<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=792695931297257&amp;ev=PageView&amp;noscript=1">

40 politely-worded templates to get invoices paid

Chaser security

Chaser aims to uphold industry-leading data security and privacy standards across all operations. We safeguard your and your users’ data so that you can fully focus on transforming your accounts receivables management strategy.

This page describes the technical and organizational security measures implemented by Chaser. Chaser may update or modify these security measures from time to time provided that such updates and modifications do not result in the degradation of the overall security of the Chaser services.





Chaser is actively pursuing compliance with the SOC 2 security framework.




Security measures 


Data centers


Chaser stores its services data at physically secure data centers. We use: 


Data privacy 


Access to personal data

Personal data is protected by an appropriate level of security designed to prevent unauthorized data access. Personal data is limited to role-based access by personnel on a need-to-know basis. Personal data is encrypted in transit.


Password policy 

Chaser has implemented a uniform password policy for its internal services and correspondent tools and features. All passwords must fulfill defined minimum requirements and are stored in encrypted form. Users who interact with the services must use a password manager to store their passwords securely.


Subprocesses of customer data

  • Chaser customer data is also stored within HubSpot CRM which is used for record management, support ticketing and sales force automation.  HubSpot is hosted on ISO/IEC 27001:2013 certified infrastructure provided by Amazon Web Services (AWS).  For more information on HubSpot certification please visit HubSpot Security Program.
  • Chaser uses the Chargebee billing platform to maintain subscription information about customers and generate invoices and collect payments. Chargebee has an ISO/IEC 27001:2013 certification see details here . For more information please visit Compliance Certificates - Chargebee Docs.
  • Chaser uses Stripe (via Chargebee) to collect payments for our subscriptions.  Stripe is a fully regulated payment services provider.  For more information on Stripe https://stripe.com/docs/security 
  • Chaser uses the Slack collaboration and communication platform.  Slack Technologies, LLC has an ISO/IEC 27001:2013 certification available here.   For more information on Slack security please visit Security at Slack.


Interaction with contractors 

To protect any data processed, Chaser maintains contractual relationships with its third-party suppliers. Chaser relies on contractual agreements, privacy policies, and supplier compliance procedures to protect any data processed or stored by suppliers.



Chaser adheres to GDPR requirements. We have adopted the following measures to be compliant with GDPR requirements:

  • Collect the minimum information necessary for the provision of our services.
  • Process data in a lawful manner.
  • Maintain and make available to customers a list of sub-processors, as well as the purpose of their use.
  • Market our services to customers and prospects in a manner that respects their rights under GDPR.
  • Maintain a privacy policy to describe our data collection practices.


Application security


Penetration tests

Chaser conducts penetration tests every year. The objective of the penetration tests is to identify and resolve foreseeable attack vectors and potential abuse scenarios.



Chaser requires all customers and users to set up 2-factor authentication. Free trial subscribers have 28 days to set up 2-factor authentication.



Human Resources security


Confidentiality agreement

Our employees and contractors are required to sign a non-disclosure agreement before starting work.


Security awareness

We provide security awareness training for all new employees, and all employees do this annually. Training is carried out through an electronic platform.



Office security


As Chaser conducts its business globally, we have teams in different parts of the world including United Kingdom, Portugal, Philippines, and Ukraine. Due to the distribution of offices, we take security very seriously.



  • Chaser uses the Mailgun email delivery service. For more information on the Mailgun ISO/IEC 27001:2013 certification please visit Data Processing Agreement | Mailgun.
  • Chaser uses Nylas for enhanced email communication services.  Nylas has ISO/IEC 27001:2013 certification.  For more information visit  Security Certifications | Nylas.
  • Chaser uses Twilio to send SMS messages from the Chaser platform.  Twilio has an ISO/IEC certificate.  For more information please visit  ISO/IEC Certification | Twilio.
  • Chaser uses Creditsafe to provide credit checking and monitoring reports.  Creditsafe is ISO/IEC 27001:2013 certified.  For more information please visit GDPR Customer Briefing | Creditsafe.



Frequently Asked Questions




How is data accessed in the cloud?

When accessing data in the cloud, we prioritize security measures beyond traditional username and password authentication. We employ Multi-Factor Authentication (MFA) and Single Sign-On (SSO) mechanisms to enhance access control and safeguard sensitive information. 


For further details, please refer to our data retention policy and additional information provided in our privacy policy.

What is your encryption of data in transit and at rest?

We uphold stringent encryption standards for data both in transit and at rest. Our approach ensures comprehensive protection across all accounts, assuring the confidentiality and integrity of your information.


Data Retention Policy: This document outlines our practices regarding the storage and deletion of data. It provides detailed information about how we manage data throughout its lifecycle, ensuring that it is retained only for as long as necessary.


IT Security Policy: Our IT Security Policy is designed to safeguard sensitive information and ensure the integrity, confidentiality, and availability of data. It encompasses measures related to network security, access controls, encryption, and more.


Privacy Policy: This policy provides a comprehensive overview of how we collect, use, disclose, and protect personal information. It also outlines individuals' rights and our commitment to compliance with relevant data protection laws.

Is there a privacy statement?

Yes, we maintain a comprehensive privacy policy that articulates our commitment to protecting personal information. You can access our privacy policy here for detailed insights into our practices and principles.

Is there a Data Processing Agreement (DPA)?

Certainly, our Data Protection Policy, which includes the Data Processing Agreement (DPA), outlines our protocols for handling and processing data securely. You can review our Data Protection Policy here for further details.

Is there a Data Protection Officer (DPO)?

Within our Data Protection Policy, we designate responsibilities and outline the role of our Data Protection Officer (DPO). For specifics regarding the DPO and our commitment to data protection, please refer to our Data Protection Policy available here.



Last updated: March 2024