Updated 4/19/23
Your earners might wonder how you arrived at the decision to transfer their personally identifiable information (PII), such as name and email, to Credly. Most of our customers rely on one of two legal bases:
-
- "legitimate interest": "You work here (or go to school here or signed onto our program) and we use this software so we share your information as part of that workflow."
- "informed consent": You explain in advance that you use an external third party, perhaps in your communications about the program.
All the more reason to reinforce our best practices!
- Inform your users! The most effective way to avoid surprises or concerns from users is to disclose that you use a third-party to provide the recognition associated with this training/assessment/education. This is the most common approach we see from customers. You could put it in your terms of use or any "about this course" information. You could also use this as a marketing statement "If you complete this assessment, you'll get a credential on Credly!"
- Nothing happens without user consent! Whether you've informed your users or not, you can calm nerves by clarifying for your users that Credly does not do anything with their data until the user creates an account. Additionally, there is no requirement to create an account. If an earner chooses not to create an account, they will not hear from Credly (other than to invite them to accept their credential).
- Only the absolute minimum data is shared: The minimal data shared with Credly is a name, email address and the credential earned. This facilitates an option for the earner to take (to create an account and use Credly). If they do not create an account, they will not hear more from Credly (except to invite them to accept your credential).
Additional questions your earners might ask you:
Do we have to create an account? Answer: Yes, because you can't share a digital badge unless you do have an account with an email. It has to do with badge standards and the viewer's ability to verify that it was YOU who earned the badge.
Do I have to be public? Answer: Nope, you are free to make your profile or an individual badge private. However, private profiles and badges are not verifiable, so if you tell someone you have a certification, but it is private, that person cannot verify its authenticity.
By the way, Credly is GDPR compliant and holds 3 ISO certifications. Read more about that here. In other words, we take this seriously and can provide you with all kinds of documentation. Just ask.
One more detail: If you ask us a question and we have to send you any earner data, it will come from an encrypted site and you will see "encrypted-message" in the header.