Lucidchart Privacy and Security

Lucidchart is dedicated to keeping your data private, secure, and safe. In order to protect your privacy, we fully and permanently anonymize your data and/or personally identifiable information (PII) when you tell us to. The following actions will automatically trigger anonymization:

  • An individual user permanently closes their account (PII and document anonymization)
  • An admin deletes a user from their account (PII anonymization)
  • A user or admin permanently deletes a folder or document (document anonymization)

Read the sections below to learn more about security in Lucidchart.

What is GDPR?
The GDPR is a set of regulations established by the EU that went into effect on May 25th, 2018. These regulations apply to any company that collects and processes data for individuals in the European Union and were created to strengthen and unify data protection for individuals in the EU. The regulations outline both individual rights in relation to data protection (e.g. the right to be informed, right of access, etc.) and accountability and governance standards for personal data. See the full GDPR guidelines here.

Is Lucidchart GDPR compliant?
Yes, Lucidchart is fully committed to GDPR compliance. Please see this page for more details.
What is CCPA?
CCPA refers to the California Consumer Privacy act, which is a data privacy law that will go into effect on January 1, 2020. See this CCPA fact sheet for more information.

Is Lucidchart CCPA compliant?
Lucidchart will be fully committed to CCPA compliance when the law goes into effect in on January 1, 2020.
If you have an individual Lucidchart account (professional, personal, or free), you can permanently close your account at any time to trigger the anonymization of your data and PII. Once your account is closed, we will no longer be able to retrieve the documents you have created and saved to our systems. Please download and save the documents you need prior to closing your account.

To close your account, follow these steps:
  1. Navigate to your Account Settings and click on the Close Account finger tab.
  2. If you have a subscription, click Cancel Your Subscription and follow the subsequent prompts to cancel. Note: Cancelling your subscription in and of itself will not trigger anonymization; the files will still be accessible through your free account.
  3. Click Close Account. Doing so will trigger the anonymization of all data and PII associated with the account.
Please note the following:
  • When you close your Lucidchart account, your Lucidpress account will also be closed if it is tied to the same email address.
  • You will not receive a confirmation email when your data has been removed.
  • If you only want to be removed from the marketing email list, please click on the unsubscribe link in one of the emails that you have received.
  • If you are a user on a Team or Enterprise account and would like to trigger anonymization for your PII, please contact your account admin so that they can remove you from the team.
As an admin of a Lucidchart Team or Enterprise account, you can delete individual users from your account at any time to trigger the anonymization of the user’s PII.

Closing your entire Lucidchart team or Enterprise account will also trigger the anonymization of all user PII from our system, as well as all documents (including custom shapes, shape libraries, and linked data) and folders associated with that account.
If I renew my subscription after temporarily closing my account, will my documents still be there?
If you cancel your subscription without closing your account, you will be downgraded to a free account and your files will remain in our system, fully accessible when you renew your subscription. However, if you cancel your subscription and permanently close your account, the data anonymization process will be triggered and it will no longer be possible to retrieve the files previously associated with your account.

What does PII refer to?
PII refers to personally identifiable information, such as name and email address.

Where does Lucidchart host customer content and information?
Lucidchart is hosted by Amazon Web Services (AWS), the industry’s leading provider of secure computing infrastructure.

How does Lucidchart encrypt data?
All data is transferred between user devices and Lucidchart servers using up to 256-bit encryption via TLS 1.2 and a world-class certificate provider.

Further Resources:
How to Remove Your Personal Data from Lucidchart
Lucidchart Security
Lucidchart GDPR Compliance
Lucidchart Security Whitepaper