Privacy Policy
Last updated: December 2024
This website, the related applications, portals, platforms, and services (collectively, "Site") is brought to you by EpiCredible, Inc. dba EpiCredible ("EpiCredible," "we," or "us").
EpiCredible provides a digital badge and certificate platform to allow our users to create, manage, issue and share Credentials. This Privacy Policy ("Privacy Policy" or "policy") explains how we collect, use and disclose the information we collect from those who use or interact with the Site and our Services ("you"), your choices about our collection and use of your information, and how we protect your information.
Important Notice:
BY USING THIS SITE, YOU REPRESENT, ACKNOWLEDGE AND AGREE THAT YOU ARE AT LEAST 18 YEARS OF AGE, OR IF YOU ARE UNDER 18 YEARS OF AGE BUT ARE AT LEAST 13 YEARS OF AGE (A "MINOR"), THAT YOU ARE USING THE SITE WITH THE CONSENT OF YOUR PARENT OR LEGAL GUARDIAN, WHO HAS CONSENTED TO THESE TERMS.
1. Definitions
"Customers"
means our customers (including, but not limited to, businesses, testing bodies, Schools, and teachers) who use our Services to issue electronic badges, certificates, or credentials ("Credentials").
"Recipients"
means authenticated end users who use our Services to receive, manage, and display their Credentials.
"Services"
means our services, which include, but are not limited to, those services and products offered on the Site, including those related to EpiCredible.com, credential.net, coursefinder.io, and any other offerings, collectively.
"Personal Data"
has the meaning given under applicable data protection laws, such as the GDPR, and includes any information relating to an identified or identifiable natural person.
2. Scope
This Privacy Policy applies to personal information processed by us, including on our websites, our online platform, and other online or offline offerings.
Important Note:
When our Customers use our Services to issue a Credential to a Recipient, we process the Recipient's personal information provided to us by the Customer solely on the Customer's behalf (in legal terms, we act as the Customer's "data processor"). As such, our processing of Recipient personal information provided to us by the Customer is governed by the contracts we have with that Customer, not this Privacy Policy.
3. Customers
3.1 Data we collect from Customers
We collect information directly from our Customers. For example, we will collect a Customer's contact details when a Customer enters a contractual relationship with EpiCredible, creates an account on any of our Sites, or uses the Services.
3.2 How We Use Customer Data
We use Customer Data for the following purposes:
- Providing our Service
- Communicating with You About Your Account
- Marketing and Advertising
- Business Operations and Improvements
4. Students
All of EpiCredible's systems, procedures, use of data, and Services are in accordance with the Family Education Rights and Privacy Act of 1974 ("FERPA") (20 U.S.C. § 1232g; 34 CFR Part 99) governing the use of Student Data.
Student Data Protection:
We will never: 1) rent or sell any Student Data to third parties; 2) share Student Data with third parties for the purpose of targeted advertising; 3) use Student Data for marketing purposes; or 4) claim ownership of Student Data.
5. Recipients
5.1 Data We Collect from Recipients
Recipients may provide us with information through the Services. This information may include, but is not limited to, personal information such as your first and last name, relevant Customer name, login credentials, email address, school district affiliation, and any other information necessary to provide the Services.
5.2 How We Use Recipient Data
We use Recipient Data for the following purposes:
- Providing our Service
- Aggregate Data
- Recipient Support
- Tailoring Content
- AI Processing
6. Site Visitors
When you visit our Site, we may collect certain information automatically from your device. We may also collect information you provide directly, such as when you fill out a contact form, subscribe to newsletters, or interact with our blog or resources.
7. General Provisions
7.1 Information Collected Automatically
Like many online services, we use cookies, web beacons, and similar technologies ("Technologies") to collect information automatically when you interact with our Site and Services. This may include your IP address, browser type, operating system, referring URLs, device information, pages viewed, time spent on pages, links clicked, and conversion information.
7.2 Analytics and Advertising
We partner with third parties (e.g., Google Analytics) for site usage analytics and targeted advertising. These partners may use Technologies to collect data about your online activities over time and across sites.
8. Your Privacy Choices and Rights
8.1 Opt-Outs
You can opt out of marketing communications as described in relevant sections. Transactional communications (e.g., account-related) will continue.
8.2 Your Privacy Rights
In accordance with applicable law, you may have the right to:
- Access Personal Information about you
- Request Deletion, Anonymization or Blocking of your personal information
- Request Restriction of or Object to our processing of your personal information
- Withdraw your Consent to our processing of your personal information
- Request data portability and receive an electronic copy of personal information
9. Security of Your Information
We take steps to ensure that your information is treated securely and in accordance with this Privacy Policy, including attaining System and Organization Controls (SOC) 2 Type II certification through a third-party auditor. Our data center provider maintains certification and compliance with ISO27001, SOC2 Type II, and many other certifications.
10. International Data Transfers
All information processed by us may be transferred, processed, and stored anywhere in the world, including, but not limited to, the United States or other countries, which may have data protection laws that are different from the laws where you live. We endeavor to safeguard your information consistent with the requirements of applicable laws using mechanisms such as Standard Contractual Clauses (SCCs) or adequacy decisions for transfers to non-adequate countries.
11. Children's Information
Our Services are not directed to children, and we do not knowingly collect any information from any individual under 18 years of age, except in situations where we have the consent of that individual's parent or legal guardian or are otherwise authorized to do so by applicable law.
12. Supplemental Notices
California Residents
California residents have additional rights under the California Consumer Privacy Act of 2018 ("CCPA"), including the right to know what categories of personal information we have collected and whether we disclosed that personal information for a business purpose.
EEA and UK Residents
If you are located in the European Economic Area (EEA) or United Kingdom (UK), you have additional rights under the General Data Protection Regulation (GDPR) or UK GDPR, including rights to erasure, rectification, restriction, or objection to processing.
13. Changes to Our Privacy Policy
We may revise this Privacy Policy from time to time in our sole discretion. If there are any material changes to this Privacy Policy, we will notify you as required by applicable law. You understand and agree that you will be deemed to have accepted the updated Privacy Policy if you continue to use our Services after the new Privacy Policy takes effect.
Contact Information:
If you have any questions about our privacy practices or this Privacy Policy, or to exercise your rights as detailed in this Privacy Policy, please contact us at:
EpiCredible
Email: support@EpiCredible.com