🛡️Security & Compliance

GDPR Compliance

Civic's GDPR compliance is outlined in our Privacy Policy, which provides detailed information on how we collect, use, and protect personal data:

• Data Minimization: We only collect and process personal data that is necessary for the provision of our services.

• Data Protection by Design and Default: We have implemented technical and organizational measures to ensure that personal data is protected by design and default.

• Data Subject Rights: We respect the rights of our users, including the right to access, rectify, erase, restrict processing, object to processing, and data portability.

• Data Breach Notification: We have procedures in place to detect and respond to data breaches, and we will notify affected users and relevant authorities in the event of a breach.

Data Storage Policy

Our Data Storage Policy outlines how we store and protect personal data. We use secure data centers and implement robust security measures to prevent unauthorized access, disclosure, alteration, or destruction of personal data.

W3C/DID Compatibility

Civic's decentralized identity solution is built on the W3C Decentralized Identifier (DID) standard, which provides a secure and interoperable way to manage digital identities. Our compatibility with the W3C/DID standard ensures that our users' identities are portable and can be used across different platforms and services.

The W3C/DID standard provides a framework for creating, managing, and using decentralized identifiers designed to be secure, private, and resistant to tampering. By leveraging this standard, we can ensure that our users' identities are protected and can be used in various contexts, including authentication, authorization, and data sharing.