Website privacy statement

Updated: March 2, 2023

LRN Corporation (“LRN”, “Company”, “we”, “us”) is committed to protecting your privacy and earning your trust.  This Website Privacy Statement, which is effective as the date stated above describes LRN’s privacy practices for our website located at https://lrn.com and any related LRN social media channels (and their mobile counterparts) we may manage including, as part of any webinars, webcasts or events we may host or sponsor from such sites (collectively, the “Website.”)

Our privacy principles

It is our intent to provide you with information about what personal information we collect, how and why, how we use it, who we share it with, how we protect it, how long we keep it and your rights in respect of the personal information that we collect.

Since 1994, LRN has worked to propel organizations forward with the partnership, knowledge, and tools to build ethical culture. More than 2,500 companies and tens of millions of learners worldwide use LRN services and take LRN e-learning courses to help navigate complex regulatory environments and foster ethical, responsible, and inclusive cultures. In working with some of the world’s most respected brands, we create community and common purpose where people can leverage shared values to outbehave and outperform. 

When it comes to handling your personal information, consistent with our mission and partnering approach to our customer relationships it is not enough for us to merely comply with the law. We believe it is important to set an example for other companies to follow, which includes diligence and transparency with respect to our management of personal information. This Privacy Statement is part of our effort to achieve that.

 This policy’s coverage

This Privacy Statement applies to LRN’s collection of personal information as a controller (as such term is defined in the General Data Protection Regulation (EU) 2016/679 (the “GDPR”)) or as a business (as such term is defined under the California Consumer Privacy Act (“CCPA”)), through our Website.

To note, this Website Privacy does not govern the web sites, services, software applications and products which LRN creates, configures, provides, manages and/or hosts on behalf of its business customers, and any derivative and otherwise related products which are developed to work either remotely or on a mobile/tablet device (collectively “Partner Offerings,”) For information about how we use personal information we receive associated with our Partner Offerings in the capacity of processor (as such term is defined in the GDPR) or service provider (as such term is defined in the CCPA) please go to our Partner Offerings Privacy Statement. If you do not agree with our policies and practices, please do not use the Website or related services. By accessing the Website or using the related services, you agree to this Privacy Statement.

The term “personal information” as used herein means any information relating to an identified or identifiable natural person or household.

How we collect personal information

We may collect personal information from you directly or indirectly. For example, when you register for one of our webinars or virtual events or sign up to receive our newsletters, podcast or other promotional communications, you provide personal information directly to us. Other times, personal information is collected automatically pertaining to your use our Website. In addition, we may also obtain personal information from third parties or that is publicly available.

We collect personal information when you provide it

You may provide certain kinds of personal information directly by interacting with LRN online and offline (including via social media or Web forms, by telephone, email, text, in person or through postal mail).

When you register for a web seminar, request a demo or free trial, or sign up for or download certain resources available on our Website, you may be requested to provide, among other things, your email address, phone number, job title, employer name and geographic location. We may also collect personal information, typically name and contact information, employer, job title and geographic location of workplace, you voluntarily provide at industry or LRN sponsored in-person events.

We collect personal information from third-party sources

We may collect personal information about you from third parties, including from companies we partner with to sponsor online or in-person events, public databases or third parties from whom we purchase data. We may combine this with information we already have about you. This helps us update, expand, and analyze our records, identify prospective customers, and provide information regarding our solutions that may interest you.

We also work with third parties to support delivery of our online services (such as email and content streaming), or those that help us manage events, surveys, meetings and other service-related interactions. Your personal information may be provided to us by those third parties.

We also may collect personal information from online social networks if you take part in a webcast, for example, via LinkedIn. We may collect personal information when you click “Share This” or “Like” buttons or otherwise use social media buttons or plug-ins.

We collect personal information using automated technologies

Personal information is collected by automated technologies and shared with us when visitors navigate through our Website online. We may track your browsing actions and log your IP address. We track product preferences and content downloads, to make future visits to our Website more efficient.

Other automated collection technologies – such as cookies, beacons, tags, and scripts – are used by us to analyze trends, administer the Website, and track users’ movements around the Website. We, and our third-party partners, also use these technologies to gather demographic information about our user base as individuals and in the aggregate.

Please see the “Options with respect to Collection of Your Personal Data” section of this Privacy Policy for additional information on how to disable or opt-out of cookies and similar technologies on our Website.

Options with respect to collection of your personal data

As described below you have choices with respect to the collection of certain personal information, but some parts of the Website may not be fully available or functional without such information.

Opt out of marketing communications

If at any time you wish to opt-out of future newsletters or other promotional emails from us, you may click the “unsubscribe” link in the email or otherwise contact us at privacy@lrn.com. It may take up to 10 business days before you stop receiving promotional emails. This opt-out does not apply to operational communications, for example, order confirmation emails.

Access, update or delete information

If you have supplied us with personal information, for example by entering your contact and other personal information on the “Contact” page of our Website, you may update or delete your contact or other personal information by contacting us at privacy@lrn.com.

Cookies and browser web storage

Most browsers let you remove or reject cookies.  To do this, follow the instructions in your browser settings.  To prevent the use of Google Analytics relating to your use of our Website, you can download and install the browser plug-in available here. Many browsers accept cookies by default until you change your settings.  Please note that if you set your browser to disable cookies, the Website may not work properly.  Similarly, your browser settings may allow you to clear your browser web storage.

Targeted online advertising

Some of the business partners that collect information about users’ activities on or through the Website may be members of organizations or programs that provide choices to individuals regarding the use of their browsing behavior for purposes of targeted advertising. Users may opt out of receiving targeted advertising by:

Note that because these opt-out mechanisms are specific to the device or browser on which they are exercised, you will need to opt-out on every browser and device that you use. Please also note that we are not affiliated with any of the third data management products that we have referenced above and do not guarantee their performance or continuity.

Do not track

Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit.  We currently do not respond to “Do Not Track” or similar signals.  To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

We will not knowingly collect information from anyone younger than 18 years

Our Website and services associated with our Website are not intended for use by anyone younger than 18 years old, and we will never knowingly collect personal information from anyone younger than that. If you are under 18, please do not send any information about yourself to us. If we become aware that personal information of anyone younger than 18 has been provided to us for any purpose we will delete the information from our files.

Our legal basis for collection

Certain data protection laws require that we have a legal basis for collecting your personal information.  The legal basis we rely upon may be different in each circumstance or we may have one or more legal bases for the collection.

When accessing our Website, we collect personal information from you where (1) we have your consent, (2) where your personal information is necessary for us to provide a service (for example, when you register for a webcast), or (3) where we have a legitimate interest to process your information and that legitimate interest is not overridden by your data protection interests or fundamental rights and freedoms. Examples of processing of personal information to further our own legitimate interests, in a manner that does not outweigh your rights and freedoms, may include continuously improving, customizing, and personalizing our Website, including taking steps to protect against fraud, spam, and abuse; analyzing and improving the safety and security of our Website; and, aggregating and/or anonymizing personal information so that it is no longer considered personal information.

Also, in some cases, we may have a legal obligation to process your personal information, or to process your personal information to exercise, establish or defend legal claims.

How we use personal information

Consistent with our mission we endeavor to be transparent about our use of your personal information.

As mentioned above, visitors to the Website will provide their name and email address and other personal information when they register for a web seminar, request a demo or free trial, sign up for or download certain resources available on our Website or initiate communications with us on our “Contact” page.

Collecting and using this information allows not only easier, quicker access to our Website, content, and services on subsequent visits but also allows us to secure the information you have provided. As users navigate through the Website, their movements will be tracked and analyzed. Using this information allows us to provide more relevant content and create a better visitor experience. We also use personal information to:

  • provide, operate and improve the Website and our services;
  • market our products and services, typically through email and phone;
  • understand your needs and interests, and personalize your experience with the Website and our communications;
  • respond to your requests, questions, feedback and support requests;
  • maintain the security and integrity of the Website;
  • communicate with you about and provide updates regarding the Website and marketing information, such as special promotions or surveys, etc.;
  • comply with legal and regulatory requirements applicable to our business and internal policies, including those relating to maintaining records;
  • protect all parties in the event of disputes;
  • comply with court orders and legal processes, and to enforce our contractual rights and this Privacy Statement; and
  • accomplish any other legal, business, or marketing purposes consistent with the practices described in this Privacy Statement.

As noted above, we are the controller or business with respect to personal information we receive through our Website for our own business purposes, but where we are acting as a processor or service provider in delivery of our Partner Offerings, including providing guidance and services to our business customers, we do so as a processor or service provider as those terms are defined in the GDPR and CCPA, respectively.  The information we receive through our Partner Offerings and related services is subject to our Partner Offerings Privacy Statement.

If you provide personal information about others, or others give us your information, its use is limited to the specific purpose for which it was provided. Typically, this includes your name and business contact information (email address, phone number, job title, geographic location of employer).

Please do not provide personal information about others unless you are authorized or required to do so by applicable law. If applicable law allows you to supply the information, you represent and warrant that you have abided by that law and that it allows us to receive and disclose the information under this Privacy Policy without any further action on our part. You agree to indemnify, defend and hold harmless the Company, our affiliates and each of our subsidiaries, officers, directors, employees and agents for any failure by you to comply with this paragraph.

We do not sell personal information we receive through our Website or share it other than as outlined in this Privacy Statement.

How we share your personal information

We may share your personal information with third parties for various reasons, among them email delivery, data hosting, analytics, payment processing and content streaming. These services may collect browsing data that includes IP addresses, referring pages, and users’ movements as they navigate our Website. Other third parties help us with our marketing, including sending marketing communications and analyzing the effectiveness of our marketing efforts. When we share your personal information with a third party, we require that third party to protect the information consistent with this Privacy Statement and limit its use of the information to performing the services they provide to us.

Your content: if you make a public post, other users may see it

We may make available on our Website, or link to, features that allow you to generate your own content or share information online (e.g., on our blog or LinkedIn). Please do not embed personal information in the content you generate or share personal information online in public forums, because any such information can be collected and used by others. We have no control over, and take no responsibility for, the use, storage, dissemination or erasure of personal information embedded in user-generated content or shared on the Website or linked pages. By posting personal information online in public forums, you may receive unsolicited messages from other parties.

Third party sites

If you make a post on a third-party social media site, such as LinkedIn, or by identifying us in your social media feed by tagging us using a hashtag (#) or “at” (@), your personal information may be publicly available and is subject to the privacy policies of those third-party social media sites. As a reminder, this Privacy Statement describes how we treat your personal information once it is in our possession. We recommend you review the privacy policies of any third-party sites you visit to understand their data collection and processing practices.

Feedback you provide to us

If you provide suggestions for improving our Website or services, please be aware that any feedback relating to our Website or social media channels may be publicly shared.

Successors to our business may access your personal information

In the event of a merger, acquisition, reorganization, bankruptcy, or other sale of all or a portion of our assets or equity, any user information we control may be transferred to third parties as successors in interest. As part of this type of transaction, we reserve the right to transfer or assign your personal information to third parties. Other than to the extent ordered by a bankruptcy or other court, or as otherwise agreed to by you, the use and disclosure of all transferred user information will be subject to this Privacy Statement.

Compliance with legal requirements

We may disclose your information to government authorities or other third parties if:

  • we are required to do so by law, or in response to a subpoena or court order;
  • we believe in our sole discretion that disclosure is reasonably necessary to protect against fraud, or to protect our property or other rights or those of other users of the Website, third parties, or the public at large; or
  • we believe that you have misused the Website by using it to attack or gain unauthorized access to a system or to engage in spamming or other conduct that violates applicable laws or our contractual rights.

How we secure personal information

Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we have implemented industry-accepted organizational, physical, and technology-based security measures to protect against loss, misuse, unauthorized access, and alteration of personal information in our systems. We ensure that any employee, contractor, corporation, organization, or vendor who has access to personal information in our systems is subject to legal or professional obligations to safeguard that personal information which obligations are at least as stringent as those undertaken by us under this Privacy Statement.

While we use commercially reasonable, industry-accepted means to protect your personal information, no method of transmission over the Internet or form of electronic storage is completely secure and we cannot guarantee its absolute security.

LRN prohibits unauthorized access or use of personal information stored on its servers. Such access is a violation of law, and we will fully investigate and press charges against any party that has illegally accessed information within our systems.

Data retention

Where LRN collects your personal information for its own independent business purpose, such as through our Website, or in connection with webinars and events, we do so as a controller or business and will retain your information in accordance with our data retention practices.  Typically, we retain your personal information for the time necessary to serve the purpose for which it was originally collected or you subsequently authorized, and in accordance with applicable law. For example, we will retain your information for as long as necessary to comply with our legal obligations and rights, to resolve disputes, and to enforce our agreements.

Location of processing

LRN is headquartered in the United States. Your personal information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Website you understand that your information will be transferred to countries outside of your country of residence, including the United States, which may have data privacy or protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your personal information, including for purposes of national security or law enforcement requirements.

The United States currently is not a country the European Union (“EU”) deems “adequate” under applicable data protection laws. LRN collects, transfers, and processes personal information under terms required by applicable law, including: when you provide your consent, to perform a contract with you (such as to deliver products or services), or to fulfill a compelling legitimate interest of LRN in a manner that does not outweigh your rights and freedoms. LRN regularly enters into data protection agreements or other legally approved mechanisms with its vendors to support compliance with applicable law.

LRN is certified under the EU-U.S. and Swiss-U.S. Privacy Shield frameworks (the “Frameworks”).  However, in 2020, both Frameworks were declared invalid as a legal mechanism for the lawful transfer and processing of personal information from the European Economic Area, the United Kingdom, and Switzerland. LRN nevertheless continues to certify its compliance with the Frameworks as a means of evidencing its continued commitment to protecting personal information from the European Economic Area, the United Kingdom, and Switzerland and remains under the jurisdiction of the U.S. Federal Trade Commission.  As required by the Frameworks, any personal information we receive under the Frameworks will be maintained in accordance with the Privacy Shield principles. LRN is responsible for the processing of personal information it receives, under each Framework, and subsequently transfers to a third party acting as an agent on its behalf. LRN complies with the Privacy Shield principles for all onward transfers of personal information from the European Economic Area, United Kingdom, and Switzerland, including the onward transfer liability provisions.

We take appropriate safeguards to require that the personal information we process will remain protected in accordance with this Privacy Statement when transferred internationally, including when processed internationally by third-party service providers and partners. For personal information from the European Economic Area, the United Kingdom, or Switzerland, data protection laws in those jurisdictions require that that we tell you the legal safeguards we have in place to protect that personal information.  We may implement the European Commission’s standard contractual clauses, rely on general derogations in the GDPR or rely on a third-party service provider’s Binding Corporate Rules or other legally approved mechanism for any transfer of personal information to non-European Economic Area, United Kingdom, or Switzerland third-party service providers or business partners.

Personal information received by LRN is presently, where required, transferred and processed in accordance with the applicable European Commission standard contractual clauses.  More information about Privacy Shield can be found here and more information about the standard contractual clauses can be found here.

Any questions, complaints, access requests, and other issues arising under the Frameworks or under LRN’s Privacy Policy more generally, should be directed to privacy@lrn.com or LRN Corporation, Legal Department, 745 5th Avenue, 8th Floor New York, NY 10151.

LRN has a contract with an independent recourse mechanism, JAMS (an alternative dispute resolution provider based in the U.S., with several locations in the EU), which is available – at LRN’s cost, and at no cost to the individual – to address unresolved complaints regarding LRN’s compliance with the Privacy Shield Program. For any issues that cannot be resolved through LRN directly, you may contact JAMS at https://www.jamsadr.com/eu-us-privacy-shield. If your concerns are still not addressed by JAMS, you may be entitled to binding arbitration under the Privacy Shield principles.

A citizen of a country within the European Economic Area, the United Kingdom, or Switzerland may also address any privacy-related questions or problems to the appropriate data protection authority in his or her country.

European Economic Area, Switzerland, or United Kingdom

Individuals from the EU, the United Kingdom and Switzerland have certain rights associated with their personal information based on applicable law.

In addition to the rights granted under this Privacy Statement, EU, the United Kingdom and Switzerland data subjects have the following data protection rights under applicable law:

  • You can request access to, correction of, updates to, or request deletion of your personal information in our possession.
  • You can request more information about how we process your personal information, where and how we collected that information, the categories of that information, with whom we share it, and how long we retain it.
  • You can object to the processing of your personal information, ask us to restrict the processing, or request portability of your personal information.
  • You have the right to opt out of marketing communications we send at any time. You can opt out by clicking on the “unsubscribe” or “opt-out” link in any marketing email we send you.
  • If we have collected and processed your personal information based upon your consent, you may withdraw your consent at any time; however, withdrawing your consent will not affect the lawfulness of any processing we conducted before your withdrawal, nor will it affect processing of your personal information when we have relied on other legal grounds for the processing.
  • Upon your request, and where it is technically feasible, LRN will provide you with a copy of your personal information in a portable format or transmit it directly to another controller.
  • You have the right to make a complaint to the data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority. Contact details are available here.

To make a request, please contact us by emailing us at privacy@lrn.com with “Data Subject Request” in the subject line. Provide full details relating to your request, including your contact information and any other details you believe are relevant. We are committed to responding to verifiable requests to exercise data protection rights in accordance with applicable laws.

California consumer rights

The California Consumer Privacy Act provides specific rights to consumers who reside in California. If you are a resident of California, as that term is defined under California law, this section shall apply in addition to all other applicable rights and information contained in this Privacy Statement.

  • You have the right to request that we provide you with information about what personal information we collect, use, and disclose.
  • You have the right to request that we delete personal information we, or our service providers, store about you.
  • We will not discriminate or retaliate against you if you elect to exercise any rights under this section of our Privacy Statement or otherwise under the CCPA.
  • As noted above, we do not sell your personal information and we only share your personal information with third parties as described in this Statement. If we ever change our policy, you will have the right to request that we not sell your personal information.
  • You have the right to designate an authorized agent to make a request on your behalf. Please see the Identity Verification Requirement below for information on our process for verifying that we have received a legally valid request.
  • If you are a California resident and have additional questions as to your rights under this Privacy Statement and the CCPA or wish to submit a request with respect to your personal information, please contact us by completing the form located here or by emailing us at privacy@lrn.com or call us toll-free at 866.439.3071.

Identity verification requirement

The law requires us to verify that any request submitted was made by someone with the legal right to access the information. Therefore, before accessing or divulging any information pursuant to a data access request, we may request that you provide us with additional information so we can verify your identity and legal authority, particularly where the information provided with the request is insufficient to confirm legal authority and/or identity.

To make a request, please contact us by completing the form located here or by emailing us at privacy@lrn.com with “Data Subject Request” in the subject line and provide full details about your request, including your contact information and anything you believe is relevant. We will provide a response to an access request within the timeframes required by law. If we cannot substantively respond in a timely manner, we will notify you and provide the reason for the delay.

Under certain circumstances, we may not fulfill your request, such as when doing so would interfere with our regulatory or legal obligations, when we cannot verify your identity, if your request involves disproportionate cost or effort as provided under applicable law, or when the law allows or requires us to retain that information. In all such cases, however, we will respond to your request within a reasonable time, as required by law, and provide an explanation.

Updates

This Privacy Statement will be reviewed at least every 12 months and updated to reflect our personal information handling practices.  We reserve the right to amend this Privacy Statement at any time, for any reason, without additional notice to you, other than through posting the updated Privacy Statement on our Website. We invite you to return to this page to ensure you are informed of any updates we make about how we collect, use, and protect customer information. You can see when this Privacy Statement was last updated by checking the “last updated” date displayed at the beginning of this Privacy Statement.

Contact us

If you have questions about the way we handle personal information, please contact us at privacy@lrn.com. You may also reach us at:

LRN Corporation
Legal Department
41 Madison Avenue, 30th floor
New York, New York 10010
Toll-Free: 866.439.3071

Partner offerings privacy statement

Updated: March 2, 2023

LRN Corporation (“LRN”, “Company”, “we”, “us”) is committed to protecting your privacy and earning your trust. Since 1994, LRN has helped more than 15 million people in more than 700 companies worldwide navigate complex legal and regulatory environments and foster ethical cultures. LRN is the trusted long-term partner to more than 400 client companies, including some of the most respected and successful businesses in the world, which has enabled us to create an active and growing community with a common interest. Together we acquire and disseminate proven strategic and tactical insights and develop solutions based on real-world experiences.

When it comes to handling your personal information, consistent with our mission and partnering approach to our business customer relationships (whom we often refer to as “LRN partners”) it is not enough for us to merely comply with the law. We believe it is important to set an example for other companies to follow, which includes diligence and transparency with respect to our management of personal information. This Partner Offerings Privacy Statement (“Privacy Statement”) is part of our effort to achieve that.

This Statement applies to the web sites, services, software applications and products which LRN creates, configures, provides manages and/or hosts on behalf of its business customers for such products and services (“Business Customers”), and any derivative products which are developed to work either remotely or on a mobile/tablet device (collectively “Partner Offerings”). It does not apply to any website, mobile app, service, or product that does not display or link to this Privacy Statement or that contains its own privacy statement. For information about how we use personal information we receive in connection with operating our business, including our company website, please visit our Website Privacy Notice. If you do not agree with our policies and practices, please do not use the Partner Offerings. By accessing the Partner Offerings or using our software services (and, if you are a Business Customer, by permitting any of your employees, consultants or other authorized users), you agree to this Privacy Statement.

As part of the services we provide to our Business Customers, you may interact with us online (through the Partner Offerings) or by email, telephone or ordinary mail and in doing so, you will share your personal information with us. The information received by LRN in delivering the Partner Offerings is done on behalf of our Business Customers and is processed by us according to the contract with that Business Customer, which contract also governs our and the Business Customer’s ownership rights to all such information.

To note, if you are an end user of any of our Partner Offerings, our Business Customer who is making the Partner Offering available to you is likely to be either your employer, contractor or another business or commercial partner of yours who wanted to provide training or other services to you via a Partner Offering. All references in this Privacy Statement to Business Customers should be considered in that light.

The term “personal information” as used herein means any information relating to an identified or identifiable natural person or household.

How we collect personal information

We may collect personal information from you directly or indirectly. For example, when your employer or other related company purchases one of our solutions, you or our Business Customer who your account is associated with provide personal information directly to us through your participation in training through our Partner Offerings. Other times, personal information may be collected automatically as you use our Partner Offerings as we outline in this Privacy Statement. In addition, we also may receive personal information from our Business Customers or third party vendors or other associates of our Business Customers.

We collect personal information through the Partner Offerings on behalf of Business Customers who use our solutions. Our Business Customers determine why (the purpose) and what (the nature) personal information is collected, used, stored, shared or deleted within the Partner Offerings purchased by them, and how such information is processed. LRN acts as a service provider (as such term is defined under the California Consumer Privacy Act (“CCPA”)) or data processor (as such term is defined in the General Data Protection Regulation (EU) 2016/679 (the “GDPR”)) of this personal information under the terms of our contract with that customer, who is the business (as such term is defined in the CCPA) or data controller (as such term is defined under the GDPR) with respect to such personal information. Other than as required to process such information as instructed by our Business Customer, we make no decisions regarding the personal information we receive from you. Questions about how Business Customers use, share, or process your personal information should be sent to them directly. Unless prohibited by law, we will honor our Business Customer’s (which could often be your employer other training provider) instructions with respect to your personal information.

Legal basis for collection

When we collect personal information through our Partner Offerings, we do so as a processor, or service provider, as instructed by our Business Customer, the business or controller. Certain data protection laws require that business or controllers have a lawful or legal basis for collecting personal information. The lawfulness of our collection of personal information in connection with our Partner Offerings is determined by the business or controller with respect to such information, who is our Business Customer. If you have questions about the legal basis or lawfulness of our collection of personal information, please contact that Business Customer (e.g., your employer or other training provider) directly.

We collect personal information when you provide it

You may provide certain kinds of personal information directly by interacting with the Partner Offerings (whether you’re an employer or employee or other stakeholder) or offline (by phone, email, mail or in person–for example through discussions with your supervisor). Depending on the software service, users will provide different types of personal information. The type of personal information we collect is determined by our Business Customer. Access to personal information is strictly limited and requires a username and password, or PIN, helping to secure the information and making ongoing training or incident tracking easier to access and complete.

Types of personal information typically collected include:
• Name (first and last)
• Email address
• Job site, job title, department and supervisor
• Log-in credentials
• Course completion status
• Other organizational information as per the Business Customer’s needs

Purposes of collecting such personal information include delivering training and tracking completion, communication of company policies and compliance tracking and reporting, as well as record-retention and related use.

We collect personal information using automated technologies

In very limited circumstances, personal information is collected by automated technologies – such as cookies, beacons, tags, and scripts – within the Partner Offering being used. In most cases these Partner Offering cookies are required but, in some cases, they are optional and only set where you request that we store information. More information about our use of cookies is available here.

Other personal information, such as IP addresses, browser, devices and operating system details may be automatically collected from users of the Partner Offerings. Doing so protects and secures the integrity of our systems and the data we process. They may be shared with law enforcement to enforce our rights, ensure the security and integrity of our systems, to assess the usability of our offering or as otherwise required by applicable law.

We collect personal information from third-party sources

When we provide our Business Customers with our Partner Offerings, that often requires them to share personal information about their employees, contractors and other stakeholders with us. The kinds of personal information typically collected are names, business contact details (such as email addresses), and job titles. When your employer or other training provider or business partner gives us your information, we use it only for the specific purpose for which it was provided pursuant to their instructions. Collecting this personal information helps us deliver our services and comply with customer contracts.

How we use personal information

Our Business Customers determine what personal information is collected by us and how it is used. We are a processor of the personal information collected and process such information solely in accordance with our Business Customer’s instructions. We primarily use it in these ways:
• To provide access to the Partner Offerings for our Business Customers and their end users (e.g., employees, contractors, key suppliers or other trainees)
• To maintain the security and integrity of the Partner Offerings
• To communicate with our Business Customers and their end users about the Partner Offerings
• To respond requests for support
• To develop and improve the Partner Offerings
• To comply with legal and regulatory requirements applicable to our business and internal policies
• To protect all parties in the event of disputes
• To comply with court orders and legal processes, and to enforce our contractual rights and this Privacy Statement.
• For any other legal or business purposes that comply with applicable law and the practices described in this Privacy Statement.

Collecting and using this information allows not only easier, quicker access to our Partner Offerings, content, and services on subsequent visits but also allows us to secure the information provided. As users navigate through the Partner Offerings, their movements will be tracked and analyzed, allowing us to improve our services, page response times and users’ experiences.

If you provide personal information about others when using our Partner Offerings, or others give us your information, its use is limited to the specific purpose for which it was provided. Typically, this includes your name and business contact information email address, job title, geographic location of employer or any other organizational information that our applicable Business Customer utilizes with the Partner Offerings.

You may not provide personal information of or about others unless you are authorized or required to do so by applicable law. If applicable law allows you to supply the information, you represent and warrant that you have abided by that law and that it allows us to receive and disclose the information under this Privacy Policy without any further action on our part. You agree to indemnify, defend and hold harmless the Company, our affiliates and each of their subsidiaries, officers, directors, employees and agents for any failure by you to comply with this paragraph.

Please note that personal information we receive within any Partner Offering is never sold and only shared with our Business Customer as outlined in this Privacy Statement.

How we share personal information

Once your personal information is collected in the Partner Offerings, as detailed above, we may share it with third parties for various reasons. As mentioned above, if you are an end user of our Partner Offerings, to the extent that these third parties are our Business Customers, they would typically be your employer or another business with which you are affiliated that is providing training or other Partner Offerings of ours to you.

In some cases, we use third parties to help deliver our services to our Business Customers and their end users. These third parties are restricted by contract from processing any personal information except to provide and deliver those services to us.

Other third parties help us analyze how our Partner Offerings are used. Such analysis improves the quality of those services and helps us to deliver them in a timely and functional manner. We may use anonymized or de-identified personal information collected through the Partner Offerings to create data sets for our purposes. Those sets do not include information that could reasonably be linked to an identifiable individual or household.

As noted previously, we share your personal information with the applicable Business Customer in accordance with our contract with that Business Customer. When we share personal information with our third party service providers, we require that third party to protect the information consistent with this Privacy Statement and applicable law and to limit use of the information strictly to performing the services they provide to us.

Successors to our business may access your personal information

In the event of a merger, acquisition, reorganization, bankruptcy, or other sale of all or a portion of our assets, any user information controlled by us may be among the assets transferred to third parties as successors in interest. As part of this type of transaction, we reserve the right to transfer or assign your personal information controlled by us to third parties subject to our contract with the applicable Business Customer. Other than to the extent ordered by a bankruptcy or other court, or as otherwise agreed to by you or the applicable Business Customer, the use and disclosure of all transferred user information will be subject to this Privacy Statement.

Compliance with legal requirements

We may disclose your information to government authorities or other third parties if:
• we are required to do so by law, or in response to a subpoena or court order;
• we believe in our sole discretion that disclosure is reasonably necessary to protect against fraud, or to protect our property or other rights or those of other users of the Website, third parties, or the public at large; or
• we believe that you have misused the Website or another of our products by using it to attack or gain unauthorized access to a system or to engage in spamming or other conduct that violates applicable laws or our contractual rights.

How we secure personal information

Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, we have implemented industry-accepted organizational, physical, and technology-based security measures to protect against loss, misuse, unauthorized access, and alteration of personal information in our systems. We ensure that any employee, contractor, corporation, organization, or vendor who has access to personal information in our systems is subject to legal or professional obligations to safeguard that personal information which obligations are at least as stringent as those undertaken by us under this Privacy Statement.
While we use commercially reasonable, industry-accepted means to protect your personal information, no method of transmission over the Internet or form of electronic storage is completely secure and we cannot guarantee its absolute security.

LRN prohibits unauthorized access or use of personal information stored on its servers. Such access is a violation of law, and we will fully investigate and, where warranted, intend to press charges against any party that has illegally accessed information within our systems.

Data retention

Personal information collected by LRN through our Partner Offerings will be retained as directed by our Business Customers. Should you have any questions about how long your personal information is retained, please contact the applicable Business Customer (e.g., your employer or other business affiliate of yours that has provided our Partner Offering(s) to you) directly.

Location of processing

LRN is headquartered in the United States. Your personal information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Partner Offerings you understand that your information will be transferred to countries outside of your country of residence, including the United States, which may have data privacy or protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your personal information, including for purposes of national security or law enforcement requirements.

The United States currently is not a country the European Union (“EU”) has deemed “adequate” under applicable data protection laws. LRN collects, transfers, and processes personal information in accordance with its legal obligations under contracts with its Business Customers who, as we have noted previously in this Privacy Statement, determine the legal bases for our collection and processing of personal information, in particular from the European Economic Area, the United Kingdom, and Switzerland. If you want to know what legal basis is relied upon for LRN to receive and processes personal information, you should contact the relevant Business Customer (e.g., your employer or other business affiliate of yours that has provided our Partner Offering(s) to you) directly.

LRN is certified under the EU-U.S. and Swiss-U.S. Privacy Shield frameworks (the “Frameworks”). However, in 2020, both Frameworks were declared invalid as a legal mechanism for the lawful transfer and processing of personal information from the European Economic Area, the United Kingdom, and Switzerland. LRN nevertheless continues to certify its compliance with the Frameworks as a means of evidencing its continued commitment to protecting personal information from the European Economic Area, the United Kingdom, and Switzerland and remains under the jurisdiction of the U.S. Federal Trade Commission. As required by the Frameworks, any personal information we receive under the Frameworks will be maintained in accordance with the Privacy Shield principles. LRN is responsible for the processing of personal information it receives, under each Framework, and subsequently transfers to a third party acting as an agent on its behalf. LRN complies with the Privacy Shield principles for all onward transfers of personal information from the European Economic Area, United Kingdom, and Switzerland, including the onward transfer liability provisions.

We take appropriate safeguards to require that the personal information we process will remain protected in accordance with this Privacy Statement when transferred internationally, including when processed internationally by third-party service providers and partners. For personal information from the European Economic Area, the United Kingdom, or Switzerland, data protection laws in those jurisdictions require that that we tell you the legal safeguards we have in place to protect that personal information. We may implement the European Commission’s standard contractual clauses, rely on general derogations in the GDPR or rely on a third-party service provider’s Binding Corporate Rules or other legally approved mechanism for any transfer of personal information to non-European Economic Area, United Kingdom, or Switzerland third-party service providers or business partners.

Personal information received by LRN is presently, where required, transferred and processed in accordance with the applicable European Commission standard contractual clauses. More information about Privacy Shield can be found here and more information about the standard contractual clauses can be found here.

Any questions, complaints, access requests, and other issues arising under the Frameworks or under LRN’s Privacy Policy more generally, should be directed to privacy@lrn.com or LRN Corporation, Legal Department, 745 5th Avenue, 8th Floor New York, NY 10151.

LRN has a contract with an independent recourse mechanism, JAMS (an alternative dispute resolution provider based in the U.S., with several locations in the EU), which is available – at LRN’s cost, and at no cost to the individual – to address unresolved complaints regarding LRN’s compliance with the Privacy Shield Program. For any issues that cannot be resolved through LRN directly, you may contact JAMS at https://www.jamsadr.com/eu-us-privacy-shield. If your concerns are still not addressed by JAMS, you may be entitled to binding arbitration under the Privacy Shield principles.

A citizen of a country within the European Economic Area, the United Kingdom, or Switzerland may also address any privacy-related questions or problems to the appropriate data protection authority in his or her country. Contact details are available here.

Your rights

As mentioned above, we receive personal information through our Partner Offerings as processors or service providers for our Business Customers, who, as controllers or businesses, determine the lawfulness of our collection and the purpose for the processing. The personal information collected from end users of the Partner Offerings is managed by the Business Customer according to their own internal policies and procedures.

Accordingly, anyone seeking to exercise data protection rights granted by applicable law should direct their request to the relevant company or organization that is our Business Customer (typically their employer or other business affiliate of theirs that has provided our Partner Offering(s)). Inquiries made to LRN requesting access, alteration or deletion of personal information or other requests under applicable law will be forwarded to our applicable Business Customer for resolution. LRN is not permitted to respond substantively to any such requests, but will support our Business Customers in their obligations in respect of such requests, unless otherwise required by law.

For data subjects from the European Union, United Kingdom and Switzerland

Certain data protection laws of the EU (GDPR), United Kingdom (Data Protection Act 2018) and Switzerland (Swiss Federal Data Protection Act) provide that controllers of personal information honor certain rights granted to data subjects who reside in the applicable country. As noted previously, LRN is a data processor to its Business Customers who are data controllers under these laws in jurisdictions where they are applicable. LRN is fully committed to supporting its Business Customers in their compliance with applicable law. If you are a data subject from the European Union, United Kingdom or Switzerland, and wish to exercise your rights in relation to personal data LRN may have collected on behalf of its Business Customer, please contact that Business Customer directly to exercise your rights. If we receive a request from a data subject that is properly directed to one of our Business Customers, we will refer the request to that Business Customer for review and response.

For California consumers

The CCPA provides specific rights to those who live in California and requires that businesses subject to CCPA ensure those rights are honored. Certain LRN Business Customers may be subject to CCPA and, while LRN may not be directly subject to CCPA as a service provider, it will support its Business Customers in their compliance with the law. If you are a California resident and wish to exercise your rights in relation to personal information LRN may have collected on behalf of its Business Customer (which may be your employer, contractor or other business or commercial partner), please contact that Business Customer directly to exercise your rights. If we receive a request under CCPA from a California resident that is properly directed to one of our Business Customers, we will refer the request to that Business Customer for review and response.

Updates

This Privacy Statement will be reviewed at least every 12 months and updated to reflect our personal information handling practices. We reserve the right to amend this Privacy Statement at any time, for any reason, without additional notice to you, other than through posting the updated Privacy Statement within our Partner Offerings. We invite you to return to this page to ensure you are informed of any updates we make about how we collect, use, and protect personal information on behalf of our Business Customers. You can see when this Privacy Statement was last updated by checking the “last updated” date displayed at the beginning of this Statement.

Contact us

If you have questions about the way we handle personal information, please contact us at privacy@lrn.com. You may also reach us at:

LRN Corporation
Legal Department
41 Madison Avenue, 30th floor
New York, New York 10010
Toll-Free: 866.439.3071

Updated: March 2, 2023

In addition to cookies that are strictly necessary to operate this website, we use the following types of cookies to improve your experience and our services: Functionality cookies to enhance your experience (e.g. remember settings), Performance cookies to measure the website’s performance and improve your experience, Advertising/Targeting cookies, which are set by third parties with whom we execute advertising campaigns and allow us to provide you with advertisements relevant to you and Social media cookies, which allow you to share the content on this website on social media like Facebook and Twitter.

You may withdraw your consent to cookies at any time once you have entered the website through a link to our Privacy Policy, which you can find at the bottom of each page on the website.

Review our Cookie Policy for more information.

Buttons:

• I decline all optional cookies
• I accept all cookies
• Customize cookies (click osano1 button on the left side bottom of the page)

This website https://lrn.com (“the website”) uses cookies, pixel tags, Web Beacons, and other web technologies such as CAPTCHA’s to improve the website’s performance, to enhance your browsing experience and to protect the website against spam robots. Certain areas of the website also use cookies to understand more about you, so we can offer you more personalized browsing experience. We use a simple counter, without storing any information on your device, to count the number of visitors who accept or decline our cookies.

You can find out more about cookies and how to manage them in the information below. You can change your cookie settings and disable some or all cookies for the website at any time at our Cookie Settings page. As described in our Privacy Policy you can also change your browser settings and take other actions so that cookies cannot be placed on your device.

If you have any questions in relation to the cookies we use please contact us.

What are web beacons?

LRN occasionally advertises on third-party web sites. As part of our effort to track the success of our advertising campaigns, we may at times use a visitor identification technology such as “web beacons”, or “action tags”, which count visitors who have come to the website after being exposed to an LRN banner ad on a third-party site. We do not use this technology to access your personal information and it is only used to compile aggregated statistics about visitors who come to the website to gauge the effectiveness of our ads.

What is a cookie?

A “cookie” is a technology that allows the website to store tokens of information (an “identifier”) in your browser used by the website while you are on the website. Cookies are then sent back to the website on each subsequent visit, or to another webpage that recognizes that cookie. Cookies are used in order to make the website work, or to work more efficiently, as well as to provide information to the owners of the website.

Cookies do lots of different jobs, like letting you navigate between pages efficiently, remembering your preferences, and generally improving the user experience. Cookies may tell us, for example, whether you have visited the website before or whether you are a new visitor. They can also help to ensure that adverts you see online are more relevant to you and your interests.

When landing on the website, you have been given the opportunity to accept cookies used on the website, to accept certain categories of cookies and decline others, or to decline all cookies. If you have accepted our use of some or all cookies, the following information relates to cookies used on our website only and not to cookies that may be used by third party sites linked from our website.

There are two broad categories of cookies:
• First-party cookies, served directly by us to your device.
• Third-party cookies, which are served by a third party on our behalf.

Cookies can remain on your computer or mobile device for different periods of time. Some cookies are “session cookies”, meaning that they exist only while your browser is open. These are deleted automatically once you close your browser. Other cookies are “permanent cookies”, meaning that they survive after your browser is closed. They can be used by the website to recognize your computer when you open your browser and browse the Internet again.

What types of cookies do we use?

The website uses cookies that perform four functions, as classified below:
• Essential/strictly necessary cookies, which are essential to the functioning of the website.
• Performance cookies, which help us measure the website’s performance and improve your experience. In using performance cookies we do not store any personal data, and only use the information collected through these cookies in aggregated and anonymized form;
• Functionality cookies, which allow us to enhance your experience (for example by remembering any settings you may have selected);
• Advertising/targeting cookies, which we use to track user activity and sessions so that we can deliver a more personalized service, and (in the case of advertising cookies) which are set by the third parties with whom we execute advertising campaigns and allow us to provide advertisements relevant to you; and
• Social media cookies, which allow you to share content on social media channels, such as Facebook and Twitter.

In addition, we also utilize cookies on certain pages of the website to communicate with third party data suppliers in order to extrapolate your digital behavior. This helps us to understand and target more relevant advertising in the future. The information we receive is all aggregated and anonymous, but will include statistics such as demographics, online behavior, product interests and lifestyle. Targeting and tracking cookies are provided via trusted third party suppliers. Should you require more information regarding our suppliers and how these cookies operate please contact us.

The website deploys the following cookies:

 

Classification
Name
Provider
Purpose
Expiry
MARKETING
^_fbc$
Facebook Inc
Placed by Facebook to store last visit
2 Years
MARKETING
^_fbp$
Facebook Inc
Used by Facebook to deliver a series of advertisement products such as real time bidding from third party advertisers
3 Months
ANALYTICS
^_ga$
Google LLC
Associated with Google Universal Analytics to distinguish unique users by assigning a randomly generated number as a client identifier.
2 Years
ANALYTICS
_gac_UA-250111-10
Google LLC
Contains campaign related information for the user
90 Days
ANALYTICS
^_gat$
Google LLC
Associated with Google Universal Analytics to throttle the request rate – limiting the collection of data on high traffic sites.
2 Years
MARKETING
^_gcl_au$
Google LLC
Used by Google AdSense for experimenting with advertisement efficiency across websites using their services
2 Years
MARKETING
^_gcl_aw$
Google LLC
Stores ad click information so that conversions can be attributed outside the landing page
2 Years
ANALYTICS
^_gid$
Google LLC
Associated with Google Universal Analytics to distinguish unique users by assigning a randomly generated number as a client identifier.
24 Hours
ESSENTIAL
hs_ab_test
Hubspot Inc
This cookie is used to consistently serve visitors the same version of an A/B test page they’ve seen before.
End of Session
MARKETING
__hs_initial_opt_in
Hubspot Inc
This cookie is used to prevent the banner from always displaying when visitors are browsing in strict mode.
7 Days
MARKETING
__hs_opt_out
Hubspot Inc
This cookie is used by the opt-in privacy policy to remember not to ask the visitor to accept cookies again.
13 Months
ANALYTICS
^__hssc$
Hubspot Inc
Used for website analytics.
30 Mins
ANALYTICS
^__hssrc$
Hubspot Inc
Used for website analytics.
13 Months
ANALYTICS
^__hstc$
Hubspot Inc
Used for website analytics.
13 Months
PERSONALIZATION
^hubspotutk$
Hubspot Inc
Its purpose is user authentication.
13 Months
MARKETING
li_fat_id
LinkedIn Corporation
Member indirect identifier for Members for conversion tracking, retargeting, analytics
30 Days
ANALYTICS
_lorid
Lucky Orange LLC
This cookie is used to see when visitors leave the site.
30 Mins
ANALYTICS
__lotl
Lucky Orange LLC
This cookie is used to see when visitors leave the site.
180 Days
ANALYTICS
_lo_uid
Lucky Orange LLC
This cookie is used to see when visitors leave the site.
2 Years
ANALYTICS
_lo_v
Lucky Orange LLC
This cookie is used to see when visitors leave the site.
1 Year
MARKETING
messagesUtk
Hubspot Inc
This is the cookie used for the chatflows tool. If you’re a visitor, this allows you to chat with a representative on the site.
13 Months
ESSENTIAL
tagtician_firstload
WordPress
Load your preferred cookies based on your previous consent
End of Session
ESSENTIAL
This cookie is used to store language settings
Google LLC
 
End of Session
ESSENTIAL
osano_consentmanager
Osano
Stores the user’s current consent status.
1 year
ESSENTIAL
osano_consentmanager_expdate
Osano
Stores the expiration of the user’s captured consent.
1 year
ESSENTIAL
osano_consentmanager_uuid
Osano
Stores the user’s unique consent identifier.
1 year

How to control or delete cookies

You have the right to choose whether or not to accept cookies and we explain how you can exercise this right below. However, please note that if you choose to refuse cookies you may not be able to use the full functionality of the website.

You can change your cookie settings for at any time at our Cookie Settings page.

As an alternative, you can block all cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website.

If you accept some or all cookies on the website you still have the option of setting your browser to notify you when you receive a cookie, so that you may determine whether to accept it or not.

Cookies that have been set in the past

If you have disabled one or more cookies, we may still use information collected from cookies prior to your disabled preference being set; however, we will stop using the disabled cookie to collect any further information.

Changes to this cookie policy

We will occasionally update this Cookie Policy to reflect changes in our practices and services. When we post changes to this Cookie Policy, we will revise the “Last updated” date at the top of this Cookie Policy. If we make any material changes in the way we collect, use, and/or share information held in cookies, we will notify you by prominently posting notice of the changes on the website. We recommend that you check this page from time to time to inform yourself of any changes in this Cookie Policy or any of our other policies.