Product: IDCERT Digital Badge
Vetted by
Simone Aldo
Buonporto,
Ceo
at IDCERT | International Digital Certification
on 2023-01-20
Privacy Rubric Results
- N/A
- UNMET
- PARTIAL
- MEETS
Data Collection
Security
3rd Party Data
Advertising
Certified
| Rubric Area | Expectations | ||
|---|---|---|---|
| General | Meets | Partially Meets | Doesn't Meet |
|
GEN1 - How are changes to key policies managed?
ANSWER: Notification is provided to the user in advance and a history of policy revisions are available
|
Answer Meets Expectations | Unselected Option: | Unselected Option: |
| Data Collected | Meets | Partially Meets | Doesn't Meet |
|
DCQ1 - Do the policies list all data collected?
ANSWER: Policies list the data collected OR policies state no data is collected
|
Answer Meets Expectations | Unselected Option: | Unselected Option: |
|
DCQ2 - Do the policies indicate how data is collected?
ANSWER: Policies state specifically how data is collected OR policies state no data collected
|
Answer Meets Expectations | Unselected Option: | Unselected Option: |
|
DCQ3 - Do the policies state who owns the data?
ANSWER: Policies state the user owns the data alone OR policies state no data collected
|
Answer Meets Expectations | Unselected Option: | Unselected Option: |
|
DCQ4 - Do the policies allow users to delete their data entirely?
ANSWER: Policies allow users to delete data entirely after a period of time OR policies state no data collected
|
Answer Meets Expectations | Unselected Option: | Unselected Option: |
|
DCQ5 - Do the policies state the retention of data?
ANSWER: Policies have a 60-day or less retention policy OR policies state no data collected
|
Answer Meets Expectations | Unselected Option: | Unselected Option: |
| Security | Meets | Partially Meets | Doesn't Meet |
|
SECQ1 - Do the policies state how data is protected?
ANSWER: Policies list the steps taken to protect data or OR policies state no data collected
|
Answer Meets Expectations | Unselected Option: | Unselected Option: |
|
SECQ2 - Do the policies state all confidential & sensitive information is encrypted throughout?
ANSWER: Data encrypted throughout OR passes an encryption test with no vulnerabilities OR policies state no data collected
|
Answer Meets Expectations | Unselected Option: | Unselected Option: |
|
SECQ3 - Do the policies state whether or not it enforces strong password creation?
ANSWER: Supplier enforces strong password creation OR supplier user base exempt from password requirements or OR no account creation required
|
Answer Meets Expectations | Unselected Option: | Unselected Option: |
|
SECQ4 - Do the policies indicate whether or not it leverages 2 step (or other forms of multifactor) authentication?
ANSWER: Supplier uses SSO or an LTI launch OR no account creation is required OR supplier user base exempt from 2-step authentication requirements
|
Answer Meets Expectations | Unselected Option: | Unselected Option: |
|
SECQ5 - Do the policies state the use of cookies?
ANSWER: Policies list all cookies used and each cookie's purpose OR policies state that it only uses cookies that are crucial for app functionality
|
Answer Meets Expectations | Unselected Option: | Unselected Option: |
| Third Party Data | Meets | Partially Meets | Doesn't Meet |
|
SHRQ1 - Do the policies state the use of third parties?
ANSWER: Policies list each third party separately OR policies state third party use strictly for app functionality OR policies state that they do not use third parties
|
Answer Meets Expectations | Unselected Option: | Unselected Option: |
|
SHRQ2 - Do the policies state what information is shared with each 3rd party?
ANSWER: Policies list the data it shares with each third party separately OR policies state that it does not share any data with any third party
|
Answer Meets Expectations | Unselected Option: | Unselected Option: |
|
SHRQ3 - Do the policies state whether or not users can opt out of 3rd party data sharing?
ANSWER: Policies include an easy opt out process for users OR policies state that it does not share any data with any third party
|
Answer Meets Expectations | Unselected Option: | Unselected Option: |
|
SHRQ4 - Do the policies state if the supplier requires 3rd parties to adhere to the terms of the vendor/customer agreement?
ANSWER: Supplier claims responsibility for third party privacy practices OR policies state that it does not share any data with any third party
|
Answer Meets Expectations | Unselected Option: | Unselected Option: |
|
SHRQ5 - Do the policies state whether or not user is notified of a change in third parties?
ANSWER: Supplier changes third party and keeps the same data sharing terms OR supplier does not use any third parties
|
Answer Meets Expectations | Unselected Option: | Unselected Option: |
| Advertising | Meets | Partially Meets | Doesn't Meet |
|
ADVQ1 - Do the policies indicate if advertisements are displayed?
ANSWER: No ads are displayed
|
Answer Meets Expectations | Unselected Option: | Unselected Option: |
|
ADVQ2 - Do the policies indicate whether or not users are targeted for advertisement?
ANSWER: Policies guarantee no ad targeting OR Policies state no ads are used on its platform
|
Answer Meets Expectations | Unselected Option: | Unselected Option: |
|
ADVQ3 - Do the policies indicate whether or not any 3rd parties track or collect information for advertisement?
ANSWER: Policies state third parties are not used for ads or tracking
|
Answer Meets Expectations | Unselected Option: | Unselected Option: |
|
ADVQ4 - Do the policies indicate whether or not web beacons or other tracking methods are used for ad purposes?
ANSWER: Policies state that it only tracks interactions within its application OR policies state that it does not use any tracking technologies for ads
|
Answer Meets Expectations | Unselected Option: | Unselected Option: |
|
ADVQ5 - Do the policies state whether or not users can opt out of sharing data with advertisers?
ANSWER: Policies state in detail how users can opt out of sharing data with advertisers OR policies state no ads are used on its platform
|
Answer Meets Expectations | Unselected Option: | Unselected Option: |
Vetting Context
Policies Cited
The following urls were cited as a basis for this information.
- Terms of Service/Terms of Use https://www.iubenda.com/termini-e-condizioni/84368268
- Privacy Policy https://www.iubenda.com/privacy-policy/84368268
- Cookie Policy https://www.iubenda.com/privacy-policy/84368268/cookie-policy
- Security Practices https://www.iubenda.com/privacy-policy/84368268
Geographical Context
(Laws and regulations can vary across regions)
Barletta-Andria-Trani
Italy
Regulatory Compliance
The information below provides insight into compliance with various regulatory policies.
US State Regulatory Compliance:
- Arkansas HB 1961
- California AB 1584
- California SB 1177
- California AB 2799
- California AB 2828
- Connecticut HB 5469
- Delaware SB 79
- Delaware SB 208
- Georgia SB 89
- Hawaii SB 2607
- Illinois SB 1796
- Iowa HF 2354
- Kansas HB 2008 (S sub)
- Kentucky HB 232
- Louisiana HB 718
- Maine SP 183
- Maine LD1616
- Maryland HB 298
- Michigan SB 510
- Missouri HB 1490
This application CAN NOT be used by children under the age of 13.
Email Simone Aldo about this record
The views and opinions expressed in this information are those of the authors and do not necessarily reflect the official policy or position of 1EdTech. The information provided is intended to surface trends about the policies and procedures of systems leveraged by the educational community. It should not be considered legal advice.
Disclaimer:
1EdTech Trusted Apps
provides a vetting of a product's data policy according to the
1EdTech Trusted Apps Rubric.
Achieving the
TrustEd Apps Certified Seal
indicates adherence to a baseline level of privacy.
Institutions should review an application's detailed vetting results before approving it for use.
© Copyright 2025 1EdTech Global Learning Consortium Inc. All Rights Reserved.
App Vetting Rubric Version: 2