Back to Terms of Service


Badgr is an online platform to create, curate, distribute, receive, explore, and share micro-credentials (“Badges”) and users can access tools to issues Badges to learners, as well as associated administrative tools and services.

Badgr is provided by Concentric Sky, Inc., a U.S. corporation (“CSky,” “us,” “we,” or “our”) through our websites (,,, and and our mobile Badgr application (collectively “the Site” or “Badgr”). This Privacy Policy explains what personal data we collect through Badgr, how we use and share that data, and your choices and rights concerning our personal data practices.

This Privacy Policy forms part of our Terms of Service (“Terms”). If you do not agree to this Privacy Policy, please do not access or use Badgr. This Privacy Policy does not apply to personal data we collect by other means (including offline).

This Privacy Policy often refers to “you”, i.e. the Badgr user. To help you understand what parts of this Privacy Policy are most relevant to you, we sometimes distinguish the following types of users:

“Visitors” simply browse the Badgr website or download the mobile Badgr application.

“Earners” are recipients of Badges.

“Registered Users” hold a registered Badgr account. There are several types of Registered User accounts with different administrative controls.

For your convenience, this Privacy Policy sometimes include brief, non-binding summaries followed by the full legal terms.


In Brief: This Privacy Policy explains our role in controlling and processing your personal data. You also play an important role in protecting personal data, especially when you give us data about someone else.

1.1 Our Responsibilities.

  • a. Visitors and Registered Users. If you are a Visitor or Registered User, we act as the “data controller” of personal data. This means we determine how and why your personal data is processed.
  • b. Earners. If you are an Earner, we act as the “data processor” of the Registered User who issued you a Badge. This means that we only process your personal data as necessary to award the Badge on behalf of the Registered User.

1.2 Your Responsibilities.

  • a. Read our Terms, including this Privacy Policy.
  • b. If you are a Registered User, also read the Data Processing Addendum and any other agreements you have with us.
  • c. If you are a Registered User that provides us with personal data about third parties, you must adhere to such third parties instructions about their personal data.


In Brief: From the first moment you use Badgr, we are collecting personal data. Sometimes you provide us with the personal data, sometimes personal data about you is automatically collected, and sometimes a third party might provide us with personal data about you.

2.1 Contact Information. Through Badgr or other interactions with our customer support, you may provide contact information, such as your name and email address.

2.2 Information on How You Use Badgr. As you interact with Badgr, we automatically collect usage information, including the type of content that you engage with, the features you use, the other users you interact with, and the time, frequency and duration of your activities.

2.3 Browser and Device Information. We collect personal data about the internet browser and device that you use to access Badgr, including the type of device, operating system, settings, unique device identifiers, network information and other device-specific information.

2.4 Log Data. Our servers log certain personal data that your browser automatically sends whenever you visit Badgr. Log data includes your Internet Protocol address (to understand what country you are connecting from), browser type and settings, the date and time of your request, and how you interacted with Badgr. Your geographic location may determine which features and third-party content will be available to you.

2.5 Cookies and Automatically Collected Information. We work with third-party tracking services that use cookies to collect data about Badgr users. This data includes usage and user statistics. Emails sent through Badgr may automatically collect information about whether emails have been opened and acted upon. We provide more information on cookies below.

2.6 Personal Data from Third Parties. We collect personal data from third parties to whom you give permission to share your personal data with us or where that personal data is publicly available online.

2.7 Personal Data Collected from Registered Users. If you are a Registered User, we collect additional personal data, such as:

  • a. Registration information, including your email address, username, password, first and last name, and any organization with which you are affiliated. If you chose to register via a third-party partner, e.g. Facebook, LinkedIn, Google, or Kony, we may receive personal data made available by you through such third-party integration partner;
  • b. Account settings, including various preferences and personal details, e.g. issuer profile image;
  • c. Billing information, including first and last name, billing address, email address, company name, job title, and financial information about your method of payment; and
  • d. Address book information, including the names and email addresses of persons to whom you may issue a Badge or invite to Badgr. We only use this personal data at your direction.


In Brief: Some types of personal data are very sensitive and should not be shared with us. Do not share this information with us.

a. Sensitive Personal Data. We do not request or intentionally collect any sensitive personal data, such as health information, genetic data, religious information, and government issued ID numbers.

b. Children’s Personal Data. We do not intentionally collect any personal data from, or direct Badgr to, children under 13. Our Terms prohibit anyone under the age of 13 from using Badgr.

In Brief: Some laws require us to identify a legal basis for using your personal data. Those reasons are described in this section.

Under certain laws, we are required to notify you about the legal basis upon which your personal data is processed. When such laws apply, we process your personal data under one or more of the following legal bases:

4.1 “Contract” means that processing your personal data is necessary for us to fulfill the obligations of a contract between you and CSky;

4.2 “Legitimate Interests” means processing your personal data is necessary to further our legitimate interests, which include:

  • a. Delivering, developing, and improving Badgr
  • b. Understanding your behavior on Badgr
  • c. Measuring the effectiveness of marketing campaigns

4.3 “Consent” means processing your personal data is done with your consent. You can revoke your consent at any time by emailing your revocation request to If you revoke your consent, we will stop processing your personal data, unless there is another legal basis for continuing to process your personal data.


In Brief: There are a variety of reasons that we may need to use your information to provide Badgr. Those reasons, and the legal bases for such use, are described in this section.

5.1 Delivering Badgr. We use your personal data to provide the Badgr platform, including to invite users; issue, share, and track Badges; connect your Badgr account to other services; log in and authenticate users; remember your settings; process payments; maintain back-end infrastructure; and for related business purposes. Legal basis: Consent; Contract; Legitimate Interests.

5.2 Improving Badgr. We use your personal data to help deliver Badgr in an effective and efficient manner, including to better understand how users interact with Badgr, and as part of our efforts to keep Badgr secure. Legal basis: Contract; Legitimate Interests.

5.3 Customer Support. We use your personal data to communicate changes about Badgr and provide support via phone or email. Legal basis: Contract; Legitimate Interests.

5.4 Marketing. We use your personal data to send you messages about updates, new features, and other relevant information. We will only send you email marketing information if you consent to us doing so when you register for Badgr or otherwise opt in to receive marketing emails in your account settings. Legal basis: Consent; Contract.


In Brief: Badgr’s effective and efficient operation requires that we sometimes share your information with third parties, but only as necessary to provide Badgr to you.

We share your personal data with certain third parties in the following circumstances:

6.1 Administrative Team. If your Badgr account is affiliated with an administrative team, we share certain personal data, such as your contact information, with the primary administrator and other team members with whom you collaborate.

6.2 Badge Tracking. We use the personal data for processing the award of Badges, such as tracking progress and completion. We may also share your personal data with respect to a given Badge with the Registered User who created or awarded the Badge, and with other individuals designated by that Registered User to assist with the creation and/or awarding of the Badge, and with the organization with which they are affiliated. For example, a Badge may be issued based upon your attendance at an event at a particular time and location. Your personal data, including location information from your device or the event’s organizer, may be used to confirm whether you meet the criteria for receipt of such a Badge.

6.3 Service Providers. To assist us in meeting business operations needs and to perform certain services it is sometimes necessary to share your personal data with third-party providers, such as providers of hosting, payment processing, email communication, and analytics. If required under applicable law, we will make a list of third-party service providers available to you upon request sent to

6.4 Business Transfers. If we are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of all or a portion of our assets, or transition of a service to another provider, your personal data and other information may be transferred to a successor or affiliate as part of that transaction.

6.5 Legal Requirements. We may share personal data in order to: (a) comply with our legal obligations, (b) detect, prevent, or otherwise address fraud, security or technical issues, (c) enforce applicable policies, including investigation of potential violations, or (d) protect against harm to the rights, property or safety of our users, the public, or ourselves.


We keep your personal data for as long as we have a legitimate business need to do so in connection with your account or as required by law. Personal data that is assigned to a Badge is retained for the life of such credential or until otherwise deleted by the Issuer. Contact us at if you have questions about retention of your personal data.


We use cookies, and other similar technologies, for activities such as (a) maintaining the functionality of Badgr, e.g. automatic account sign-in, (b) securing the Site, (c) improving Badgr, and (d) deploying website analytics, e.g. Google Analytics. The cookies we set are essential for the operation of the website, or are used for performance or functionality. By using Badgr, you agree that we can place these types of cookies on your computer or device.


We take reasonable administrative and technical steps to protect your personal data from loss, misuse and unauthorized access, disclosure, alteration, or destruction. We protect the security of your personal data during transmission by using Secure Sockets Layer (SSL) software or other encryption technology, which encrypts personal data you input. Wherever appropriate, we obfuscate and/or encrypt personal data in our systems and/or during information transfer. However, no method of transmission over the internet is 100% secure and we cannot absolutely guarantee the security of your personal data. It is important for you to protect against unauthorized access to your password to the Site and to your computer. Be sure to sign out of Badgr when finished.


If you need to change or correct your personal data, or wish to have it deleted from our system, contact us at and we will address your request in accordance with applicable law.


We may use cookies or other similar tracking technologies to collect information about your browsing activities over time and across different websites. We may allow third-party service providers and other third parties to do the same. We do not respond to “Do Not Track” (DNT) signals and we operate as described in this Privacy Policy whether or not a DNT signal is received.


If you are using Badgr from a country outside the United States your personal data may be transferred for processing from your current location to our offices and servers and our authorized third-party service providers located globally, including in the United States. Other countries may have data protection laws less stringent than or otherwise different from the laws in effect in the country in which you are located. We self-certify with the U.S. Department of Commerce that Badgr complies with EU-US Privacy Shield in relation to the GDPR framework as set forth by the European Union regarding the collection, use, and retention of personal data from Registered Users based in the European Economic Area; please refer to our Privacy Shield Statement.


In Brief: You have control over how certain information is used by us.

13.1 No personal data. You can choose to simply browse the Badgr site and not provide us with any personal data, but you will not be able to utilize most of Badgr’s features.

13.2 Unsubscribe from certain emails. You can unsubscribe or opt out of marketing emails at any time, via a link in each email from us or by emailing us at If you opt out to marketing emails, we will continue to contact you via email with respect to issuance of a Badge, your Badgr account, and to respond to your requests.

13.3 Disable tracking technologies. Most Internet browsers allow you to disable and/or delete cookies. If you turn off or otherwise disable cookies, you can continue to use Badgr, but it may not work effectively.

13.4 Contact Badge issuer. Where you have received a notification about a Badge issued to you by a Badgr user, you will need to directly contact that person or organization to discuss access and/or deletion of personal data, e.g. your name and email address. In such instances, we do not control your personal data and we are not in a position to directly handle requests that relate to such personal data.

13.5 Contact Account Owner. Where you have received an invitation to help administer an account affiliated with an organization, you will need to directly contact the account owner to discuss access and/or deletion of your personal data, e.g. your name and email address. In such instances, we do not control your personal data and we are not in a position to directly handle requests that relate to such personal data.


In Brief: You may have specific rights in relation to your information depending on where you live.

Certain users, particularly those located in the European Economic Area, have certain legal rights to obtain information about whether we hold their personal data, to access personal data we hold about them, and to obtain its correction, update, amendment or deletion in appropriate circumstances. Some of these rights may be subject to some exceptions or limitations. We will respond to your request to exercise these rights within a reasonable time. Rights which you may be entitled to include: (a) data access, (b) rectification, (c) erasure, (d) restrict processing, (e) data portability, and (f) object to processing. Should you wish to make a request in respect of your personal data please contact us at and we will address your request as required by applicable law.

This Privacy Policy does not apply when you use a link to go from Badgr to another website. Your browsing and interactions on any third-party website, are subject to that third party’s own rules and policies. In addition, you agree that we are not responsible for and we do not exercise control over any third-parties that you authorize to access your content. If you are using a third-party website, e.g. Facebook, and you allow such third-party access to your content, you do so at your own risk.