“Integrity in education begins with integrity in how we handle information.”
Background
The International Accrediting Commission for Digital Education (IACDE) values transparency, accountability, and trust in all interactions with institutions, reviewers, and the public. As part of our global commitment to ethical quality assurance, we safeguard all personal and institutional data shared with us in the course of the accreditation process.
This Data Protection & Privacy Policy outlines how IACDE collects, stores, and uses information in compliance with applicable data privacy regulations, including the U.S. Privacy Act and the General Data Protection Regulation (GDPR).
Purpose
The purpose of this policy is to:
• Protect personal and institutional data collected during accreditation and membership activities.
• Ensure secure handling, retention, and lawful use of information.
• Promote transparency in how IACDE manages confidential information globally.
Scope
This policy applies to:
• All institutional applicants, peer reviewers, and Commission members.
• All digital platforms, applications, and records used by IACDE.
• All personal and institutional data processed by IACDE for accreditation, recognition, or communication.
Legal and Institutional Context
IACDE is a legally registered private accreditor in the State of New Mexico, USA.
Our operations comply with recognized international data protection frameworks and quality standards, including:
• GDPR (EU 2016/679)
• ISO/IEC 27001 for information security management principles
• CHEA IQG and INQAAHE good practice frameworks
IACDE acts as a Data Controller for information collected from institutions, staff, and affiliates and as a Data Processor when managing information on behalf of recognized entities.
Data We Collect
IACDE collects only the information necessary to perform its accreditation and administrative functions, including:
• Institutional profile information (e.g., name, address, governance, programs).
• Contact details of institutional representatives, reviewers, and partners.
• Accreditation documentation (applications, self-studies, reports, communications).
• Website and correspondence data (submitted via forms or email).
How We Use Data
Data is used exclusively for:
• Managing accreditation, candidacy, and quality assurance processes.
• Communication with institutions, reviewers, and members.
• Maintaining directories and public disclosures consistent with IACDE policy.
• Statistical analysis to improve services and operational transparency.
IACDE does not sell, trade, or rent any personal or institutional data.
Data Retention & Storage
• Accreditation-related data is securely stored in encrypted systems hosted within the United States.
• Records are retained only as long as necessary for accreditation and audit purposes.
• Archived data is anonymized or deleted upon expiration of retention periods.
• All personnel and contractors with access to data are bound by signed confidentiality and non-disclosure agreements.
Rights of Data Subjects
Individuals and institutions have the right to:
• Access and review data held by IACDE.
• Request correction of inaccurate or incomplete records.
• Request deletion of non-essential data where legally permissible.
• Withdraw consent for non-mandatory communications.
Requests can be submitted in writing to privacy@iacde.org.
Third-Party Processors
IACDE occasionally partners with third-party vendors for secure document management, payment processing, or website hosting.
Each vendor is evaluated for compliance with international data protection standards and must sign a confidentiality and data handling agreement.
Data Breach Notification
In the unlikely event of a security breach, IACDE will:
• Promptly investigate the incident.
• Notify affected parties within a reasonable time frame.
• Take corrective action to prevent recurrence.
International Data Transfers
Given IACDE’s global scope, some data may be processed in or transferred to other jurisdictions.
All transfers are handled in compliance with GDPR standards through contractual safeguards or equivalent legal mechanisms ensuring adequate protection.
Children’s Privacy
IACDE does not knowingly collect data from individuals under 18 years of age.
Policy Review & Updates
This policy is reviewed annually by the Policy & Standards Committee to ensure continued alignment with evolving privacy legislation and accreditation practices.
Contact Information
Questions or requests regarding data privacy may be directed to:
International Accrediting Commission for Digital Education (IACDE)
8206 Louisiana Blvd NE, Ste B #10025, Albuquerque, NM 87113, USA
privacy@iacde.org | www.iacde.org
If you have any questions or concerns regarding the handling of your personal or institutional information, please contact our Data Protection Officer at
privacy@iacde.org
Policy Adoption Record
Adopted by the International Accrediting Commission for Digital Education: 06/2025
Revised: 10/2025
Editorial Revision: 10/2025