Privacy Policy

Updated April 25, 2016


We ask you to read this Privacy Policy carefully before using the CanCred Factory service (“Service”).

Learning Agents Inc., a Canadian corporation (“Service Provider”), is committed to protecting user privacy by complying with the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA).

Personal Information means information about an identifiable individual. This Privacy Policy covers personal information that the Service Provider is collecting from you (“User”) in connection with the Service and how the Service Provider uses such personal information.

The Service strives to offer Users a safe environment to issue and manage digital credentials based on the Mozilla Open Badge standard (later referred to as badges)

As a User of the Service, your use is subject to this Privacy Policy. If you do not accept the processing of personal information as outlined herein, please do not use the Service.

Individuals under the age of 13 are not permitted to use the Service or the Service website. The Service does not collect personal information from individuals under the age of 13.


The Service collects the following User information (mandatory):

  • Names of registered Users
  • Email addresses of registered Users
  • Names of User Organizations
  • Website addresses of User Organizations
  • Organization emails of User Organizations
  • Mailing addresses of User Organizations

The Service also collects the following information if provided by the User Organization:

  • Country (and province if in Canada)
  • Organization type
  • Description
  • Logo

The Service also collects the following personal information:

  • Email addresses of recipients of badges (Earners) that have been issued by the User. The User acknowedges responsibility for the collection and safeguarding of the private information of Earners of the badges the User issues.


The Service Provider collects personal information to maintain and handle the relationship between the Service Provider and the User and to plan and develop the business activity of the Service Provider through various research methods. The information and personal data may be used for distribution of information to the Users of the Service and possibly for direct marketing if user has given his/her consent or if allowed by law. The information and personal data may also be used for investigation and follow up in cases of suspected misuse.

The User may operate one or more role-based accounts on the Service to issue badges to badge Earners. These badges contain Earner email addresses which the User has gathered. The email addresses of Earners are encrypted to prevent unauthorized access, according to the Open Badge standard. Other personal information in the badge may include links to Earner evidence and Additional Criteria, which can describe how an individual Earner achieved a particular badge – this information is not encrypted. When a User issues a badge the User shares this Earner personal information with the Service provider. The User represents and warrants that Earners have consented to the collection and use of their personal information for this purpose.

When an Earner receives an email notice of having earned a badge, he/she may ignore the notice, download the badge to their computer, or direct the badge to be transferred to a personal account on CanCred Passport. Irrespective of his/her decision, User will retain a record of the earned badge containing the Earner’s email in their Service account. Users are responsible for protecting the personal information of their Earners. For more detail, please refer to the CanCred Passport Privacy Policy.

The Service Provider may also collect information about the use of the Service for statistical purposes. This information does not target any individual user.

The Service Provider’s Internet servers may passively and automatically collect certain information about the website visitors’ traffic patterns, which may be linked to their Internet Protocol (IP) addresses (which are unique Internet “addresses” assigned to all Internet users by their Internet Service Providers). Server logs may record statistical information, such as visitors’ IP addresses, type of operating systems, time and duration of visit, pages requested, and identify categories of visitors by items such as domains and browser types. These statistics are generally collected and used on an aggregate basis.

  • Cookies: The Service website may use “cookies”. Cookies are small text files offered to your computer by servers in order to keep track of a browser as the User navigates a website. Cookies may be stored on the User’s hard drive, or in temporary (cache) memory, in which case they are deleted when the User shuts down the his/herbrowser or turns off his/her computer. The Service Provider may use cookies to record session information, such as the User’s browsing habits and past activity, to enable the Service Provider to provide the User with improved services such as customized webpage content. The User can disable cookies using his/her Internet browser’s settings. Please consult your browser’s help function for information about how to disable cookies. Note that if the User disables cookies, certain features of the Service website may not function properly.
  • Links to Third Party Websites: The Service website may contain links to other websites that are provided as a convenience only, and which may have different privacy policies and practices than those of the Service Provider. The Service Provider has no responsibility for these third party websites, and User is advised to review the privacy policies of any third party websites User chooses to visit.


The Service Provider does not sell, trade, or otherwise transfer to outside parties the User’s personally identifiable information. This does not include trusted third parties who assist the Service Provider in operating its website, conducting its business, or servicing the User, so long as those parties agree to protect the personal information with a level of privacy protection which is comparable to that offered by the Service Provider. Third parties can only use or disclose personal information for purposes which have been authorized by the User in this Privacy Policy.

The Service Provider may also release the User’s personal information when the Service Provider believes release is appropriate to comply with applicable laws, enforce site policies, or protect its or others rights, property, or safety.Non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

Only the username, which each User uses to define her/himself, is displayed to other users in the Service.

The Service Provider maintains this service and stores and processes any information collected through this service on servers located in Canada. No personal data is transferred outside Canada by the Service Provider.


The personal information is stored in the Service databases which are secured with firewalls and other appropriate technical measures. Some information may be kept outside the Service databases for the purposes of invoicing.

All persons handling the personal information have personal access rights (username, password and access level information) to the register issued by the register owner. Only persons who need said information to carry out their work assignments can access the user’s personal information. These persons include the Service Provider’s customer service and technical administrator personnel and trusted third parties.

The Service Provider will strive to ensure that no stored personal information disappears, is used for wrong purposes or is accessed or changed without authorization.

Personal information is retained for as long as is necessary for the Service Provider to fulfill the purposes which have been identified and consented to by the User. If the User quits the Service, the Service Provider guarantees the validity of issued badges for at least two years. This guarantee requires the retention of personal information. The User may request complete deletion of the account, which will destroy all personal information stored on the Service server.

Users are warned not to disclose their username or password to anyone other than the Service Provider.

The User may withdraw his/her consent for the Service Provider to manage his/her personal information as described in this Privacy Policy, provided such withdrawal is subject to legal or contractual restrictions and reasonable notice. If the User withdraws consent, the Service Provider’s ability to provide Services to User may be restricted or rendered impossible.


Under the Personal Information Protection and Electronic Documents Act (PIPEDA), individuals have a right of access to personal information in the custody or control of an organization and an account of its use. If you are a resident of Canada, you can request this information by contacting the Service Provider using the information provided below.


The Service Provider reserves the right to make adjustments to this Privacy Policy at any time and from time to time. Service Providers suggests that Users review this Privacy Policy on a regular basis.


If you have questions regarding this Privacy Policy or you believe that the Service Provider has not abided by this Privacy Policy, you are advised to contact the Service Provider using the information provided below:

CanCred Privacy Law Officer
Learning Agents Inc.
(204) 219-5933