TidyContact

With TidyContact, you only pay what you use and there are no long term commitments. We charge 1 cent for every U.S. lookups. There may also be a set up fee to hook your forms up to our service.

If TidyContact does not return a standardized address within 5 seconds, the originally submitted form data will get sent to your CRM. You can also monitor the status of TidyContact at any time.

TidyContact utilizes SSL and a variety of security measures to ensure that your data is safe and secure. In fact, we don’t retain any of the data we process. And we also save a copy of the original form submission in your CRM database so you have an audit trail.

Architecture in brief

• TidyContact is a small script on your fundraising pages, plus our validation service. The service runs on Cloudflare’s global edge. It inherits Cloudflare’s platform-level DDoS mitigation, edge filtering, and bot controls before any request reaches our application code. All validation happens in our service, and there are no credentials, API keys, or secrets of any kind in the code that runs on your pages.

Defense against unexpected volume lookups

• One lookup per form submission, not per keystroke. Unlike a type-ahead integration, the script validates an address once, at submit time. A real supporter generates at most one lookup per form.
• Only runs if the address changed. If a returning supporter arrives with a pre-filled address and submits without editing, no lookup is made.
• Lookups only fire when the supporter has provided a country, a street address, and either a city/state combination or a postal code. Junk or incomplete entries are filtered out before anything leaves the page.
• You can restrict lookups to specific countries (US-only by default) and specific page types. Anything outside those lists is dropped on the page and never reaches the service.
• The service caches validated addresses and returns cached results for repeat lookups rather than re-running validation. Replay-style abuse — the most common pattern — is absorbed by the cache and doesn’t count toward your billable volume.
• Every request is checked against the allowlist of registered CIDs and validated for well-formed fields, length limits, and valid ISO country codes. Malformed or unauthenticated requests are rejected before any lookup runs.
• Every lookup is logged with your Client ID, the originating page URL, a SHA-256 hash of the visitor IP, the country, and the full result. That lets us detect anomalous patterns per client and throttle or disable a CID at the service level immediately, without requiring a code change on your side.
• Our service pings our engineering team when error conditions fire, so operational issues are caught quickly.

Defense against bots

• The TidyContact script doesn’t add its own CAPTCHA; it runs inside your existing submission flow and relies on whatever bot protection you already have on the form — which is the right layer for it.
• A lookup only fires at submit time with a complete, valid-looking address in an allowed country, so crawlers and scrapers hitting the script URL can’t produce lookups on their own.
• A bot has to successfully drive a full submission to generate a single lookup, and when it does, the per-CID logging above makes the pattern detectable and blockable at the service layer.

Other security features

• Encrypted in transit. All traffic between the script and the service is HTTPS.
• IP addresses are hashed before storage. Visitor IPs are SHA-256 hashed before being written to our logs, preserving the ability to detect repeat offenders without retaining raw IPs.
• Each validation is stored with a SHA-256 checksum and a unique server-issued request ID, so every address recorded on an EN submission can be traced back to exactly what our service returned.
• We transmit and retain the address fields, the page URL, and the hashed IP — no additional personal data beyond what the supporter typed into the form.