SECURITY AT CHARGEPILOT AI
Protecting merchant data is fundamental to everything we build. Here's how we keep your information secure.
Data Encryption
All data transmitted between ChargePilot and third-party services is encrypted in transit using TLS 1.2+. Data at rest is encrypted using AES-256.
OAuth Security
ChargePilot uses OAuth 2.0 for all third-party integrations. We never store your passwords. Access tokens are stored server-side only and never exposed to the client.
Google API Data
ChargePilot's use of Google APIs complies with the Google API Services User Data Policy. Gmail data is accessed read-only, used only for dispute evidence generation, and never stored permanently or shared with third parties.
Stripe Security
ChargePilot is a verified Stripe App Marketplace partner. Our integration uses Stripe Connect OAuth and has been reviewed by Stripe's security team.
Firebase Security
ChargePilot's backend runs on Google Firebase with Firestore security rules enforcing strict user data isolation. Each merchant's data is accessible only to that merchant.
Responsible Disclosure
To report a security vulnerability, email security@chargepilot.ai. We take all reports seriously and will respond within 48 hours.
Security questions? Contact security@chargepilot.ai