Maintaining the security of our services and managing the privacy concerns of our customers are our top priorities. We understand that the data we process for you is important and needs to be protected.
Add digital membership cards to your Accredible certificates and badges with no additional setup.
We have a bespoke, carefully crafted data privacy agreement which includes the EU model clauses to give you and your customers piece of mind.
Our data is stored at a secure tier 3 SOC 2-certified data center.
Accredible employs a role-based access control framework that ensures data is only provided to employees where their job responsibilities require it.
We have frequent, automated penetration testing and vulnerability scanning in place.
Accredible’s data privacy controls, software, infrastructure, and systems are audited both internally and independently (externally) on an annual basis.
We've worked hard to ensure that we're ready for the EU General Data Protection Regulation (GDPR).
On May 25, 2018, the General Data Protection Regulation (GDPR) took effect. For European individuals, GDPR expands their data privacy rights and gives them more power to control their data. For companies that process the personal data of these European individuals, GDPR requires compliance with a new set of regulations.
GDPR outlines specific requirements that these companies must satisfy, as well as specific rights that European individuals can exercise with these companies. Further information on GDPR is available on the European Union’s official website.
We offer a Data Processing Agreement (DPA) that you can opt into. DPAs include standard contractual clauses ("Model Clauses") that are the mechanism for GDPR-compliant data transfer. The DPA includes all the information on what Accredible does with your data, who has access to it, who it is shared with.
To satisfy the data portability requirements for GDPR, you can easily export data from your account, and submit a request to remove data at any time.
Our agreements clearly state that we're not able to share your data with any third party that's not bound by our data privacy agreement. We've formed contractual relationships with all of our suppliers that do things like host our databases (Amazon Web Services) or provide data backup hosting (Google Cloud) to ensure full legal and process protection for your data in accordance with EU privacy law.
Credential recipients can retrieve a copy of all the data that Accredible holds on them and can submit a request to have it completely removed from Accredible's records. You will be notified if a recipient has requested to be forgotten.
Learn more about how Accredible is compliant to GDPR in our blog.
How Accredible is Compliant to GDPR
The Data Centre Security Whitepaper is a guide to our data centre use, why we use data centres, how data centres protect data, and details of compliance.
Read about data privacy in our help center.
What is Data Privacy & 'My Right To Be Forgotten'?
The Data Transfer Impact Assessment is a resource to provide information to customers in connection with their use of our platform in light of the "Schrems II" ruling of the Court of Justice for the European Union and recommendations from the European Data Protection Board.