Security at Chasely

Chasely handles sensitive client documents, so we treat security as part of the product — not an afterthought. Here’s exactly how your data is protected.

Last updated July 2026

At a glance
  • Encrypted in transit (TLS) and at rest (AES-256)
  • Documents stored privately — no public links, ever
  • Download links expire in minutes and force a download
  • Each firm’s data is isolated at the database level
  • No client logins — nothing for your clients to have breached
  • We never see or store your payment card details

Encryption

All traffic between you, your clients, and Chasely is encrypted in transit using TLS/HTTPS. Your data and uploaded files are encrypted at rest with AES-256.

Access & data isolation

Safe uploads

We accept only common document types (PDF, Word, Excel, CSV, images, ZIP) up to a size limit, enforced at both the application and storage layers.

Your data & deletion

Your data is yours. We do not sell your data or your clients’ data to anyone.

You can permanently delete your account at any time from Settings → Account. When you do, we remove your account, all of your requests and clients, and every uploaded file from storage.

Infrastructure & sub-processors

Chasely is built on established, security-audited providers:

Compliance

Chasely runs on SOC 2 Type II–certified infrastructure (Supabase and Vercel), and we are working toward our own SOC 2 report as we grow. We’re built to support GDPR obligations — a Data Processing Agreement (DPA) is available on request.

Reporting a vulnerability

If you believe you’ve found a security issue, please email hello@chasely.co with “Security” in the subject. We’ll acknowledge your report, investigate promptly, and keep you updated. Please give us a reasonable chance to fix the issue before any public disclosure.

Questions

For anything else about how we protect your data, reach us at hello@chasely.co.