Product Pricing Request a demo
Cardify Logo

Ultimate data security

Our product is not only a solution for sharing information quickly - it's also trusted by our customers because it gives them unrivalled ways to share and store their data. Check out our security, reliability and compliance policies to see for yourself.

Platform security & data management

Encryption of data in transit

To protect from attacks, eavesdropping and session hijacking, we encrypt all data in transit using Hypertext Transfer Protocol Secure (HTTPS) and enforces HTTP Strict Transport Security (HSTS).

Always confidential

All data is treated as highly confidential. Our proprietary, industry best-practice methods keep data safe from unauthorized users, even those within your organization.

Physical security controls

Perimeter defense and high-end firewall systems are all monitored 24/7 by dedicated security professionals. Quick failover points, redundant hardware, and nightly encrypted backups mean your data is save.

Fast and secure.
Our customers understand why.

Best-in-class data storage

Belgian data Center

Your data is stored securely in Belgium's best data Center: Interxion, a premium data Center in Brussels, protected against spies (unlike American servers, due to the Patriot Act).

Always backed up

Every day, we make a full backup of our servers. Every 15 minutes we take a snapshot. This way, in the event of problems, you have the latest version of your data.

High availability thanks to redundancy

Every link in our server is fully redundant. This is how we can guarantee 99.999% uptime. In the event of a hardware failure, we automatically switch to another node

Class A multi data center

A most secure location for the hosted data of your organization. A highly protected, well-equipped facility, housing thousands of machines, taken care of by experts with years of experience. Now multiply by two. Our provider has not one, but two data centers that function as a single logical network. Doubled guarantee of high availability. This provides more than enough resources and a redundant connection to route traffic. The server premises are perfectly equipped according to the highest standards to ensure uninterrupted performance, connectivity and hardware perseverance.

General Data Protection Regulation

Cardify enables its customers to be GDPR compliant. Briefly stated, that means Cardify will:

Data Policy Agreement

Article 28, Section 3 of the GDPR requires there to be a contract between the controller and the data processor. Since day one, Cardify laid down in its Terms and Conditions the essential legal requirements and obligations relating to data ownership, processing behaviour, data protection, notification of breaches, and much more.

Key principles of GDPR and responsible parties

Both Cardify and its customers (controllers) are separately and jointly liable for actions or inactions that do not comply with GDPR. Thus, the GDPR requires a shared responsibility to protect an individual's right to privacy. The table below summaries these responsibilities and is included for clarification only.

Legend: Ca = Cardify's responsibility; C = Customer's responsibility; S = Shared responsibility

Breach Notification Standards
Data security and processing standards
Individual "unambiguous" explicit consent before data collected
Individual withdraws consent; requests data deletion
Parental consent to collect info on children
Only transfer data to a country with adequate protection
Post public privacy notice
Follow requests from a DPA
Allow right to data modification and to be forgotten*
Provide data portability
Rights of notice, access, and objection
Clarifying role of controller and processor
Data breach notification
Collect data only for "specific, explicit and legitimate purposes"

Note: this is not an exhaustive list

* Cardify enables the customer to perform these functions. When a data controller cannot perform these functions due to insolvency or upon government request, Cardify will perform.

Server information sourced from - our hosting provider