AloraLMS Privacy Policy

1. Scope

This Privacy Policy applies to personal information we collect from:

• visitors to our website
• prospective customers
• creators, instructors, workspace owners, administrators, and team members
• students, members, and purchasers
• support contacts and business contacts
• community participants
• users interacting with our checkouts, landing pages, and related Services

This Privacy Policy does not apply to:

• third-party websites, apps, or services not operated by us
• creator-owned websites or policies independently controlled by creators
• third-party payment processors, analytics providers, or integrations except as to our own handling of information we receive from them

2. Categories of Personal Information We Collect

Depending on how you use the Services, we may collect the following categories of personal information.

A. Identifiers and Contact Information

• name
• email address
• phone number
• mailing or billing address
• account username
• company, organization, or school name

B. Account and Profile Information

• account type
• role and permissions
• authentication-related data
• profile photo or avatar
• workspace details
• creator profile information
• user preferences and settings

C. Commercial and Transaction Information

• order history
• purchase records
• subscription status
• invoices
• payment status
• limited payment-related metadata such as payment method type, last four digits, expiration month or year, billing ZIP, processor tokens, and related transaction identifiers where made available to us

We do not intentionally store full payment card numbers or full security codes on our own servers when payments are processed by third-party payment processors.

D. Content and User-Submitted Materials

• course content
• lesson content
• files, videos, audio, images, PDFs, and digital assets
• comments, messages, posts, replies, and community activity
• coaching-related submissions
• quiz, assignment, progress, and certificate information
• support tickets and communications

E. Internet, Network, Device, and Usage Information

• IP address
• browser type
• device type
• operating system
• session identifiers
• referring URLs
• pages viewed
• timestamps
• clicks and navigation events
• crash and diagnostics information
• cookie or similar identifier data

F. Marketing and Communications Information

• email preferences
• campaign interactions
• referral information
• UTM parameters
• affiliate attribution data
• waitlist, launch, and promotional signup information

G. Inferences and Analytics

We may derive general insights such as likely product interests, engagement level, learning progress patterns, support history, or churn risk.

3. Sources of Information

We collect personal information:

• directly from you
• automatically when you use the Services
• from your device or browser
• from payment processors
• from authentication providers
• from analytics and infrastructure providers
• from customer support tools
• from integrations you authorize
• from creators or workspace administrators who invite, enroll, or manage users
• from referral and affiliate tracking sources
• from public sources where permitted by law

4. How We Use Personal Information

We may use personal information to:

• provide, operate, maintain, and improve the Services
• create and manage user accounts
• authenticate users and secure accounts
• process purchases, subscriptions, refunds, and related transactions
• provision access to courses, memberships, downloads, communities, and coaching
• communicate with you about your account, purchases, renewals, security matters, and support issues
• personalize and improve user experiences
• send transactional messages
• send marketing communications where permitted by law
• administer promotions, referrals, and affiliate programs
• monitor performance, usage, engagement, and service quality
• troubleshoot problems and provide customer support
• detect, investigate, and prevent fraud, abuse, spam, and security incidents
• enforce our Terms and policies
• comply with legal obligations
• establish, exercise, or defend legal claims
• conduct analytics, research, and internal business operations

5. Legal Bases for Processing

Where applicable law requires a legal basis for processing personal information, we may process your information based on:

• performance of a contract
• compliance with legal obligations
• our legitimate interests in operating, securing, and improving the Services
• your consent, where required
• other lawful bases permitted by applicable law

6. Cookies, Similar Technologies, and Preference Signals

We and our service providers may use cookies, pixels, tags, SDKs, local storage, APIs, and similar technologies to:

• keep users signed in
• remember preferences
• secure sessions
• measure traffic and performance
• understand product usage
• support analytics
• improve the Services
• support marketing attribution
• help detect fraud and abuse

If we engage in processing that requires recognition of a browser-based opt-out preference signal under applicable law, including California’s Global Privacy Control, we will process that signal as required by law for the relevant browser or device.

7. When We Disclose Personal Information

We may disclose personal information to the following categories of recipients.

A. Service Providers and Processors

We may share information with vendors and service providers that help us operate the Services, such as providers of:

• cloud hosting, storage, and infrastructure
• authentication
• payment processing and billing systems
• analytics and consumer support tools
• communications, media delivery, fraud prevention, and security monitoring

B. Workspace Owners, Creators, and Instructors

If you enroll in, purchase from, or participate in a creator-operated workspace, we may disclose information as needed to provide the experience, including:

• your name, email, and enrollment status
• purchase status and learning progress
• quiz/assignment results and community activity
• support records associated with that workspace

C. Payment and Financial Partners

We may disclose transaction-related information to payment processors, billing providers, and financial service providers in connection with purchases, payouts, or dispute management.

D. Integrations You Authorize

If you connect a third-party service, we may share information as necessary to enable that integration.

E. Legal, Compliance, and Safety Recipients

We may disclose information as necessary to: comply with law; enforce our agreements; investigate fraud, abuse, or security issues; or protect the right, property, or safety of users, the public, or the Company.

F. Corporate Transactions

We may disclose info in connection with a merger, acquisition, financing, or sale of assets.

8. Sale, Sharing, and Targeted Advertising

We do not sell personal information for money in the ordinary sense.

However, some privacy laws define “sale,” “sharing,” or “targeted advertising” broadly. If our activities fall within those definitions under applicable law, affected users may have the right to opt out. Where required, we will provide appropriate notices and opt-out mechanisms.

10. Categories of Personal Information Collected and Disclosed

We collect and disclose identifiers, account info, commercial records, user content, network/device activity, educational info, and inferences drawn from usage. Sources and uses are as described above.

11. Data Retention

We retain info as long as necessary to provide services, maintain history, comply with law, resolve disputes, enforce agreements, and maintain security.

12. Data Security

We use reasonable administrative, technical, and organizational safeguards. No system is completely secure, and we cannot guarantee absolute security. You are responsible for safeguarding your credentials.

13. International Transfers

We may process and store info in the United States and other countries. By using the Services, you understand your info may be transferred to those jurisdictions.

14. Privacy Rights Request Process

To exercise rights, contact support@aloralms.com stating the nature of your request. We will verify your identity before fulfilling.

15. Sensitive Personal Information

We do not use/disclose sensitive info for purposes requiring a right to limit under CA law except as permitted by law (e.g., providing requested services, security, compliance).

16. Children’s Privacy

The Services are not directed to children under 13 unless we implement designated protections. We do not knowingly collect info from children under 13 without verifiable parental consent where required.

If you believe a child under 13 has provided info without consent, contact support@aloralms.com.

17. Creator-Controlled Data

If you participate in creator-run workspaces, creators may independently determine data processing purposes. Review creator policies. We are not responsible for independent creator practices.

18. Third-Party Links

Services may link to 3rd-party sites/services. We are not responsible for their privacy practices. Review their notices.

19. Marketing Choices

Opt out of promotional emails via unsubscribe links or by contacting support@aloralms.com. Transactional messages will still be sent.

20. Do Not Track and GPC

Where legally required, we will honor applicable opt-out preference signals, including Global Privacy Control.

21. Changes to This Privacy Policy

We may update this policy. Revised versions will be posted with an updated Effective Date. Material changes may receive additional notice.