Few things are more personal than our professional qualifications, and learning something, and then having verified proof of that knowledge or skill, can help people get jobs and promotions and improve their quality of life. When dealing with this type of data, GDPR compliance matters, and Credly considers the data security and privacy of both our credential issuers and our credential earners. That care extends to Credly’s suppliers, and we enter into agreements with our suppliers to ensure that every single organization that processes Personally Identifiable Information on Credly’s behalf (known as “subprocessors”) are also GDPR compliant.
As such, GDPR compliance is a shared responsibility between Credly, its clients and its suppliers: Credly complies with the GDPR by monitoring to maintain the ongoing confidentiality, integrity, availability, and resilience of our systems. Credly works to ensure we can restore data in a timely manner in the event of a physical or technical incident, and, we regularly test, assess and evaluate the effectiveness of our technical and organizational measures. Credly’s clients contribute to data security by establishing a lawful basis for their transfer of personal data to Credly, in some cases relying on consent from their credential earners by including a reference to their use of Credly in the terms that govern their program, and in others relying on serving the legitimate interests of their credentialing program and associated credential earners.
In short, we take your data, and the data of your badge earners, very seriously.