Privacy Policy

Version 2.2
Updated November 2022

Introduction

Credly, its Affiliates, and its agents (“Credly”) are committed to data security and the fair and transparent processing of personal data. This privacy policy describes how Credly treats the information you provide to us or that we otherwise collect. This Privacy Policy also describes your choices regarding use, access and correction of your personal information. “You” refers to the person or entity using the Service. The “Service” is the digital credentialing and certification functionality, associated insights and connection to relevant career, education and training opportunities provided through any website or application offered by Credly. “Personal Data” includes the data we collect directly from you as well as Personal Data from Issuers (defined below) and Third-Party Services (defined below). This Privacy Policy sets out how we will treat the personal data which you provide to us in compliance with Applicable Data Protection Laws. We will not share your Personal Data except on a need-to-know basis with other companies under common ownership or control with Credly ("Affiliates"), our attorneys, auditors, consultants, and service providers who are under confidentiality obligations at least as restrictive as those contained herein. Credly owns and operates Credly.com and YourAcclaim.com. This Policy, together with our website terms of use and any other documents referred to in them, sets out the basis on which Credly processes Personal Data.

Please read this Policy carefully as it contains important information on who we are, how and why we collect, store, use and share personal data, your rights in relation to your personal data, how to contact us and supervisory authorities in the event that you would like to report a concern about the way in which we process your data.

This Privacy Policy describes our broadest potential use of your Personal Data, although we may actually make far less use. The basis for our processing of your Personal Data is your informed consent. No law requires you to provide us with your Personal Data. You may withdraw your consent for us to process your Personal Data at any time, but that may preclude you thereafter from using the Website and the Service. We will delete your Personal Data following the withdrawal of your consent, however, such withdrawal will not affect the lawfulness of processing prior to withdrawal.

Credly collects Personal Data when you choose to submit it through e-mail, an online form, or other method. We also collect information through cookies (see “
Credly Use of ‘Cookies”).

Credly also maintains a log of certain information concerning visitors to our websites, including but not limited to, internet protocol (“IP”) address (a computer's numerical Internet address), third party websites from which visitors access our website, type of web browsers used, and pages viewed. Such information may include Personal Data.

By your use of the Service you consent to our use and disclosure of your Personal Data in accordance with this Privacy Policy.

TRUSTe

Who are we?

Credly is a Delaware corporation with offices in New York City. Credly is a wholly-owned subsidiary of NCS Pearson, Inc.

The Credly Service is an internet-based, hosted platform designed to enable subscribers to the Service (“Issuers”) to issue digital badges and credentials (“Credentials”) to individuals who meet prescribed requirements (“Earners”), and for those Earners to display the Credentials online on the Service or on third party sites, as elected by Earners.

We may provide your information to trusted partners who work on behalf of, or with, Credly under confidentiality agreements to help Credly provide the Service. They may also assist Credly in communicating with you about the Service and about offers from Credly and our partners, where you have provided us consent to do so.

For the purposes of the GDPR, Credly is the ‘processor’ of certain types of Personally Identifiable Data provided by Issuers and the ‘controller’ of other types of Personally Identifiable Data provided directly to us by Earners. Credly offers a Data Protection Addendum (DPA) for qualifying organizations, which you can find online at https://info.credly.com/data-processing-addendum.

You may contact our Primary Point of Contact for data privacy and security with any questions, comments or concerns about this policy by sending an email to privacy@credly.com.


What personal data do we collect?

We may collect and process the following personal data:

INFORMATION YOU PROVIDE TO US

To register for or use the Service, you will be prompted to give us certain required information about yourself, such as your name and email address. When you configure your account settings, you may enter additional, optional information about yourself. You may, at times, also send us an e-mail which may contain not only your e-mail address, but other information about you, including home or business addresses, telephone numbers, or account details. The information you give us may also include statements you make on the Service such as testimonials, services reviews, or other statements that may identify you personally.

When an Issuer issues you a Credential, we will provide you with a user ID (the e-mail address provided by the Issuer) and account activation e-mail for you to access the Service and create a user “profile” for use as described below. Alternatively, you may directly create an account on the Service by entering your email address, name, and country. When you first sign onto the Service, you will be presented with your profile, which contains the information supplied to us by you or the Issuer. In addition to the information required to establish your account, including your name, email, password and country, you may provide some or all of the following information, including but not limited to, a photograph of yourself, a short biographical blurb, your state/province, your city, your zip code, your current employer, your current job title, your birth year, and your website URL. You will be able to update or correct any of the contact information in your profile at any time. You may receive certain e-mails relating to your use of the Service. If you receive another Credential from other Issuers, your user ID will be authorized to access the Service, and your contact information will be added to the participant list for that Issuer.

If you have consented or opted in to receiving news and updates from Credly on professional growth or further education opportunities, you have the right at any time to prevent us from further contacting you by following the unsubscribe or opt-out instructions included in the relevant email or through the privacy tools provided to you through the Service.

We may use your Personal Data to contact you regarding your use of the Service, for customer support purposes, and to inform you of updates, modifications and other matters relating to the Service, and information about others services that we offer in accordance with your subscription preferences. You may decline to receive mail or e-mail from us that does not relate directly to your access to or use of the Service by selecting the opt-out link contained in any such e-mail or by contacting us at privacy@credly.com.

You may request that Credly provide third-parties access to your publicly accessible personal information. Credly will not provide your personal information to a third-party without your consent.

INFORMATION WE COLLECT ABOUT YOU

Credly also will maintain a history of your access to the Service, and certain actions taken by you while accessing the Service, a log of users' IP addresses, the third-party Website from which users access the Service, the type of web browsers used to access the Service and the browser's settings that may affect Service performance (collectively, “Usage Log Information”). For purposes of maintaining and enhancing Service performance and security, Credly may use Usage Log Information, information about your browser, and other local computer settings. We also may use Usage Log Information to tailor our communications to you about the Service, and contact you in relation to providing support. We also may aggregate Usage Log Information to create or publish statistical analyses and reports about Service usage. We will not authorize the publication of Personal Information about any user without the prior written consent of such person.

INFORMATION WE RECEIVE FROM ISSUERS

Issuers provide Personal Information to us, including first name, last name, email address, and Credential. The use of information collected from Issuers shall be limited to the purpose of providing the service for which these Organizations have engaged Credly.

Credly collects information directly from the Issuer or directly from the Earner. If you would no longer like to be contacted by one of the Issuers that use our service, please contact the Issuer that you interact with directly.

An individual who seeks access, or who seeks to correct or amend inaccurate Credentials should direct their query to the Issuer. We retain Personal Information we process on behalf of the Issuers for as long as needed to provide services to the Issuers and the Earners and in compliance with all applicable personal information retention laws. Individual Credentials and an Earner’s entire account may be deleted by the Earner at any time directly through the Service. Credly will retain this Personal Information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

NON-PERSONAL INFORMATION

We may statistically aggregate in non-person-specific form information collected to improve our websites, our quality controls, operations management, security processes, future marketing and promotional efforts, and the overall Service in attempt to better understand our users’ interests and preferences. In some cases, we may transfer this information to our third-party service providers. By using this Site, you consent to this non-personally identifiable data aggregation and the use and transmission of this aggregated statistical data as outlined above.

How do we use your personal data?

ADDITIONAL USES OF SERVICE INFORMATION

In addition to the uses described above of the information received in connection with your use of the Service, Credly uses and, where specified, shares your information:

o   To display Credentials. Credly may use your information to display Credentials that you receive through the Service or through Third-Party Services on the Credly website or on third party websites or applications that you choose to share your personal information to.

o   To provide support or other services that you have requested, and to respond to your inquiries.

o   To engage in transactions with you, including contacting you about your account or transactions.

o   To notify you of relevant opportunities such as new product releases and service developments, related facts or programming that may be relevant to you.

o   To improve quality and facilitate use of the Service.

o   To operate the Service through the assistance of third parties. Credly may use services from third-party service providers, such as hosting services and software developers, in support of its operation of the Service. When doing so, we will take steps to ensure that such service providers implement appropriate privacy and security measures consistent with this Privacy Policy to safeguard against the unauthorized use or disclosure of your information. These companies are authorized to use your personal information only as necessary to provide these services to us.

o   To comply with legal requirements. In addition, we may also disclose information about you as required by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is reasonably necessary to enforce our rights or protect our operations or users or others investigate fraud, or in response to legal processes or governmental investigations in accordance with our internal policy on access by governmental authorities, or under exigent circumstances in response to a perceived significant threat to a person's health or property.

Privacy Preferences

The Service allows you to customize the information about yourself that is made accessible to others. When you establish an account, the Service applies default settings. Default settings also apply to new features introduced on the Service. Credentials issued to you will default to the “public” setting. You may activate a “private” setting such that the Credential will no longer be publicly accessed at any time, on a Credential-by-Credential basis. Until you terminate your use of the Service, the fact that you are a user, as indicated by the public display of your full name and avatar, is available to others on the Service. Review your privacy settings regularly to ensure that they match your preferences.

Security

Credly takes appropriate and reasonable precautions to implement appropriate administrative and technical procedures to protect the security of Personal Information provided or generated through the Service. We permit persons working for us to access and use your information only in a manner consistent with this Privacy Policy.


We protect the security of your information during transmission by using Transport Layer Security (TLS) and Secure Sockets Layer (SSL) software or other encryption technology, which encrypts information you input. Wherever appropriate, we obfuscate and/or encrypt information in our systems and/or during information transfer. Credly regularly reviews the cryptographic protocols it uses to protect the privacy and security of your Personal Information.

Because of the nature of internet and for other reasons, we cannot guarantee the security of your Personal Information, so you should take precautions to protect it when you are on the internet, such as changing passwords often, using a combination of letters and numbers when creating passwords, using a secure browser and being sure to log off the Service when finished using a shared computer.

Third-Party Sites

The Service may include hyperlinks to third-parties neither owned nor managed by us, and, as described above, you may use certain Third-Party Services in connection with the Credentials issued through the Service. Credly has no control over these Third-Party Services and your interactions with those third parties are subject to their privacy policies and terms of use.

How long will you keep your personal data?

ACCESS, RETENTION AND DELETION

Upon request Credly will provide you with information about whether we hold any of your personal information. You may access, correct, or request deletion of your personal information by logging into your account or contacting us at privacy@credly.com.  We will respond to your request within a reasonable timeframe.

Credly may retain your Personal Information for as long as your account is active and so long as retention is required or permitted in accordance with this Privacy Policy, or otherwise by law. When Credly deletes your Personal Information, Credly will do so in a manner designed to ensure that it cannot be reconstructed.

VIEWING OF DATA FOR SUPPORT

For the purpose of providing the Service and associated support including answering any questions you may have, Credly may view and process your Personal Information from nations outside the EEA that are deemed by the EU to have non-adequate data protection laws, including the United States.

WHERE DO WE STORE YOUR PERSONAL DATA AND HOW IS IT PROTECTED?

We take reasonable steps to protect your personal data from loss or destruction.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our site; any transmission is at your own risk. Once we have received your personal data, we will use procedures and security features consistent with industry practices to try to prevent unauthorized access.

Your Rights

Credly will process your personal information pursuant to all applicable privacy and security laws and regulations. Credly also believes that all data subjects have the following rights, including any additional rights granted by applicable legislation:

  • Right to Access: Learn whether we are processing your Personal Information and, if so, to gain access to it and certain information about it. You may also submit a request once per year for certain data regarding Credly’s disclosure, if any, of Personal Information to third parties for the third parties’ direct marketing. If applicable, we will provide you a list of the categories of Personal Information disclosed to third parties for their direct marketing during the immediately preceding calendar year, along with the third parties' names and addresses.
  • Right to Rectification: Have inaccurate Personal Information corrected or removed, and have incomplete Personal Information completed.

  • Right to Erasure: Have your Personal Information erased when:

    • It is no longer necessary for the purposes collected;
    • You withdraw consent to process it;
    • We have processed it unlawfully; or
    • EU or Member State law to which we are subject requires erasure.

       

  • Right to Restrict Processing: Restrict our processing of your Personal Information when:
    • You contest its accuracy (for a period necessary to verify it);The processing is unlawful or for an unauthorized purpose and you prefer restriction of use to erasure; or
    • We no longer need the data, but you need it in connection with legal claims.
  • Right to Data Portability: Obtain in usable form the Personal Information you gave us and, if technically feasible, require its transmittal directly to another controller that you designate.
  •  
  • Right to Object: In certain circumstances, you have the right to object to the processing of your Personal Information. If you would like to object to the processing of your Personal Information, please contact us using the contact details provided below.

 

Right to Opt Out: You have the right to unsubscribe to opt out of receiving any marketing notifications from Credly.
If the GDPR is applicable to you, you also have the right to lodge a complaint with an EU member state data protection supervisory authority.

To exercise these rights, you may communicate with our Primary Point of Contact for Privacy, using the contact information at the end of this Privacy Policy.

Credly conducts cross-border transfers of personal information from the European Union to the United States via the Standard Contractual Clauses, which are available online at https://info.credly.com/data-processing-addendum.

APEC Participation

The Credly privacy practices, described in this Privacy Policy, comply with the APEC Cross Border Privacy Rules System. The APEC CBPR system provides a framework for organizations to ensure protection of personal information transferred among participating APEC economies. More information about the APEC framework can be found here.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

Corporate Matters

Credly may provide our investors, partners, and others with aggregated information (i.e., information that does not identify users personally) concerning users of the Service. In addition, Credly may disclose your Personal Information to a successor or acquiring entity as part of a merger, acquisition, reorganization, or other transaction involving all or substantially all of Credly’s assets or shares, or the business to which the Service relates. If Credly were sold to or merged with another company, that company will agree to abide by the terms of this Privacy Policy.

You will be notified via email or a prominent notice on our website, of any change in ownership, uses of your personal information, and choices you may have regarding your personal information. You have the right to request that your Personal Information be removed from our records at any time.

Subprocessors

To support delivery of our Services, we may engage and use data processors with access to certain personally identifiable data of Earners (each, a "Subprocessor"). Credly maintains and updates a list of approved Subprocessors at www.credly.com/subprocessors.

Policy Updates

We may update this Privacy Policy from time to time, and the updated version will be effective upon posting as to our treatment of subsequently acquired Personal Information. If we make any material changes we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this website prior to the change becoming effective. Please check the revision date at the beginning of this Privacy Policy periodically to check for revisions. By continuing to use the Service, including the Website, after a revised version has been posted, you agree to be bound by the revised Privacy Policy as to subsequently acquired Personal Data. If you do not agree to the revised terms, then close your account.

If you have questions about this Privacy Policy and our information practices, please contact our Primary Point of Contact by e-mail at privacy@credly.com or at the following address: