Accredible takes data privacy extremely seriously. We're handling personally identifiable information on your behalf and we do everything we can to protect that data.
We've worked hard to ensure that we're ready for the EU General Data Protection Regulation (GDPR).
In the context of Accredible’s services, you as the customer determine the purpose and means of processing of personal data and are therefore the “data controller” under the EU Directive. Accredible, as the entity which processes personal data on behalf of, and at the direction of, the data controller, is the “data processor.”
For information relating to data privacy for your recipients, please read: https://help.accredible.com/hc/en-us/articles/115005692865-Data-Privacy-Right-to-be-Forgotten
On May 25, 2018, the General Data Protection Regulation (GDPR) officially takes effect. For European individuals, GDPR expands their data privacy rights and gives them more power to control their data. For companies that process the personal data of these European individuals, GDPR requires compliance with a new set of regulations.
GDPR outlines specific requirements that these companies must satisfy, as well as specific rights that European individuals can exercise with these companies. Further information on GDPR is available on the European Union’s official website: https://ec.europa.eu/info/law/law-topic/data-protection_en.
We offer a Data Processing Agreement (DPA) that you can opt into. DPAs include standard contractual clauses ("Model Clauses") that are the mechanism for GDPR-compliant data transfer. The DPA includes all the information on:
Read the DPA here: https://dashboard.accredible.com/dpa
Agree to the DPA here: https://dashboard.accredible.com/issuer/dashboard/organization?edit=conditions
We have appointed a Data Protection Officer. To reach them please contact firstname.lastname@example.org.
Accredible works with a small number of organizations to provide service to customers. These sub-processors:
Our agreements clearly state that we're not able to share your data with any third party that's not bound by our data privacy agreement and that isn't named on our data privacy agreement.
We've formed contractual relationships with our suppliers to ensure full legal and process protection for your data in accordance with EU privacy law.
Data is stored at a location hosted by AWS, which is a secure tier 3 SOC 2-certified
data center. All data is hosted within the US.