The General Data Protection Regulation (GDPR) is a new European data protection law which replaces the existing EU data protection regime under Directive 95/46/EC. The GDPR sets out provisions intended to harmonize data protection laws throughout the EU by applying a single data protection law that is binding throughout all member states. The GDPR became effective on May 25, 2018.
The GDPR only applies to Circle customers based in an EU member state who purchased Circle Services marketed and sold in that EU member state. While the GDPR only applies in the EU, we are applying the same principles globally.
Here’s more information on how we approach this:
Greater Transparency. Much of the GDPR requirements focus on increasing transparency around a company’s data processing activities and ensuring data is processed and handled in a secure way. In order to ensure our customers understand what data we process, how we process it, and for what purposes we process data we have put this clearly in our Privacy Statement. We updated and expanded our “Privacy Highlights” section, added additional information about our practices, and made our Privacy Statement easier to understand.
Security. Another key focus of the GDPR is ensuring data is processed in a secure manner. We have evaluated all of our processing activities to ensure we are appropriately mitigating risks to personal information by implementing technical and organizational security measures. Activities that process sensitive information, such as Genetic Information, may be innately riskier and therefore require greater security. Thus, we have taken measures to have our security systems externally tested by an ISO certified third party. Our data transfer is fully encrypted to guard against data security attacks. We adhere to international standards on data security (ISO 27001) and continuously review and update our security controls and standards.
Delete: We’ve also streamlined our account deletion process. You can delete your account and data at anytime by emailing us at firstname.lastname@example.org.