never store your credit card details on our servers - all payment data is handled directly by Paddle
Secure Checkout: All payment transactions are processed through Paddle's secure payment infrastructure

5. Infrastructure Security

Our infrastructure is designed with security in mind:

Secure Hosting: Our services are hosted on enterprise-grade infrastructure with multiple layers of security
Regular Updates: We keep all systems and dependencies up to date with the latest security patches
Monitoring: Continuous monitoring for suspicious activity and potential security threats
Backup & Recovery: Regular backups and disaster recovery procedures to ensure data availability

6. Third-Party Services

We carefully select and monitor our third-party service providers:

OpenAI

We use OpenAI's API for AI-powered chart analysis. OpenAI maintains strict security standards and data processing agreements. Data sent to OpenAI for analysis is processed according to their enterprise security policies.

Paddle

Our payment processor, Paddle, is PCI DSS Level 1 certified - the highest level of certification in the payment card industry. They handle all payment data securely and in compliance with international standards.

7. Your Security Responsibilities

Security is a shared responsibility. Here are some best practices to keep your account secure:

Use a strong, unique password for your Chart AI account
Do not share your account credentials with others
Log out of your account when using shared or public computers
Keep your browser and operating system up to date
Be cautious of phishing attempts - we will never ask for your password via email

8. Reporting Security Issues

We value the security research community and encourage responsible disclosure of any security vulnerabilities you may discover. If you believe you have found a security issue in our service, please report it to us immediately.

Report a Security Issue

Email:
chartmaster.email@gmail.com

Please include as much detail as possible about the vulnerability, including steps to reproduce if applicable.

We take all security reports seriously and will respond promptly to investigate and address any valid concerns.

9. Cookie Policy

Cookies are small text files that are placed on your computer or mobile device when you visit a website. They are widely used to make websites work more efficiently and provide a better user experience, as well as to provide information to the website owners.

Cookies allow websites to remember your actions and preferences (such as login details, language, font size, and other display preferences) over a period of time, so you don't have to keep re-entering them whenever you come back to the site or browse from one page to another.

Types of Cookies We Use

We use different types of cookies for various purposes:

Essential Cookies

These cookies are necessary for the website to function properly. They enable core functionality such as security, network management, and account access. You cannot opt out of these cookies as the website would not function properly without them.

Authentication: To keep you logged in during your session
Security: To protect against fraudulent activity and ensure secure transactions
Load Balancing: To distribute traffic and ensure website performance

Functional Cookies

These cookies enable enhanced functionality and personalization. They may be set by us or by third-party providers whose services we have added to our pages.

Preferences: To remember your settings and preferences
Language: To remember your preferred language
Region: To provide localized content based on your location

Analytics Cookies

These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously. This helps us improve our website and services.

Usage Statistics: To understand which pages are most popular
Performance: To measure and improve website performance
Error Tracking: To identify and fix technical issues

Third-Party Cookies

Some cookies are placed by third-party services that appear on our pages. We use the following third-party services that may set cookies:

Google Analytics

We use Google Analytics to understand how visitors use our website. Google Analytics collects information about website usage anonymously and reports trends without identifying individual visitors. You can learn more about Google's privacy practices at Google Privacy Policy.

Paddle

Our payment processor, Paddle, may use cookies to process payments securely and prevent fraud. These cookies are essential for completing purchases on our platform.

Managing Cookies

You have the right to decide whether to accept or reject cookies. You can manage your cookie preferences through your browser settings. Most web browsers allow you to control cookies through their settings. You can usually find these settings in the "Options" or "Preferences" menu of your browser.

Chrome: Settings → Privacy and Security → Cookies
Firefox: Settings → Privacy & Security → Cookies
Safari: Preferences → Privacy → Cookies
Edge: Settings → Cookies and Site Permissions

You can also opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

Please note: If you choose to block or delete cookies, some features of our website may not work properly, and your user experience may be affected.

10. Contact Us

If you have any questions about our security practices or would like more information, please don't hesitate to contact us:

Get in Touch

Email:
chartmaster.email@gmail.com

Mail:
Tadeusz Sobczak
ul. Czarnieckiego 108
50-986 Wroclaw
Poland

We will make every effort to respond to your inquiry and address any concerns you may have.