Campaign Insights

Security & Data Handling

Plain-language answers to the security questions a campaign manager or candidate will ask before trusting us with voter data.

Last updated: June 1, 2026

Fieldcraft handles sensitive information: voter lists, canvass results, volunteer details, and donor records. We treat protecting that data as a core feature, not an afterthought. This page explains how, in language you can share with your team.

Each campaign is isolated

Every campaign runs in its own dedicated database and application environment. Your data is not mixed into a shared, multi-tenant database with other campaigns. One campaign cannot see or reach another campaign's data — the separation is structural, not just a setting.

Strong sign-in

  • Multi-factor authentication (2FA) is required for campaign managers and staff, so a stolen password alone is not enough to get in.
  • Role-based access means people only see what their job requires. Volunteers can canvass and phone bank, but cannot reach the campaign dashboard or export the full voter file.
  • Sign-in is protected against common attacks, with minimum password standards and protection against known leaked passwords.

Data is encrypted

Information is encrypted in transit (the connection between your device and Fieldcraft) and at rest (when stored on our providers' infrastructure). Sensitive credentials are never stored in plain text.

Backups and recovery

Campaign databases are backed up automatically and can be restored if something fails.

If something goes wrong

Administrative actions, and searches and exports of voter data, are recorded in a tamper-resistant, append-only audit log that administrators can review — so a security incident can be investigated and reconstructed. If we become aware of an incident affecting your data, we will notify you and give you the information you need to meet your own obligations under PIPEDA's breach-notification requirements.

Built to support compliance

The donations module is designed to help your campaign comply with Ontario Municipal Elections Act rules — contribution limits, cash limits, the prohibition on anonymous contributions, and record retention. Final compliance responsibility rests with the campaign. We handle personal information in accordance with our Privacy Policy and PIPEDA.

Questions or disclosure

If you have a security question, or believe you've found a vulnerability, please . We appreciate responsible disclosure and will respond promptly.