Securing the World's Most Trusted Digital Credential Network
Our policies and procedures operationalize our commitment to protect the security and privacy of our customers and their employees, members, learners, and users.
We invest in best practices and compliance with industry standards and proactively seek third-party audits that validate our investment in enterprise-level security and operations. Data security experts and auditors regularly scrutinize, test, and validate the security, privacy, and operational measures we implement and maintain.
All Credly employees are trained in data security and privacy principles. And, Credly maintains multiple ISO certifications, GDPR compliance, and other rigorous security protocols.
We invest in best practices and compliance with industry standards and proactively seek third-party audits that validate our investment in enterprise-level security and operations. Data security experts and auditors regularly scrutinize, test, and validate the security, privacy, and operational measures we implement and maintain.
All Credly employees are trained in data security and privacy principles. And, Credly maintains multiple ISO certifications, GDPR compliance, and other rigorous security protocols.
.png?width=627&height=418&name=2%20images%20(2).png)
Our Approach
.png?width=627&height=418&name=2%20images%20(2).png)
Data Security and Privacy Practices
ISO 27001
ISO 27001 is the highest level of global information security assurance available today, and ensures that Credly meets stringent international standards.
ISO 27701
ISO 27701 is globally recognised as best practice in data privacy risk management. It supports compliance with global data privacy legislation such as GDPR, CCPA and many others.
GDPR Compliance
Credly is GDPR compliant and requires its subprocessors to comply with the terms of the GDPR. Credly maintains ongoing confidentiality, integrity, and resilience of our systems that process personal data of badge earners.
FERPA Compliance
Credly offers a FERPA-compliant solution that provides earners with complete control over the use of their information and access to adjust privacy settings on their credentials at any time.
COPPA Compliance
Credly complies with COPPA by obtaining consent through K-12 institutional customers, honoring parental requests for data deletion, and implementing appropriate data privacy and security safeguards.
Penetration Testing
Credly regularly runs penetration testing and vulnerability scans of our codebase to analyze potential vulnerabilities and remediate them.
VPAT 508 Compliance
Credly is VPAT-Ready to ensure that everyone can be recognized for their achievements, including those with limited capacities to see, hear, or exercise muscular control.
Download our VPAT
AWS Security Infrastructure
Credly’s physical infrastructure is hosted and managed by Amazon Web Services (AWS), which have achieved a wide variety of security certifications and commitments.
Development Practices
Credly regularly performs static and active scans of its codebase, analyzes for vulnerabilities during code review, and builds data integrity checks for both input and output into our software.
Featured Resources
Ready to Get Started?
Talk to a sales representative to get a custom quote for your organization.