Binance, the world's largest cryptocurrency exchange, announced in a Feb. 2 post that its Data Protection team handled 22,000 privacy-related inquiries in 2023 and secured five privacy certifications. The company stated that the primary "mission" of the Data Protection team is to foster trust and confidence among its users.
The company clarified in the post that its Data Protection team consists of a Data Protection Office (DPO) and a Data Protection Counsel (DPC). Their responsibilities encompass maintaining regulatory compliance, formulating internal data governance policies, and managing data access. To mitigate the risk of data breaches, the team aims to collect and process only the essential amount of data. A member of the DPO team said in a statement shared in the post, "Our commitment to data privacy isn’t just a regulatory requirement but a strategic asset, supporting Binance’s mission of enhancing financial accessibility globally by building trust with our users and empowering them."
According to Binance, as an international exchange, it complies with data and privacy regulations across various jurisdictions. For instance, Binance mentioned in the post that it adheres to the rigorous requirements outlined in the European Union’s General Data Protection Regulation (GDPR). The company referred to GDPR as the "gold standard" in privacy regulations and asserted that complying with it ensures Binance users experience "the highest levels of data security and privacy."
In another post on its website, Binance elaborated on the certifications it received from a third-party auditor. The company stated it achieved ISO 27001 and ISO 27701 certifications for information security governance and privacy information management. These audits were conducted by A-LIGN, a global security and compliance partner utilized by thousands of companies worldwide to reduce cybersecurity risks. Jimmy Su, Chief Security Officer at Binance, said in a statement shared in the post, "Users on our platform can be assured that their assets and information are protected in line with the latest global standards. We have a team of highly experienced security professionals that are continuously improving, adapting, and innovating to ensure that Binance remains at the forefront of safeguarding the blockchain ecosystem."
According to another post, Binance also successfully completed the System and Organization Controls (SOC) 2 Type II compliance audit, which was conducted by A-LIGN. The company stated that this successful audit demonstrates its ongoing commitment to serving as an industry leader in security standards. During the audit, A-LIGN confirmed that Binance's systems protection and data security practices are "well-designed and appropriately implemented."
About a year ago, Binance also introduced a Proof of Reserves (PoR) verification system using zk-SNARK technology to enhance confidence in the digital asset industry, as reported by Austin Journal. Max Tang, director of finance at Edge & Node, told Austin Journal, "Because of the fallout of several well-known players in the space in 2022, centralized financial intermediaries need a way to provide assurance to external parties of their balance sheet strength and the existence of user funds on an account level. PoR is one of the ways to do that." He characterized PoR as "a significant step forward in terms of providing transparency to users, particularly with regard to the existence of user funds."