HAT DATA EXCHANGE RATING DECLARATION

HAT DATA EXCHANGE RATINGS GIVE HAT OWNERS FULL TRANSPARENCY ON HAT-Enabled Applications

HAT-enabled applications have to declare HATDeX Rating to HAT owners when they request to interact with HAT Microservers. The rating gives HAT owners transparency in understanding how apps that integrate with the HAT use the data inquired or acquired by them. The rating scheme give HAT owners an “at a glance” indication of the application or the data debit requests by data acquirers on the HAT platform. The declaration of the HATDeX rating provide all HAT Owners the assurance that data transactions are transparent. It does not purport to make a judgement on what data should or should not be exchanged. Please note that the declaration of rating is not verified by the platform and false declaration may result in HAT owners ability to take direct action against organisations.

Glossary of terms

  1. Normal class apps

Normal class apps are subjected the ratings below. For clarity, data plugs are a form of app and will be rated the same way.

FIRST LETTER: 

WHERE HAT DATA IS STORED BY THE APP

A* 

The app or the data debit request does not require any data from the HAT owner. This is usually the case for apps that request only a verified action, a signal, or apps that only write data into the HAT like data plugs.

A

The app requires data from the HAT but it does not store HAT data anywhere outside the HAT, except for performance and caching purposes.

B

The app requires data from the HAT and will store data outside the HAT but within its own app service and will not transfer the HAT data anywhere else and this is expressly stated under its legal terms and conditions (please note that the foundation does not yet do audit checks on whether this is technologically or operationally complied with).

C

The app will store data outside the HAT and may transfer HAT data elsewhere for analysis purposes and this is expressly stated under its terms and conditions (please note that the foundation does not yet do audit checks on whether this is technologically or operationally complied with).

D

The app will store data outside the HAT and may transfer HAT data elsewhere for other undeclared purposes and this is expressly stated under its terms and conditions. (note: data debit request rated D that has any identifying data will not be approved under European regulations)

SECOND LETTER

CONDITIONS IMPOSED ON DATA CONTRIBUTED BY THE APP

A*

The app does not impose any conditions on the re-use and/or re-sharing of the data generated by the app that has been written to the HAT

A

The app imposes conditions on the re-use and/or re-sharing of the data generated by the app for legal purposes e.g. protection of minors etc. OR the app does not contribute any data to the app

B

The app imposes conditions on the re-use and/or re-sharing of the data generated by the app that has been written into the HAT.

THIRD LETTER

COMPLETENESS OF DATA CONTRIBUTED BY THE APP

A*

The data contributed by the app into the HAT is more than complete i.e. a subject access request from the HAT owner to the app yields the same data as that which is brought into the HAT and the app contributes other data such as descriptions and images to make the data more understandable AND the app contributes data generated by the person on the app back into the HAT (within performance limits).

A

The data contributed by the app into the HAT is complete i.e. a subject access request from the HAT owner to the app yields the same data as that which is brought into the HAT AND the app contributes data generated by the person on the app back into the HAT (within performance limits).

B

The data contributed by the app into the HAT is complete i.e. a subject access request from the HAT owner to the app yields the same data as that which is brought into the HAT but the app does not contribute all data generated by the person on the app back into the HAT.

C

The data contributed by the app is incomplete i.e. a subject access request from the HAT owner to the app yields more data than that which is brought into the HAT.


The scoring of the above rating will determined the colour of the rating badge

Screen Shot 2019-01-27 at 20.40.36.png
4.1 Instructions to Microserver - Screen Size.png

2. Z class apps

Z class apps are Owner Services that enable the HAT owner to view, browse and search their HAT microserver as well as manage permissions and organise their HAT. Z class apps are fully certified by the foundation to ensure no access by anyone except the HAT owner and whomever the HAT owner permits. The completeness of Z class apps is depicted by the number of *.

Z*** : This app has full functionality. All tools, apps and plugs available in the HAT ecosystem is available on this app, including the ability to manage the HAT owner's public profile, cancel data debits, enable and disable tools, apps and plugs.

Z** : Some functionalities to manage the HAT microserver are missing from this app.

Z* : Most functionalities to manage the HAT microserver are missing from this app

Z : This app has limited functionality for managing the HAT microserver

Z class apps are only issued by HAT Platform Providers