Security

Your data, protected.

Data sovereignty

Your data stays in your region. Period.

We host data locally wherever we operate. Your constituents’ information doesn’t leave your jurisdiction without consent.

This isn’t just a preference. For political organizations, it’s often a legal requirement. We build it into the infrastructure.

Infrastructure

Hosting

We use enterprise-grade cloud infrastructure with data centers in each country we operate. All data is encrypted at rest and in transit.

Backups

Automated daily backups, stored in the same country as your data. Point-in-time recovery available.

Uptime

99.9% uptime SLA. Status page available at status.gov.vote.

Application security

Authentication

  • Strong password requirements
  • Two-factor authentication available
  • Session management and automatic timeouts
  • SSO integration for enterprise customers

Access control

  • Role-based permissions
  • Audit logs for sensitive actions
  • IP allowlisting available for enterprise

API security

  • OAuth 2.0 authentication
  • Rate limiting
  • Scoped access tokens

Compliance

Privacy regulations

  • GDPR — Data export, deletion, and consent tracking
  • CCPA — California consumer privacy rights supported
  • Local compliance — We comply with privacy laws in every region we operate

Election law

  • Contribution limit enforcement
  • Disclosure requirement support
  • Audit trails for regulatory reporting

Payment security

  • PCI DSS compliant payment processing via Stripe
  • No credit card data stored on our servers

Vulnerability management

Regular testing

  • Automated security scanning
  • Periodic penetration testing
  • Dependency monitoring for known vulnerabilities

Responsible disclosure

Found a security issue? Email security@gov.vote. We respond within 24 hours and don’t pursue legal action against good-faith reporters.

Your responsibilities

Security is shared. We protect the platform; you protect your account:

  • Use strong, unique passwords
  • Enable two-factor authentication
  • Review team member access regularly
  • Don’t share login credentials

Questions

Contact security@gov.vote for security-related inquiries or to request our security documentation.