Security

Last updated: 12 June 2026

Political data is sensitive. Cadrify is built around the assumption that the organisations using it hold electoral register data, voting intentions, and supporter contact details that must be protected carefully. This page explains, in plain terms, how we do that.

A full technical security whitepaper is available for procurement teams and IT reviewers who need deeper detail.

Where your data is stored

Your data is stored in a PostgreSQL database located in Frankfurt, Germany, within the European Economic Area. The platform is hosted by Render, an infrastructure provider whose data centre in Frankfurt is used for all Cadrify data storage. Data does not leave the EEA at rest.

For email delivery (password resets, invitations, notifications), we use Resend, which routes email through Dublin, Ireland, within the EEA. It does not handle electoral register data or door-knock records.

If your organisation chooses to connect an external CRM, an optional integration that is off by default and that you set up with your own account, Cadrify syncs supporter contact details to that system at your instruction. Electoral register and door-knock data are never sent to it. The providers, and links to their terms, are listed in our Data Processing Agreement and Privacy Policy.

Who can access your data

Cadrify uses a three-tier permission system:

Where technical support or incident response requires it, Cadrify may access your organisation’s data using a restricted set of platform accounts. Every such access is recorded automatically in an immutable audit log, capturing the account, action, organisation, and timestamp, that cannot be modified or deleted by the person carrying out the access.

How we protect your data

Encryption

All data transmitted between your browser and Cadrify is encrypted using TLS (HTTPS). We do not allow unencrypted HTTP connections. Data stored in the database is encrypted at rest by the underlying storage infrastructure.

Passwords

Passwords are never stored in plain text. They are hashed using scrypt, a memory-hard key derivation function designed to be computationally expensive to attack even if a database were ever compromised. The minimum password length is 12 characters.

Login protection

After 10 failed login attempts within a 30-minute window, an account is temporarily locked for 30 minutes. Login attempts are also rate-limited at the server level. Error messages are deliberately generic (“Invalid email or password”) so that attackers cannot determine whether an email address is registered.

Sessions

When you log in, Cadrify issues a cryptographically random session token (equivalent to 256 bits of entropy) that is stored as a secure, HttpOnly cookie. The token expires after 24 hours and is invalidated immediately on logout. If you change your password, all your existing sessions are invalidated.

Separation between organisations

Every piece of data in Cadrify, including electors, door-knock records, user accounts, and supporter lists, is bound to a single organisation. Database queries are scoped so that one organisation can never read or modify another’s data, regardless of what a user does in the browser.

Audit trail

Cadrify maintains a detailed audit log of security-relevant events, including:

Audit logs are stored in the database and cannot be modified by platform users. Organisation admins can request a copy of their audit log at any time by contacting privacy@cadrify.org.

Incident response

If we become aware of a security incident that affects your data, we will notify you promptly, and in any event within 72 hours where required by UK GDPR, with details of what happened, what data was involved, and what steps we have taken.

Reporting a security concern

If you have discovered a potential vulnerability or have a security concern about the platform, please contact us at security@cadrify.org. We ask that you give us reasonable time to investigate before disclosing publicly. We will acknowledge your report within 2 business days.

Continuous improvement

We treat security as an ongoing programme, not a fixed point. We continuously review our controls and maintain a published security roadmap that includes planned additions such as multi-factor authentication, organisation SSO, customer-facing audit log exports, external penetration testing, and additional transport security controls.

The full roadmap, current control details, and compliance mapping are available in the Security Whitepaper.

Further information

Procurement teams and IT reviewers can access the full Security Whitepaper for technical implementation detail, including cryptographic choices, access control mechanisms, and audit logging architecture.

For data protection and privacy questions see our Privacy Policy.