What types of information is collected by Badgr, and how is it used? Are there any special provisions for underage users (below age 13)?
Badgr users below age 13
We don't provide specific legal advice to organizations seeking to use Badgr, but we can be clear about what information is stored on Badgr's database and caches. Badgr must be used in a manner compatible with COPPA for young earners, meaning to make sure to limit the amount of personally identifiable information that is stored on the system.
We store a small amount of student information as it is reported to us. That includes the email address of the recipient, but not the name, unless you are using the optional leaderboard feature and the student checks the box to opt into sharing their real name. Otherwise, we just store the email address that Canvas reports to us. However, schools with young students are often configured to not share student email addresses via LTI when they are dealing with under-13 users, and in that case, we award badges to an opaque student identifier that is not identifiable as the student, meaning we have no personal information on those users on our server.
All students who view Badgr via the Canvas app will be able to see badges they've earned and follow their progress through courses. However, they will not be able to use these badges outside of Canvas like most Open Badges. In a future version, we'll be implementing an upgraded workflow for under-13 users.
Need more help? Contact us at firstname.lastname@example.org