Security at ChatClaw
Your data security is not a feature — it's the foundation everything is built on.
End-to-End Encryption
All data encrypted with TLS 1.3 in transit and AES-256 at rest. Your conversations are always protected.
Self-Hosted Option
Run ChatClaw entirely on your infrastructure. Customer data never touches our servers. Full air-gap capability.
Audit Logging
Every action your AI takes is logged with timestamps, context, and outcomes. Full accountability and traceability.
Role-Based Access
Granular permissions for team members. Admins, editors, and viewers — each sees only what they need.
Multi-Factor Authentication
MFA enforced for all admin accounts. Support for TOTP authenticator apps and security keys.
SOC 2 & GDPR
Built for compliance from day one. EU data residency, DPA included, and designed for regulated industries.
Infrastructure Security
ChatClaw's cloud infrastructure runs in EU data centres with automated backups, DDoS protection, and network isolation. Our deployment pipeline includes automated security scanning and dependency auditing.
For self-hosted deployments, we provide hardening guides, container security best practices, and ongoing security advisory support.
Responsible Disclosure
We welcome security researchers to report vulnerabilities responsibly. Please email security@chatc.dev with details. We commit to acknowledging reports within 24 hours and resolving critical issues within 72 hours.
Need a security review?
We provide security documentation packs for procurement teams, including our DPA, infrastructure details, and compliance certifications.
Request Security Pack