ISO 27001 is the highest level of global information security assurance available today, and ensures that Credly meets stringent international standards.
ISO 9001 quality management certification validates that Credly operating practices in designing software meets the highest standards of excellence.
Credly establishes, implements, manages, and tests its business continuity plan and associated procedures consistent with the requirements of ISO 22301.
Credly is GDPR compliant and requires its subprocessors to comply with the terms of the GDPR. Credly maintains ongoing confidentiality, integrity, and resilience of our systems that process personal data of badge earners.
APEC Privacy Framework
Credly is certified to the APEC Privacy Framework, demonstrating that Credly’s privacy programs, policies, and practices meet the requirements for effective privacy protections in the Asia Pacific Economic Cooperation region.
Credly offers a FERPA-compliant solution that provides earners with complete control over the use of their information and access to adjust privacy settings on their credentials at any time.
Credly complies with COPPA by obtaining consent through K-12 institutional customers, honoring parental requests for data deletion, and implementing appropriate data privacy and security safeguards.
Credly regularly runs penetration testing and vulnerability scans of our codebase to analyze potential vulnerabilities and remediate them.
VPAT 508 Compliance
Credly is VPAT-Ready to ensure that everyone can be recognized for their achievements, including those with limited capacities to see, hear, or exercise muscular control. Download our VPAT.
Credly champions open standards and was the first organization to be certified to the Open Badge 2.0 Standard. Credly staff serve on the board of the 1EdTEch organization, which maintains the Open Badge Standard.
AWS Security Infrastructure
Credly’s physical infrastructure is hosted and managed by Amazon Web Services (AWS), which have achieved a wide variety of security certifications and commitments.
Credly regularly performs static and active scans of its codebase, analyzes for vulnerabilities during code review, and builds data integrity checks for both input and output into our software.