The General Data Protection Regulation (GDPR) takes effect from 25 May 2018. The GDPR is a standardized user data protection framework which operates across Europe and imposes obligations on organizations, like Canva, that handle the personal data of people in the European Economic Area.
This page briefly explains what Canva is doing to work towards GDPR compliance.
Second, we recognize that it’s important for you to control your information so we are investing in features that will help you to easily manage and access some of your information within Canva. We will provide more information on these features as they become available.
Third, since we use some third-party suppliers (e.g. Amazon Web Services) to make Canva available, we are reviewing and negotiating these contracts with a view to ensuring that they comply with applicable laws, including GDPR. Where amendments to these agreements are required we are entering into Data Processing Agreements with our suppliers.
Fourth, we recognize that protection of your data involves us so we are improving our internal controls around employee access to data and data security incidents.
None of these steps are likely to impact the way you use Canva day to day – you and all our many users will remain free to design anything and publish anywhere!
For support on anything related to GDPR, including how to access, inspect, update and remove your personal information with respect to Canva, please email us at [email protected].