Data Security & Privacy Policies

Maintaining the security of our services and managing the privacy concerns of our customers are our top priorities. We understand that the data we process for you is important and needs to be protected.


Accredible's robust security policies ensure your data is protected

GDPR Compliance

Add digital membership cards to your Accredible certificates and badges with no additional setup.

EU Model Clauses

We have a bespoke, carefully crafted data privacy agreement which includes the EU model clauses to give you and your customers piece of mind.

Secure Data Storage

Our data is stored at a secure tier 3 SOC 2-certified data center.

Identity & Access Control

Accredible employs a role-based access control framework that ensures data is only provided to employees where their job responsibilities require it.

Real-Time Monitoring

We have frequent, automated penetration testing and vulnerability scanning in place.

Security Auditing

Accredible’s data privacy controls, software, infrastructure, and systems are audited both internally and independently (externally) on an annual basis.

Further Resources

GDPR Compliance

Learn more about how Accredible is compliant to GDPR in our blog.

How Accredible is Compliant to GDPR

Security Whitepaper

The Data Centre Security Whitepaper is a guide to our data centre use, why we use data centres, how data centres protect data, and details of compliance.

Data Privacy Help Article

Read about data privacy in our help center.

What is Data Privacy & 'My Right To Be Forgotten'?

Data Transfer Impact Assessment

The Data Transfer Impact Assessment is a resource to provide information to customers in connection with their use of our platform in light of the "Schrems II" ruling of the Court of Justice for the European Union and recommendations from the European Data Protection Board.


Accredible is hosted on the best infrastructure available. It has the following Certifications, Laws, and Regulations:

Certifications / Attestations

  • DoD SRG
  • FedRAMP
  • FIPS
  • IRAP
  • ISO9001
  • ISO27001
  • ISO27017
  • ISO27018
  • MLPS Level 3
  • MTCS
  • PCI DSS Level 1
  • SEC Rule 17-a-4(f)
  • SOC 1
  • SOC 2
  • SOC 3
  • UK Cyber Essentials Plus

Laws / Regulations / Privacy

  • DNB [Netherlands]
  • EAR
  • EU Model Clauses
  • GLBA
  • IRS 1075
  • ITAR
  • My Number Act [Japan]
  • U.K. DPA - 1988
  • VPAT / Section 508
  • EU Data Protection Directive
  • Privacy Act [Australia]
  • Privacy Act [New Zealand]
  • PDPA 2010 [Malaysia]
  • PDPA 2012 [Singapore]
  • Spanish DPA Authorization

Get started for free in minutes.