Security

1. Encryption

Charton uses HTTPS/TLS for data in transit. Sensitive platform data is stored using managed cloud services with security controls appropriate for the data type and environment.

2. Account and Access Controls

Users are responsible for maintaining strong account credentials and protecting access to their devices. Charton may use authentication controls, access restrictions, audit logs, and rate limits to help protect accounts and platform infrastructure.

3. Broker and API Credentials

Broker and API credentials are handled for the purpose of user-authorized connectivity and order transmission. Users remain responsible for permissions granted at the broker or exchange, including any withdrawal permissions, trading permissions, or account-level restrictions.

4. Operational Security

Charton monitors platform reliability and may investigate suspicious activity, abuse, incidents, or configuration issues. No internet-connected service can be guaranteed to be completely secure.

5. Responsible Disclosure

If you believe you have found a security issue, please contact security@charton.ai with a clear description, affected URLs, reproduction steps, and impact. Please do not access, modify, or delete data that does not belong to you.

6. Incident Contact

Security and abuse reports can be sent to security@charton.ai. General support questions should be sent to support@charton.ai.