Skip to main content

Trust, privacy & responsible AI

iLernt holds reflections, evidence and advisor judgments — data that deserves institutional-grade care. We describe precise boundaries and per-control status rather than absolute assurances.

Last reviewed: July 5, 2026 · v1.1

ImplementedPilot configurationIn validationPlanned

Operating entity & accountability

  • ImplementediLernt is operated by StratInsyghts. Privacy and security contact: ilernt@stratinsyghts.com — this channel also receives complaints, escalations and accessibility-barrier reports, consistent with PIPEDA’s accountability and challenging-compliance principles.
  • Pilot configurationFull legal-entity details, jurisdiction of incorporation and business address are provided in the pilot due-diligence package.

Privacy & applicable legal frameworks

Applicable legal obligations vary by customer, jurisdiction and deployment — we describe our design posture precisely rather than claiming blanket compliance.

  • ImplementediLernt is designed using the ten PIPEDA fair-information principles: accountability, identifying purposes, meaningful consent, limiting collection, limiting use/disclosure/retention, accuracy, safeguards, openness, individual access, and a process for challenging compliance.
  • Pilot configurationFor institution-managed accounts, iLernt provides information and contractual controls to support the institution’s own responsibilities under applicable education and public-sector privacy law — including Ontario FIPPA and U.S. FERPA, where relevant. FERPA is an institutional records-and-disclosure framework, not an in-app toggle.
  • ImplementedData categories processed: account identity; education/employment context supplied by the learner; reflections; Proof Cards; artifacts; credentials; pasted job postings; simulation attempts; coach conversations; advisor comments and decisions; employer interactions; consent and sharing history; usage and security logs.
  • ImplementedAdvisor comments and decisions about a learner are treated as sensitive personal information (they are another person’s opinions about an individual under FIPPA’s definition).

Agreements, notices, consents & authorizations

These are legally distinct and are recorded separately — not one interchangeable “consent”.

  • ImplementedTerms acceptance, privacy-notice acknowledgement, and optional sharing consents are recorded as separate events with timestamps.
  • ImplementedLearners can revoke optional sharing permissions in-app at any time.
  • Pilot configurationProcessing required to deliver an institution-managed service may be governed by the institution’s authority and contract rather than by a revocable app consent alone; FERPA disclosure authorizations are handled at the institutional level.

Learner privacy & employer visibility

  • ImplementedLearner reflections are private by default and are not directly visible to employers — unless the learner intentionally converts selected content into a shareable Proof Card and approves it.
  • ImplementedEmployers see only the passport sections and advisor-endorsed Proof Cards the learner intentionally shares. Source reflections, private drafts, advisor-only context and unverified AI outputs are excluded from employer views.
  • ImplementedPassports are private by default; link-sharing is unlisted; public discoverability is a separate, explicit opt-in. Sharing can be revoked at any time — though previously downloaded or independently recorded copies cannot always be recalled.
  • PlannedShare-link expiry dates, learner-visible access logs, and employer identity verification.

Access controls

  • ImplementedAccess to learner records is restricted through role-based and record-level authorization controls. Learners access their own records; advisors access records submitted to them or available under their institutional role; institutions never merge. Administrative and service access is separately restricted and logged.
  • Pilot configurationA detailed access-control register (database policies, storage rules, elevated-credential functions, tenant boundaries) is maintained in the pilot security package.
  • PlannedAutomated cross-tenant permission test suite in CI (student↔student, advisor↔other-institution, employer↔private-content, executive↔identifiable records).

Data export & deletion

  • ImplementedLearners can export their platform data (JSON) and initiate account deletion in-app.
  • ImplementedDeletion is completed subject to applicable legal, institutional, credential, security-log and backup-retention requirements. Before confirming, iLernt explains what will be deleted and what may be retained, why, and for how long.
  • Pilot configurationA data-retention and deletion matrix (covering artifacts, AI interactions, share links, endorsements, credentials, analytics, audit logs, backups and subprocessor copies) is included in the pilot package.

Data residency

  • Pilot configurationInstitutional deployments are assigned to an agreed hosting region where supported; the selected region applies to the services expressly listed in the deployment documentation.
  • Pilot configurationSome subprocessors, support operations, security logs or AI processing may occur in other jurisdictions, as disclosed in the subprocessor register and data-flow documentation.
  • ImplementedThe in-app learner residency selection records a preference used in institutional deployment planning; it is not by itself a residency guarantee.

Responsible AI

  • ImplementedAI is instructed and technically constrained to generate suggestions from evidence supplied by the learner. It is not authorized to create accomplishments or present unsupported claims as fact. Because AI outputs can still contain errors, omissions or overstatements, learners must review and approve AI-assisted language before it is submitted, shared or considered for endorsement.
  • ImplementedEach AI-assisted output identifies the source evidence used, the model involved, material inferences, and the statements requiring learner verification. Advisors see whether a card is AI-assisted and whether the learner verified it.
  • ImplementedLearner content is not used to train iLernt or provider models. AI requests are processed via Anthropic’s commercial API: inputs and outputs are not used for model training, and Anthropic retains API request logs for 7 days for abuse-detection purposes only (except where longer retention is required by law or to investigate a Usage Policy violation), then purges them. Formal contractual Zero Data Retention with Anthropic is not currently in place; where an institutional pilot requires it in writing, we pursue it with Anthropic Sales.
  • ImplementedA non-AI workflow remains available for every core journey: rule-based scoring and feedback are free and AI-independent; AI features are optional assists. Employers never receive AI-generated rankings, and Job Fit never automatically excludes learners.
  • ImplementedConsequential-use limitation: AI-generated feedback, evidence scores and job-fit analyses are developmental aids. They must not be used as the sole basis for admissions, grading, credential award, employment rejection or other consequential decisions.
  • PlannedInstitutional controls to disable AI features per deployment; documented bias testing across demographic and language groups.

Scoring — transparent and bounded

  • ImplementedEvidence-quality and reflection-depth scores are rule-based and explainable: every criterion, its weight and how to improve is shown to the learner and to advisors identically. AI does not alter these scores.
  • ImplementedScores evaluate the completeness and quality of evidence submitted within iLernt. They do not measure a learner’s intelligence, character, overall employability or complete level of competence — and are never used to rank learners for employers.
  • ImplementedEvidence status and articulation quality are tracked as separate axes: how well a claim is worded never substitutes for how well it is evidenced or validated.

Evidence provenance & audit

  • ImplementedDefined security- and accountability-relevant actions are recorded in restricted audit logs: record creation, material edits, AI generation, learner verification, sharing changes, submissions, advisor decisions, credential issuance, exports, deletion requests and administrative access.
  • ImplementedDeletion events record that an action occurred without retaining deleted learner content in log payloads beyond documented audit and security requirements. Audit access and retention are restricted.
  • ImplementedEach Skill Proof Card shows its provenance trail: learner-created → AI-assisted (disclosed) → learner-verified → submitted → advisor decision.

Credentials

  • ImplementediLernt issues credentials using the Open Badges 3.0 data model, with issuer, criteria, evidence and status information and a public verification page. Credentials are distinct from Proof Cards and advisor endorsements.
  • In validationExternal conformance testing against independent Open Badges verifiers (cryptographic signing, status/revocation checking, standards-conformant JSON-LD export).

Accessibility

Status: accessibility review in progress — internally tested; an independent audit is planned. A feature list is not a conformance claim.

  • ImplementediLernt is being developed toward WCAG 2.2 Level AA: keyboard navigation, programmatic labels, visible focus, sufficient contrast in light and dark themes, text resizing and accessible error handling on key workflows. Voice functions have equivalent text-based controls.
  • ImplementedCaptions and transcripts are provided where audio or video content is used (the platform is currently text-first; read-aloud and dictation are optional assists).
  • PlannedIndependent WCAG 2.2 AA audit and published known-issues list. Report an accessibility barrier: ilernt@stratinsyghts.com.

Institutional analytics & de-identification

  • ImplementedLeadership dashboards use aggregate or de-identified reporting and do not provide direct access to individual learner records; authorized advisors access identifiable records only through separate operational workflows. Free-text reflections never appear in analytics. Usage is reported as usage — never presented as employment impact.
  • PlannedMinimum cohort thresholds and rare-combination suppression to reduce re-identification risk in small programs.

Security overview

  • ImplementedEncryption in transit (TLS) and at rest across the hosting and database infrastructure; daily backups with provider-managed disaster recovery.
  • ImplementedProduction access limited to named operators; secrets managed via the deployment platform; no learner data in source control.
  • In validationMFA enforcement on all privileged accounts; dependency vulnerability scanning in CI; documented incident-response and breach-notification procedure (draft included in pilot package).
  • PlannedFormal security certification (SOC 2 / ISO 27001): not currently certified; roadmap available for enterprise contracts.

Age policy

  • ImplementediLernt is not directed to children under 13, and independent registration by users under 13 is not permitted. Youth-serving institutional deployments require an approved age, authority, notice and consent configuration before personal information is collected.

Product limitations

  • ImplementediLernt does not guarantee employment, admission, academic credit or credential recognition. Advisor endorsement reflects the defined review performed by the named reviewer; it is not an institutional certification, formal recognition of prior learning, or an employment recommendation unless expressly identified as such by the issuing institution.

Pilot due-diligence package

  • Pilot configurationFor qualified institutional prospects, iLernt provides a pilot due-diligence package: platform data-flow diagram, subprocessor register, security-controls summary, retention and deletion matrix, data-processing agreement, and responses supporting the institution’s own privacy impact assessment (including Ontario FIPPA PIA requirements). Availability and scope are confirmed before any institutional learner data is onboarded.

Running a pilot?

See the bounded pilot package — scope, deliverables and the evaluation model we use to measure real outcomes.

View the pilot package