Security and Privacy

Circula is being developed with a strong focus on user security, responsible data use, and transparent handling of personal information. Although the platform is still in its early stages, its foundations are built on technologies known for their reliability and safety.

Circula uses Firebase for its internal data infrastructure, providing secure account management and real-time data handling. Blood inventory records and related updates are also written to the Solana blockchain, where transactions are permanently recorded for traceability and accountability across the network.

User accounts will be protected by two-factor authentication (2FA) as a baseline requirement. This adds an important layer of security to prevent unauthorised access and protect sensitive information.

To support real-time blood coordination, Circula may request access to user location, usage patterns, or app tracking data. These permissions will always be requested with clear consent, and users can choose to opt in or out.

However, for those who register as donors, providing access to certain data such as location, availability, and past donations will be required. This allows Circula to ensure donors can be verified, matched, and contacted quickly during emergencies.

Circula will not sell or share personal data for advertising or third-party marketing purposes. All data will be used strictly to support the platform’s operational goals, including fulfilling medical requests, improving service quality, and ensuring reliable coordination between patients, donors, and institutions.

As development progresses, Circula will continue to strengthen its security model and introduce features such as data deletion, encryption, and compliance with national and international data protection laws. These policies will be formalised as the platform moves toward full deployment.