Security at Capmap

We take reasonable measures to protect the data associated with operating Capmap, including our platform directory and any information submitted via contact forms.

Last updated: March 2026
Infrastructure

Built on trusted infrastructure

Vercel hosting

Our application is hosted on Vercel with EU presence. Edge functions and static assets are served from locations closest to you.

Supabase database

Our database is hosted on Supabase Pro in EU West (Ireland). Data does not leave the EU for storage purposes.

Encryption in transit

All connections use TLS 1.2 or higher. Unencrypted connections are rejected.

Encryption at rest

All data is encrypted at rest using AES-256 encryption.

Data protection

How we protect your data

Row-level security

We use row-level security (RLS) to ensure that users can only access their own data. Every database query goes through our ORM with parameterised inputs, preventing SQL injection.

Access control

Direct database access is restricted to authorised personnel only. All access is logged and auditable.

Responsible disclosure

Report a vulnerability

If you discover a security vulnerability, please report it to security@capmap.eu with a clear description and steps to reproduce it.

We will acknowledge your report within 48 hours
We will investigate and work to resolve confirmed vulnerabilities promptly
We ask that you do not publicly disclose the vulnerability until we have addressed it
We will credit researchers who report valid vulnerabilities (unless you prefer anonymity)

Contact

Security questions: security@capmap.eu

General questions: hello@capmap.eu

Privacy PolicyData SourcesContact