Electoral registers, voting intentions and supporter records are some of the most sensitive data a campaign holds. Cadrify keeps that data in the EEA, encrypts it in storage and in transit, and scopes every record to a single organisation. Here is how that works, in plain terms.
Your register and door-knock data is stored in a PostgreSQL database in Frankfurt, Germany, on infrastructure run by Render. Data does not leave the European Economic Area at rest.
For British parties, unions and membership bodies, where records sit and who can reach them matters. Cadrify is built around data minimisation and purpose limitation, and every record is bound to a single organisation.
Every connection to Cadrify is encrypted, and stored data is encrypted at rest by the underlying infrastructure. Passwords are never stored in a readable form.
Your register and supporter data stays under lock and key. Cadrify lets you grant each person only the functionality and data their role calls for, so exposure stays limited and nothing is shared more widely than it needs to be.
A concise summary for security questionnaires. For the full policy, audit log requests and the Data Processing Agreement, see the links below or email security@cadrify.org.
EEAEEAZC158949.We say what is true today, not what sounds good. Cadrify is not certified as an organisation against ISO 27001 or SOC 2. Multi-factor authentication, single sign-on and external penetration testing are on our published roadmap. The security whitepaper sets out current controls and what is planned.
Your register and door-knock data is stored in a PostgreSQL database in Frankfurt, Germany, on infrastructure run by Render. Data does not leave the European Economic Area at rest.
Yes. Every connection uses TLS (HTTPS), with no unencrypted HTTP allowed, and stored data and backups are encrypted at rest by the underlying infrastructure. Passwords are never stored in a readable form.
No. Every record is bound to one organisation and queries are scoped so organisations cannot read each other's data. Within your organisation, each person sees only the functionality and data their role calls for.
Cadrify is not certified as an organisation against ISO 27001 or SOC 2. Our infrastructure providers maintain their own independent certifications. Multi-factor authentication, single sign-on and external penetration testing are on our published roadmap.
Yes. A Data Processing Agreement is available for your due diligence. You can read it online, or request it along with our security policy and whitepaper from security@cadrify.org.
Read the full policy and whitepaper, or book a demo to go through your due diligence.