policies

Data security and privacy


The cybersecurity and regulatory landscape is constantly evolving—and so are we.

Key Security and Privacy Features


CPRA and GDPR Compliance

Enjoy data privacy at a level that meets or exceeds multiple international standards

Latest SCCs

The latest EU SCCs were released in June 2021. Naturally, we've incorporated them into our agreements.

Secure Infrastructure

Look at the list at the bottom of this page to learn more.

Role-Based Access Control (RBAC)

Security rules built in to our database and long-term storage enforce RBAC at the lowest levels.

Encryption during Transmission and Storage

Protected in transmission with HTTPS, protected at rest with AES-256.

Open Standards

Built on W3C and IMS standards, our credentials are designed from the ground up for portability and interoperability.

Comprehensive Compliance


CPRA/CPPA

Although the CPPA will be superseded by the CPRA in 2023, we're already prepared with measures such as protection of "Sensitive Personal Information", a ban on both selling and sharing recipient data for the purpose of advertising, and avoidance of "Profiling".

For further information on the CPRA, we recommend visiting the website of the Californians for Consumer Privacy, which has summaries, changes from the CPPA, and even annotated versions of the CPRA.

GDPR

In addition to handling the CPRA/CPPA, we also stay on top of the GDPR. On our website, we follow best practices on cookie consent and have eliminated all non-essential cookies. Meanwhile, aside from those needed for authentication, our SaaS application has zero mandatory cookies in it.  Following the GDPR isn't too challenging for the team at Digit.ink since we're just not interested in gathering information through intrusive methods.

Data subjects in the EU can reach us for requests at https://digit.ink/pages/contact-us.

Data Security

The Schrems II decision invalidated the EU-US Privacy Shield framework, forced drafting of new Standard Contractual Clauses (SCCs), and generally threw established data transfer arrangements into disarray. Fortunately, Digit.ink has stayed on top of the regulatory situation and we've incorporated the latest SCCs into the agreements we sign with data controllers based in the EU. For more details, contact us.

Standards and Certifications


Our Credentials

  • Open Badges v2
  • Verifiable Credentials Data Model 1.0
  • Decentralized Identifiers (DIDs) v1.0
  • JSON-LD 1.1
  • Linked Data Proofs 1.0

Our Infrastructure

  • ISO/IEC 27001
  • ISO/IEC 27017
  • ISO/IEC 27018
  • ISO/IEC 27701
  • SOC 2
  • SOC 3

Schedule a Demonstration

Send us your availability and we will contact you to schedule a demonstration.