The General Data Protection Regulation (GDPR) represents a major development in the evolution of data privacy and highlights its growing importance to both people and businesses. We consider the privacy of our partners, customers, and users to be critical and will continue to embrace new developments in the field
What is GDPR?
The General Data Protection Regulation (2016/679) is a law designed to enhance data protection for EU residents and provide a consolidated framework to guide business usage of personal data across the EU, replacing the patchwork of existing regulations and frameworks. GDPR replaces the 20 year old EU Data Protection Directive (95/46/EC).
The GDPR applies to processing carried out by organizations operating within the EU. It also applies to organizations outside the EU that offer goods or services to individuals in the EU.
GDPR provides EU individuals with additional rights, including:
Right to Access - You have the right to know what data we hold and process about you at any time on request.
Right to Erasure (right to be forgotten) - You have the right to request the removal of all the data we hold about you. There are some circumstances where we cannot completely remove your data due to our financial regulatory obligations, however we will endeavor to remove as much of your personal information as practically possible. Right to Object - You have the right to revoke your consent and instruct us to stop processing of your personal data (e.g., direct marketing).
Does Uphold comply with GDPR?
Yes. We have reviewed our technical and organizational measures in accordance with the requirements of the GDPR. We have added amendments to our existing agreements to address GDPR data processing requirements. Uphold has additionally improved our internal policies and procedures to meet the GDPR compliance obligations.
You can learn more below and also in our updated privacy section.
What if I am not a European Citizen?
Our Privacy Policies and procedures have been updated for users worldwide. Therefore, all Uphold users, regardless of citizenship, will also have expanded personal data rights.
What if I am a business user or Uphold partner?
If you are a Partner using the Uphold API to send and receive Personal Data about or from your users, you must comply with GDPR regulations. If you are a Partner, please reach out to email@example.com with any questions.
I am under 18, can I still use Uphold?
Previously, Uphold users needed to be 13 years or older. GDPR stipulates that users 18 or younger must have parental consent. We have therefore decided to only offer Uphold verification to people 18 years and over worldwide.
If you are under 18, please contact firstname.lastname@example.org with any questions.
What is Personally Identifiable Information Data (PII)?
Personally identifiable information (PII) as it pertains to the GDPR is information relating to an identified or identifiable natural person (‘data subject’)
It is a broad term and includes a wide range of information including;
What personal information does Uphold collect, use, and share?
Does GDPR affect how Uphold communicates with me?
We sometimes send you new product information, updates, promotions, and industry news via email, these are considered marketing communications.
Uphold has adopted a global explicit consent methodology for the use of customer email and other personal information for marketing communications regardless of country of origin,
If you decline to opt-in for this, you can still use Uphold, however, you will no longer receive promotional information, which can include BETA invitations and other announcements and we can no longer use your personal data for any marketing efforts. Marketing preferences can be accessed through your account profile and can be updated at any time.
Can I close my account and delete my data?
Yes, you can close your Uphold account at any time. Prior to closing your account, you are required to withdraw all funds leaving a zero balance.
If you want to close your account, please contact our friendly support team at email@example.com.
Please note that, as a financial institution, we are required to maintain a record of your personal information/data for a legally required period of time, which can vary depending on your Country of residence. During this legally required window of time, your data will be securely held and only accessed if required for security or legal reasons. This means in some cases, especially if transactions have been conducted on your account, we can not delete your data right away. We will, however, delete any/all data after the legally required time has passed as per our standard company and regulatory data retention schedules, which in most cases is 7 years from when you cease to be our customer.
For account deletion requests where no transactions have been conducted on the account, please submit a data deletion request through our secure Data Subject Request Portal.
Can I request that all of my data be deleted or my right to be forgotten?
Yes. All data deletion requests are processed through our secure Data Subject Request Portal.
We will review your request and your account and advise if your request can be processed based upon the status of your account and whether or not any transactions have been processed.
Please note: Data deletion requests require that your account be closed and that all funds have been removed from your account. Additionally, as a financial institution, we are required to maintain a record of your personal information/data for a legally required period of time, which can vary depending on your Country of residence. During this legally required window of time, your data will be securely held and only accessed if required for security or legal reasons. This means in some cases, especially when transactions have been conducted on your account, we cannot delete your data right away. We will, however, delete any/all data after the legally required time has passed as per our standard company and regulatory data retention schedules, which in most cases is 7 years from when you cease to be our customer.
How do I get a copy of my Data?
You can request a copy of all the data that we have on file associated with your Uphold account activities, by submitting a request through our secure Data Subject Request Portal.
How to update my information?
If you believe that the Personal Information that we have on file is incorrect, it is possible to request that we update our records. If you want to change your information, please contact our friendly support team.