Security policy

Our priority is securing your intellectual property and sensitive information. View and download an overview of our security policy here.

SOC 2 Type 2

Chromatic is SOC 2 compliant. This rigorous, independent assessment of our internal security controls serves as validation of our dedication to the highest standards for security, availability, and confidentiality.

Download Chromatic’s SOC 2 report now »

Responsible disclosure

Our team is vigilant about adhering to security best practices. But we’re not so naive to believe that we’re perfect. Security is a priority – we’ll act quickly to address verifiable security issues.

Please report security issues to Include your name, vulnerability description, and steps to reproduce.

You can download and read our full responsible disclosure policy from our security center.


Chromatic is grateful to the following individuals for responsibly disclosing security issues, allowing us to make Chromatic safer for everyone.