Privacy Policy

Allure Connect is a training delivery and measurement platform used by organizations ("customers") to host, distribute, and measure training. This policy covers the personal data we handle when you visit our website, create an account, or use the platform.

Two roles matter here. For data about our customers and website visitors — account details, billing, support, and marketing — we decide how the data is used. For learning records — launches, completions, scores, and similar activity about a customer's learners — we process that data on the customer's behalf and under their instructions. If you are a learner whose training runs through Allure Connect, the organization that provided your training controls that data; please direct requests about it to them, and we will support them in responding.

We collect information you provide directly, such as your name, email address, and workspace details when you create an account, contact us, or subscribe to updates.

Operating the platform also requires processing: training packages customers upload; learner launch and session records; completion, score, and similar activity data; webhook delivery and integration metadata; API usage tied to your keys; workspace and billing identifiers; and technical diagnostics (such as error logs and IP addresses) needed to keep the service reliable and secure.

We use this information to operate, maintain, and improve the service: hosting and delivering training content, recording and reporting learning activity for the customer who owns the workspace, measuring product performance, processing subscriptions and invoices, providing support, sending service and (where permitted) product communications, enforcing our terms, and detecting abuse or security issues. We do not use learning records to train generalized AI models or for advertising.

We use cookies and similar technologies where needed for sign-in, sessions, preferences, and security. When training is delivered to learners who are not signed in, we set a first-party anonymous identifier so the course can keep their place and so usage can be counted for the customer — it does not identify the learner to us by name and is not used for advertising. Product analytics are aggregated or de-identified. You can control many cookies through your browser settings; blocking the functional ones may prevent training from launching correctly.

We do not sell personal information. We share it only:

• •with service providers who help us run the platform (identity, hosting, payments, email, and infrastructure), under contracts that limit their use of the data to providing services to us;
• •with the customer whose workspace the data belongs to — for example, learning records are reported to the organization that dispatched the training;
• •with third-party platforms a customer connects, at the customer's direction (for example, results reported back to the learning platform that launched a course);
• •when required by law, legal process, or to protect rights, safety, and the service; and
• •as part of a merger, acquisition, or sale of assets, in which case this policy continues to apply to the data.

We keep account and workspace data while the account is active. After a workspace is closed, customers have 30 days to export their content and learning records, after which we delete or de-identify them within a reasonable period, except where retention is required for legal, billing, or security purposes. Residual copies may persist briefly in encrypted backups before they age out. Diagnostic logs are kept on shorter rolling windows.

We take reasonable technical and organizational measures to protect information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction — including encryption in transit, scoped API keys, and access controls separating customer workspaces. No method of transmission or storage is completely secure; if we learn of a breach affecting your data, we will notify you as required by law.

Depending on where you live, you may have rights to access, correct, delete, or export your personal data, and to object to or restrict certain processing. Account holders can access and update most information directly in the product, and can export their workspace data using built-in export features and APIs. For anything else, contact privacy@allureconnect.com and we will respond within the time required by applicable law. If you are a learner, we will route your request to the organization that controls your training data and support their response. You can opt out of marketing emails at any time via the unsubscribe link; service emails (such as billing and security notices) are sent as needed to operate your account.

Our website and accounts are intended for adults and business use, and we do not knowingly collect personal information directly from children. Where a customer's training audience includes minors, the customer is responsible for obtaining any consents and providing any notices required by laws that apply to them (such as COPPA or FERPA for U.S. education audiences); we process that data only on the customer's behalf.

We are based in the United States and process data on infrastructure located there. If you use the service from elsewhere, your information will be transferred to and processed in the United States. Where the law of your jurisdiction requires safeguards for such transfers, we rely on appropriate measures such as contractual protections with our service providers.

We may update this policy from time to time. For material changes we will give notice (for example, by email or in-product) before they take effect. The "Last updated" date above reflects the latest revision.