Please read this Policy carefully as it contains important information on who we are, how and why we collect, store, use and share personal data, your rights in relation to your personal data, how to contact us and supervisory authorities in the event that you would like to report a concern about the way in which we process your data.
Credly collects Personal Data when you choose to submit it through e-mail, an online form, or other method. We also collect information through cookies (see “Credly Use of ‘Cookies’”).
Credly also maintains a log of certain information concerning visitors to our websites, including but not limited to, internet protocol (“IP”) address (a computer's numerical Internet address), third party websites from which visitors access our website, type of web browsers used, and pages viewed. Such information may include Personal Data.
Who are we?
Credly is a Delaware corporation with offices in New York City. Our registered address is 368 9th Avenue, 6th Floor, New York, NY 10001.
The Credly Service is an internet-based, hosted platform designed to enable subscribers to the Service (“Issuers”) to issue digital badges and credentials (“Credentials”) to individuals who meet prescribed requirements (“Earners”), and for those Earners to display the Credentials online on the Service or on third party sites, as elected by Earners.
We may provide your information to trusted partners who work on behalf of, or with, Credly under confidentiality agreements to help Credly provide the Service. They may also assist Credly in communicating with you about the Service and about offers from Credly and our partners, where you have provided us consent to do so.
For the purposes of the GDPR, Credly is the ‘processor’ of certain types of Personally Identifiable Data provided by Issuers and the ‘controller’ of other types of Personally Identifiable Data provided directly to us by Earners. Credly offers a Data Protection Addendum (DPA) for qualifying organizations, which you can find online at https://info.credly.com/data-processing-addendum.
You may contact our Primary Point of Contact for data privacy and security with any questions, comments or concerns about this policy by sending an email to firstname.lastname@example.org.
What personal data do we collect?
We may collect and process the following personal data:
Information you provide to us
To register for or use the Service, you will be prompted to give us certain required information about yourself, such as your name and email address. When you configure your account settings, you may enter additional, optional information about yourself. You may, at times, also send us an e-mail which may contain not only your e-mail address, but other information about you, including home or business addresses, telephone numbers, or account details. The information you give us may also include statements you make on the Service such as testimonials, services reviews, or other statements that may identify you personally.
When an Issuer issues you a Credential, we will provide you with a user ID (the e-mail address provided by the Issuer) and account activation e-mail for you to access the Service and create a user “profile” for use as described below. Alternatively, you may directly create an account on the Service by entering your email address, name, and country. When you first sign onto the Service, you will be presented with your profile, which contains the information supplied to us by you or the Issuer. In addition to the information required to establish your account, including your name, email, password and country, you may provide some or all of the following information, including but not limited to, a photograph of yourself, a short biographical blurb, your state/province, your city, your zip code, your current employer, your current job title, your birth year, and your website URL. You will be able to update or correct any of the contact information in your profile at any time. You may receive certain e-mails relating to your use of the Service. If you receive another Credential from other Issuers, your user ID will be authorized to access the Service, and your contact information will be added to the participant list for that Issuer.
If you have consented or opted in to receiving news and updates from Credly on professional growth or further education opportunities, you have the right at any time to prevent us from further contacting you by following the unsubscribe or opt-out instructions included in the relevant email or through the privacy tools provided to you through the Service.
We may use your Personal Data to contact you regarding your use of the Service, for customer support purposes, and to inform you of updates, modifications and other matters relating to the Service, and information about others services that we offer in accordance with your subscription preferences. You may decline to receive mail or e-mail from us that does not relate directly to your access to or use of the Service by selecting the opt-out link contained in any such e-mail or by contacting us at email@example.com.
You may request that Credly provide third-parties access to your publicly accessible personal information. Credly will not provide your personal information to a third-party without your consent.
Information we collect about you
Credly also will maintain a history of your access to the Service, and certain actions taken by you while accessing the Service, a log of users' IP addresses, the third-party Website from which users access the Service, the type of web browsers used to access the Service and the browser's settings that may affect Service performance (collectively,“Usage Log Information”). For purposes of maintaining and enhancing Service performance and security, Credly may use Usage Log Information, information about your browser, and other local computer settings. We also may use Usage Log Information to tailor our communications to you about the Service, and contact you in relation to providing support. We also may aggregate Usage Log Information to create or publish statistical analyses and reports about Service usage. We will not authorize the publication of Personal Information about any user without the prior written consent of such person.
Information we receive from issuers
Issuers provide Personal Information to us, including first name, last name, email address, and Credential. The use of information collected from Issuers shall be limited to the purpose of providing the service for which these Organizations have engaged Credly.
Credly collects information directly from the Issuer or directly from the Earner. If you would no longer like to be contacted by one of the Issuers that use our service, please contact the Issuer that you interact with directly.
An individual who seeks access, or who seeks to correct or amend inaccurate Credentials should direct their query to the Issuer. We retain Personal Information we process on behalf of the Issuers for as long as needed to provide services to the Issuers and the Earners and in compliance with all applicable personal information retention laws. Individual Credentials and an Earner’s entire account may be deleted by the Earner at any time directly through the Service. Credly will retain this Personal Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.
We may statistically aggregate in non-person-specific form information collected to improve our websites, our quality controls, operations management, security processes, future marketing and promotional efforts, and the overall Service in attempt to better understand our users’ interests and preferences. In some cases, we may transfer this information to our third-party service providers. By using this Site, you consent to this non-personally identifiable data aggregation and the use and transmission of this aggregated statistical data as outlined above.
How do we use your personal data?
Additional uses of service information
In addition to the uses described above of the information received in connection with your use of the Service, Credly uses and, where specified, shares your information:
- To display Credentials. Credly may use your information to display Credentials that you receive through the Service or through Third-Party Services on the Credly website or on third party websites or applications that you choose to share your personal information to.
- To provide support or other services that you have requested, and to respond to your inquiries.
- To engage in transactions with you, including contacting you about your account or transactions.
- To notify you of relevant opportunities such as new product releases and service developments, related facts or programming that may be relevant to you.
- To improve quality and facilitate use of the Service.
- To comply with legal requirements. In addition, we may also disclose information about you as required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is reasonably necessary to enforce our rights or protect our operations or users or others investigate fraud, or in response to legal processes or governmental investigations in accordance with our internal policy on access by governmental authorities, or under exigent circumstances in response to a perceived significant threat to a person's health or property.
The Service allows you to customize the information about yourself that is made accessible to others. When you establish an account, the Service applies default settings. Default settings also apply to new features introduced on the Service. Credentials issued to you will default to the “public” setting. You may activate a “private” setting such that the Credential will no longer be publicly accessed at any time, on a Credential-by-Credential basis. Until you terminate your use of the Service, the fact that you are a user, as indicated by the public display of your full name and avatar, is available to others on the Service. Review your privacy settings regularly to ensure that they match your preferences.
We protect the security of your information during transmission by using Transport Layer Security (TLS) and Secure Sockets Layer (SSL) software or other encryption technology, which encrypts information you input. Wherever appropriate, we obfuscate and/or encrypt information in our systems and/or during information transfer. Credly regularly reviews the cryptographic protocols it uses to protect the privacy and security of your Personal Information.
Because of the nature of internet and for other reasons, we cannot guarantee the security of your Personal Information, so you should take precautions to protect it when you are on the internet, such as changing passwords often, using a combination of letters and numbers when creating passwords, using a secure browser and being sure to log off the Service when finished using a shared computer.
How long will you keep your personal data?
Access, Retention and Deletion
Upon request Credly will provide you with information about whether we hold any of your personal information. You may access, correct, or request deletion of your personal information by logging into your account or contacting us at firstname.lastname@example.org. We will respond to your request within a reasonable timeframe.
Viewing of Data for Support
For the purpose of providing the Service and associated support including answering any questions you may have, Credly may view and process your Personal Information from nations outside the EEA that are deemed by the EU to have non-adequate data protection laws, including the United States.
Where do we store your personal data and how is it protected?
We take reasonable steps to protect your personal data from loss or destruction.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our site; any transmission is at your own risk. Once we have received your personal data, we will use procedures and security features consistent with industry practices to try to prevent unauthorized access.
Credly will process your personal information pursuant to all applicable privacy and security laws and regulations. Credly also believes that all data subjects have the following rights, including any additional rights granted by applicable legislation:
- Right to Access: Learn whether we are processing your Personal Information and, if so, to gain access to it and certain information about it. You may also submit a request once per year for certain data regarding Credly’s disclosure, if any, of Personal Information to third parties for the third parties’ direct marketing. If applicable, we will provide you a list of the categories of Personal Information disclosed to third parties for their direct marketing during the immediately preceding calendar year, along with the third parties' names and addresses.
- Right to Rectification: Have inaccurate Personal Information corrected or removed, and have incomplete Personal Information completed.
Right to Erasure:
Have your Personal Information erased when:
- It is no longer necessary for the purposes collected;
- You withdraw consent to process it;
- We have processed it unlawfully; or
- EU or Member State law to which we are subject requires erasure.
Right to Restrict Processing:
Restrict our processing of your Personal Information when:
- You contest its accuracy (for a period necessary to verify it);
- The processing is unlawful and you prefer restriction of use to erasure; or
- We no longer need the data, but you need it in connection with legal claims.
- Right to Data Portability: Obtain in usable form the Personal Information you gave us and, if technically feasible, require its transmittal directly to another controller that you designate.
- Right to Object: In certain circumstances, you have the right to object to the processing of your Personal Information. If you would like to object to the processing of your Personal Information, please contact us using the contact details provided below.
Right to Opt Out: You have the right to unsubscribe to opt out of receiving any marketing notifications from Credly. If the GDPR is applicable to you, you also have the right to lodge a complaint with an EU member state data protection supervisory authority.
Credly conducts cross-border transfers of personal information from the Europen Union to the United States via the Standard Contractual Clauses, which are available online at https://info.credly.com/data-processing-addendum .
You will be notified via email or a prominent notice on our website, of any change in ownership, uses of your personal information, and choices you may have regarding your personal information. You have the right to request that your Personal Information be removed from our records at any time.
To support delivery of our Services, we may engage and use data processors with access to certain personally identifiable data of Earners (each, a "Subprocessor"). Credly maintains and updates a list of approved Subprocessors at www.credly.com/subprocessors.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at feedback.