CREDMINDER
Privacy Policy Enterprise Addendum
Last Updated: April 2, 2026
IMPORTANT: This Privacy Policy Enterprise Addendum (the "Privacy Addendum") supplements the CredMinder Privacy Policy (the "Base Privacy Policy"). It describes additional data collection, use, and sharing practices that apply when an Organization uses CredMinder Enterprise and when Employees participate in an Organization's Enterprise account. The Base Privacy Policy continues to apply to all users. In the event of a conflict, this Privacy Addendum controls for Enterprise-related data processing.
1. Scope and Applicability
This Privacy Addendum applies to:
- Organizations: Legal entities that subscribe to CredMinder Enterprise and their designated Admins.
- Employees: Individual users who link their personal CredMinder accounts to an Organization.
Terms not defined in this Privacy Addendum have the meanings given in the Base Privacy Policy or the Enterprise Terms of Service Addendum.
2. Additional Information Collected for Enterprise
2.1 Organization Information
When an Organization subscribes to CredMinder Enterprise, we collect:
| Data Type | Source | Purpose | Details |
|---|---|---|---|
| Organization name | Admin input | Account identification | Displayed in the Admin Dashboard and to linked Employees |
| Admin email addresses | Admin input | Authentication, notifications | Used for login, compliance alerts, and billing notifications |
| Billing information | Stripe | Payment processing | Managed entirely by Stripe. We store only the Stripe customer ID and subscription status. |
| Organization settings | Admin input | Service configuration | Notification preferences, retention policy, required credentials list |
2.2 Membership Information
When an Employee links to an Organization, we create a Membership record containing:
- The Employee's name and email address (from their existing CredMinder account).
- The Employee ID assigned by the Organization.
- The Employee's role within the Organization (Admin or Employee).
- Membership status (active, invited, deactivated) and relevant dates.
2.3 Shared Credential Data
When an Employee enables the employer visibility toggle on a credential, the following data becomes accessible to the Organization's Admins:
- Credential title, expiration date, ID number, and compliance status.
- Credential images, only if the Employee has separately enabled image sharing.
Personal credential sharing is under the Employee's control. Employees choose which personal credentials to share on a per-credential basis and may revoke visibility at any time. Revoking visibility immediately removes the Organization's access to that credential's data.
Required Credential exception: When an Organization designates a Required Credential, employer visibility is automatically enabled for that credential and cannot be disabled while the Employee is linked to the Organization. Required Credentials are shared as a condition of enterprise participation. The Employee may unlink from the Organization at any time, which immediately revokes all sharing.
2.4 Compliance and Audit Data
The Enterprise Service automatically generates and stores:
- Compliance status calculations (compliant or non-compliant) for each Employee based on their Required Credentials.
- Compliance history over time for organizational reporting.
- Audit trail entries recording significant administrative actions (employee additions, deactivations, credential requirement changes, settings modifications).
3. How Enterprise Data Is Used
In addition to the purposes described in Section 2 of the Base Privacy Policy, Enterprise data is used for:
| Data Type | Purpose | Legal Basis (GDPR) |
|---|---|---|
| Organization profile | Administering the Enterprise account and providing the Admin Dashboard | Art. 6(1)(b) — Contract performance |
| Admin emails | Authentication, compliance alerts, billing notifications, periodic summary reports | Art. 6(1)(b) — Contract performance |
| Membership records | Linking Employees to Organizations, role-based access, compliance tracking | Art. 6(1)(b) — Contract performance |
| Shared credential data | Displaying credential information to authorized Admins for compliance management | Art. 6(1)(b) — Contract; Art. 6(1)(a) — Employee consent (visibility toggle) |
| Compliance calculations | Generating compliance status and reports for the Organization | Art. 6(1)(f) — Legitimate interest of the Organization in workforce compliance |
| Audit trail | Maintaining accountability and supporting dispute resolution | Art. 6(1)(f) — Legitimate interest in accountability and security |
| Billing data (Stripe ID) | Processing Enterprise subscription payments | Art. 6(1)(b) — Contract performance |
4. Protected Health Information Disclaimer
⛔ CredMinder, including the Enterprise Service, is not designed, intended, or authorized for use with Protected Health Information ("PHI") as defined under HIPAA. We do not process PHI on behalf of any Organization or individual user. We do not operate as a Business Associate under HIPAA and will not enter into a Business Associate Agreement.
The Service is intended solely for tracking professional credentials, licenses, certifications, and identification documents. It must not be used to store, transmit, or process patient records, medical diagnoses, treatment information, health plan data, or any other information that constitutes PHI.
Users and Organizations are solely responsible for ensuring that the data they enter into the Service does not include PHI. The Company accepts no liability for any HIPAA violations resulting from unauthorized use of the Service to process PHI.
5. Enterprise Data Sharing
5.1 Within the Organization
Shared credential data is accessible only to the Organization's authorized Admins. The Company enforces this access through server-side security rules. No credential data is accessible to other Organizations or to users outside the Organization.
5.2 Additional Service Providers
In addition to the service providers listed in Section 5.1 of the Base Privacy Policy, the Enterprise Service uses:
| Service | Provider | Purpose | Privacy Policy |
|---|---|---|---|
| Payment processing | Stripe, Inc. | Enterprise subscription billing | https://stripe.com/privacy |
| Transactional email | SendGrid (Twilio) or equivalent | Access code delivery, compliance alerts, summary reports | https://sendgrid.com/policies/privacy |
Stripe receives only the information necessary to process payments (Organization name, billing contact email, payment method). Stripe does not receive Employee credential data.
The transactional email provider receives Employee email addresses and notification content solely for the purpose of delivering enterprise-related emails (access codes, credential alerts, compliance summaries). No credential images or ID numbers are included in email content.
5.3 No Sale of Enterprise Data
We do not sell Organization data or Employee credential data. Enterprise data is used solely to provide the Enterprise Service and is not shared with third parties for marketing, advertising, or any purpose unrelated to Service delivery.
6. Enterprise Data Retention
6.1 Active Organizations
Organization data, Membership records, and shared credential data are retained for the duration of the Organization's active Enterprise subscription.
6.2 Deactivated Employees
When an Employee is deactivated:
- Access to their shared credential data ceases immediately.
- A summary record (name, Employee ID, compliance status at deactivation) is retained for the Organization's configured retention period (default: 90 days).
- Credential images are not retained after deactivation.
- After the retention period, the deactivated Employee's organizational records are permanently deleted.
- The Employee's personal CredMinder account and data are unaffected.
6.3 Organization Cancellation
Upon subscription cancellation, all Employees are deactivated and organizational data is retained per the configured retention policy (starting from the cancellation date). After the retention period, all organizational data is permanently deleted.
6.4 Organization Deletion
If the Super Admin deletes the Organization, all organizational data is permanently and immediately deleted, including the organization profile, Membership records, compliance history, and audit trail entries. Employees retain their personal accounts.
7. Enterprise Notifications
The Enterprise Service sends email notifications to Admins and Employees for operational purposes, including:
Admin notifications: New employee activations, employee unlinking alerts, expiring credential alerts, and periodic compliance summary reports.
Employee notifications: Organization invitation emails, new required credential alerts, and compliance reminder emails.
Notification frequency for periodic summaries is configurable by the Super Admin (every 7, 14, or 30 days). Employees may control push notification preferences through their device settings as described in the Base Privacy Policy.
8. Employee Privacy Rights in Enterprise Context
Employees participating in an Organization retain all privacy rights described in Section 7 of the Base Privacy Policy. Additionally:
Right to control sharing: Employees choose which personal credentials are visible to the Organization and may revoke visibility at any time. Required Credentials have employer visibility forced on as a condition of enterprise participation; the Employee's recourse is to unlink from the Organization.
Right to unlink: Employees may voluntarily unlink from the Organization at any time, immediately terminating the Organization's access to their credential data.
Right to personal data: An Employee's personal CredMinder account and credential data are never owned by or transferred to the Organization. Deactivation or Organization deletion does not affect personal data.
Right to transparency: Employees can see which of their credentials are currently shared with the Organization through the employer visibility toggle in the app.
9. Data Controller and Processor Roles
For the purposes of applicable data protection laws:
Be Prepared Education LLC is the Data Controller for all user account data, usage analytics, and Service operations.
The Organization acts as a Joint Controller with respect to the credential data that Employees choose to share. The Organization determines the purposes for which shared credential data is used (workforce compliance management), while the Company provides the technical infrastructure.
The Company acts as a Data Processor when processing shared credential data on behalf of the Organization for the sole purpose of providing the Enterprise Service. The Company's processing activities are limited to storing, displaying, and aggregating credential data as directed by the Organization's Admins through the Admin Dashboard.
Organizations requiring a formal Data Processing Agreement may request one by contacting the Company.
10. Enterprise Security Measures
In addition to the security measures described in Section 3 of the Base Privacy Policy, the Enterprise Service implements:
Role-based access control: Firestore security rules enforce that Admins can only access data for their own Organization. Cross-organization data isolation is enforced at the database level.
Credential visibility enforcement: Server-side rules ensure that Organization Admins can only view credentials where the Employee has explicitly enabled the employer visibility toggle.
Audit logging: Administrative actions are recorded in an audit trail to support accountability and dispute resolution.
Access code security: Employee linking codes are stored in hashed form and become non-reusable once claimed, preventing unauthorized account linking.
11. Changes to This Privacy Addendum
We may update this Privacy Addendum to reflect changes in our Enterprise data practices. When we make material changes, we will notify the Organization's Super Admin via email at least thirty (30) days before the changes take effect. Continued use of the Enterprise Service after the effective date constitutes acceptance of the updated Privacy Addendum.
Contact Us
If you have questions about this Privacy Addendum or our Enterprise data practices:
By email: support@bepreparededu.com
Online: www.bepreparededu.com/contact
This Privacy Policy Enterprise Addendum is effective as of April 2, 2026 and applies to all Organizations and Employees using the CredMinder Enterprise Service.