/Black%20and%20white%20-%20png/Real_ideas_logo_RGB_White.png?height=120&name=Real_ideas_logo_RGB_White.png){kind=logo}
Find out more about data processing involved with issuing digital badges.
Issuing digital badges via online platforms requires processing of earner personal data. The information below is a quick guide to the basics of issuing under GDPR including some platform-specific information to the best of our knowledge.
We always recommend examining any required data processing before you commence issuing badges on any issuing platform. If you would like to discuss any elements of data in more detail, don’t hesitate to get in touch.
Jargon Buster
|
PII |
Personal Identifiable Information (first name, last name, email address) |
|
Issuer |
An organisation that is issuing a badge |
|
Earner |
An individual that has earnt a badge |
|
Assertion |
A unique record of a badge being issued to an earner. |
|
ICO |
Information Commissioner’s Office |
|
GDPR |
General Data Protection Regulation (Data Protection Act 2018) |
|
Data Controller |
A party that exercises overall control over the purposes and means of processing personal data. |
|
Data Processor |
A party that acts on behalf of, and only on the instructions of, a relevant Data Controller. |
The Basics of Issuing Badges
|
To issue a digital badge, an issuer inputs earner PII to an issuing platform. This data then becomes an assertion, and the earner receives a notification via email. Issuing badges should take place using an email address belonging to the earner. If it is not possible to issue badges directly to your earners, please see this guide for more information. |
Badge Nation and Earner Data
|
By purchasing a Badge Nation membership package, the issuer consents to Badge Nation having admin access to their issuing platform account for the purposes of publishing new badges and delivering customer support. As an account admin, Badge Nation is a Data Processor for any earner PII an issuer inputs to an issuing platform but will not download or process any earner data relating to Badge Nation issuers unless:
If Badge Nation is required or requested to process earner PII, the data will never be saved, stored, or recorded in any way. |
Lawful Basis to Issue Badges
|
Issuers are always responsible for ensuring they comply with GDPR. To issue digital badges an issuer must:
Issuers are responsible for obtaining and demonstrating their own lawful basis for processing the PII of any earners they wish to issue badges to. More information on lawful basis for data processing can be found here on the ICO website. |
Consent
|
If the issuing activity is not covered by another lawful basis, the issuer must gain an earner’s consent before issuing them with badges.
Under GDPR, all individuals aged 13 and upwards can consent to their own data sharing. For issuing to earners younger than this, consent must be gathered from a parent / guardian and depends on the issuing platform you intend to issue badges with. Please see this guide for further reading on issuing badges to children under the age of 13. More information on the sharing of children's data can be found here on the ICO website. Some issuers, despite working with individuals over the age of 13, may not be able to allow children to exercise their rights to consent to sharing their own data. In these cases, the issuer may still choose to gather written consent from a parent / guardian. |
Summaries of specific information for Credly, Navigatr, and Open Badge Factory can be found below.
Credly
|
Badge Acceptance Method: Earners: In-platform methods to gather consent: Useful information: Issuing badges via Credly represents an international data transfer and is covered by the Standard Contractual Clauses contained in Annex 2 of Credly’s GDPR Data Processing Addendum. Documentation: |
Navigatr
|
Badge Acceptance Method: Earners: In-platform methods to gather consent: Useful information: Documentation: |
Open Badge Factory (OBF)
|
Badge Acceptance Method: Earners: In-platform methods to gather consent: Useful information: Documentation: |