Lucid Keeps Your Data Safe: The Privacy Shield Framework | Lucidchart
Skip to main content

Here at Lucidchart, security for your data is our top priority, no matter where you live. That’s why we’ve made it a priority to become self-certified under the Privacy Shield Framework. As of October 12th, 2017, we officially met all of the requirements and became self-certified.

What is the Privacy Shield Framework?

The Privacy Shield Framework was created through a partnership between the U.S. Department of Commerce and the European Commission to ensure that EU citizens’ personal data is kept secure, specifically to meet European data protection principles. Chief among these principles are:

  • Notice to EU citizens about how their data is collected and used
  • The right for EU citizens to access and amend their data held by companies that have collected it
  • The right to have that information deleted
  • Certainty that this data is used only for the limited purpose for which it was originally collected

The U.S. government provides strong oversight for the framework, and the framework provides members of the European Union with multiple avenues for redress when it comes to a company’s Privacy Shield Framework compliance.

To get all the details on program oversight and the rights for individual users, check out this fact sheet.

What does it mean to be self-certified?

Companies apply for the Privacy Shield certification voluntarily, but once certification is complete, they are bound by U.S. law to adhere to the Privacy Shield Framework standards. Companies who self-certify under the Privacy Shield Framework provide transparency in their privacy policies on how they use personal information. As part of the self-certification process, companies describe the purposes for which the organization processes personal data and provide a means for dispute resolution should EU citizens have concerns about compliance.

What does this mean for Lucid?

As a result of Lucid’s successful application for self-certification, the U.S. Department of Commerce has examined Lucid’s privacy policy and the types of data we collect, and it has deemed that Lucid provides adequate privacy protection to allow for the transfer of personal data from the EU to the U.S. under the EU Data Protection Directive.

In short, we are doing what it takes to make sure that your data stays secure. To learn more about data security at Lucid, check out our data security page.