Data security and privacy
The cybersecurity and regulatory landscape is constantly evolving—and so are we.
Key Security and Privacy Features
CPRA and GDPR Compliance
Enjoy data privacy at a level that meets or exceeds multiple international standards
The latest EU SCCs were released in June 2021. Naturally, we've incorporated them into our agreements.
Look at the list at the bottom of this page to learn more.
Role-Based Access Control (RBAC)
Security rules built in to our database and long-term storage enforce RBAC at the lowest levels.
Encryption during Transmission and Storage
Protected in transmission with HTTPS, protected at rest with AES-256.
Built on W3C and IMS standards, our credentials are designed from the ground up for portability and interoperability.
Although the CPPA will be superseded by the CPRA in 2023, we're already prepared with measures such as protection of "Sensitive Personal Information", a ban on both selling and sharing recipient data for the purpose of advertising, and avoidance of "Profiling".
For further information on the CPRA, we recommend visiting the website of the Californians for Consumer Privacy, which has summaries, changes from the CPPA, and even annotated versions of the CPRA.
In addition to handling the CPRA/CPPA, we also stay on top of the GDPR. On our website, we follow best practices on cookie consent and have eliminated all non-essential cookies. Meanwhile, aside from those needed for authentication, our SaaS application has zero mandatory cookies in it. Following the GDPR isn't too challenging for the team at Digit.ink since we're just not interested in gathering information through intrusive methods.
Data subjects in the EU can reach us for requests at https://digit.ink/pages/contact-us.
The Schrems II decision invalidated the EU-US Privacy Shield framework, forced drafting of new Standard Contractual Clauses (SCCs), and generally threw established data transfer arrangements into disarray. Fortunately, Digit.ink has stayed on top of the regulatory situation and we've incorporated the latest SCCs into the agreements we sign with data controllers based in the EU. For more details, contact us.
Standards and Certifications
- Open Badges v2
- Verifiable Credentials Data Model 1.0
- Decentralized Identifiers (DIDs) v1.0
- JSON-LD 1.1
- Linked Data Proofs 1.0
- ISO/IEC 27001
- ISO/IEC 27017
- ISO/IEC 27018
- ISO/IEC 27701
- SOC 2
- SOC 3