Last Updated: May 04, 2026
INTRODUCTION
Absorb and our affiliates and subsidiaries as further defined below ("Absorb" or "We") respect your privacy and are committed to protecting it by complying with this Privacy Policy (“Privacy Policy”).
This Privacy Policy explains:
· What we collect: the categories of personal data we collect or receive about customers, prospective customers, and users of our Services (collectively, “you”), including data you provide and data collected automatically when you interact with our websites, products, applications, and related services (collectively, the “Services”).
· How we use and share data: how we use, disclose, transfer, and otherwise process personal data, including where we process personal data on behalf of our business customers in connection with our Services and related offerings.
· How we protect data: our general practices for maintaining and safeguarding personal data.
· Your choices and rights: the options that may be available to you depending on your location and relationship with us.
We will only use your personal data in accordance with this Privacy Policy unless otherwise required by applicable law. We take steps to ensure that the personal data that we collect about you is adequate, relevant, not excessive, and used for limited purposes.
Updates to this Privacy Policy
Please read this Privacy Policy carefully to understand our practices. By using the Services, you acknowledge that your personal data will be processed as described in this Privacy Policy. If you do not agree, you should not use the Services.
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. Unless a shorter period is required by law, we will post the updated Privacy Policy and indicate the effective date. Where required by applicable law, we will provide additional notice of material changes and obtain consent where consent is required for the change.
Your continued use of the Services after an updated Privacy Policy becomes effective means you acknowledge the updated practices to the extent permitted by applicable law. We encourage you to review this Privacy Policy periodically.
IMPORTANT INFORMATION AND WHO WE ARE
Privacy Policy
This Privacy Policy gives you information about how Absorb collects, uses, stores, and protects your personal data when you interact with our Services. This includes any personal data you may provide when you register an account with us, subscribe to our newsletter, engage with our customer support team, or purchase a product or service from us.
Services Not Intended for Children
Our Services are not directed to children under the age of 16 (or the applicable age in your jurisdiction), and we do not knowingly collect or process personal data from children. If we become aware that we have collected personal data from a child without appropriate consent, we will delete it promptly.
Group Structure
Absorb operates as a group of affiliated companies, subsidiaries, and related entities (collectively, the "Absorb Group"). This Privacy Policy applies to all entities within the Absorb Group that collect and process personal data in connection with our Services. When we use the terms "Absorb", "we", "us" or "our" in this Privacy Policy, we are referring to the specific entity within the Absorb Group that is responsible for processing your personal data in relation to the Services you use. The specific entity that acts as the data controller, meaning the entity responsible for determining the purposes and means of processing your personal data, depends on your interaction with our Services.
We will inform you at the point of purchase, registration, or engagement with our Services about which Absorb Group entity is the designated data controller for your personal data. The Absorb entity that is responsible for ensuring compliance with applicable data protection laws and safeguarding your information depends on your geographical location, the nature of your engagement with our Services, and the specific affiliate handling your transactions.
If you have any questions regarding the specific entity acting as your data controller, or if you need clarification about which Absorb Group member is responsible for processing your personal data, you may contact us at the contact details provided herein.
Roles: When Absorb Acts as a Controller or a Processor
Depending on how you interact with the Services, Absorb may process personal data as either a data controller (or “business,” where applicable) or as a data processor (or “service provider,” where applicable). This distinction is important because it affects how decisions are made about your personal data and how you can exercise your rights.
When Absorb Acts as a Controller
Absorb acts as a controller when we determine the purposes and means of processing personal data for our own business purposes. This typically includes personal data we process in connection with:
· Sales and marketing activities (e.g., responding to inquiries, managing prospect relationships, sending newsletters or event invitations where permitted by law);
· Account administration for customer organizations (e.g., managing billing and subscription information);
· Customer support and communications (e.g., handling support tickets, providing technical assistance, managing training and onboarding);
· Website and security operations (e.g., operating our websites, analytics, fraud prevention, network and information security, and maintaining logs); and
· Legal and compliance activities (e.g., meeting legal obligations, enforcing terms, and defending legal claims).
In these contexts, the relevant Absorb Group entity identified at the point of collection is responsible as the controller for complying with applicable data protection laws, including providing notices and facilitating rights requests as required.
When Absorb Acts as a Processor
Absorb acts as a processor when we process personal data on behalf of and under the instructions of our business customers in order to provide the Services. This is commonly referred to as “Client Data” and may include personal data about a customer’s learners, instructors, administrators, or other end users that a customer (or its authorized users) uploads to, enters into, or otherwise makes available through the Services.
When Absorb acts as a processor:
· the customer is the controller (or “business”) and is responsible for deciding what personal data is processed in the Services, the purposes for which it is used, and how long it is retained;
· Absorb processes Client Data only to provide the Services, to secure and maintain the Services, and as otherwise permitted by our agreement with the customer; and
· Absorb’s processing of Client Data is governed by the applicable contract with the customer, including any data processing addendum (DPA) and the customer’s documented instructions.
If you are an end user accessing the Services through an organization (for example, your employer or training provider) and you wish to exercise rights relating to Client Data (such as access, correction, deletion, or objection), you should direct your request to that organization. If Absorb receives such a request directly, we may refer the request to the relevant customer or support the customer in responding, consistent with our contractual obligations and applicable law.
Data Protection Officer
We have appointed a data protection officer (“DPO”) who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact the DPO using the information set out in the contact details section below.
TYPES OF PERSONAL DATA WE COLLECT ABOUT YOU
Personal data means any information about an individual from which that person can be identified.
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
· Client Data includes personal data that our customers or their authorized users submit to, upload to, or otherwise make available through the Services, including personal data about learners, administrators, instructors, employees, contractors, or other end users, and may include Identity Data or Contact Data.
· Identity Data includes first name, last name, any previous names, username or similar identifier, title, and other account, learner, administrator, or business identifiers you or your organization provide in connection with the Services.
· Contact Data includes billing address, delivery address, email address and telephone numbers.
· Financial Data includes billing, invoicing, tax, procurement, and payment-related information, and payment card or bank account details where processed directly by Absorb or by payment processors on our behalf.
· Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
· Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, device ID and other technology on the devices you use to access the Services.
· Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
· Usage Data includes information about how you interact with and use our Services.
· Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
We also collect and use aggregated data such as statistical or demographic data which is not personal data as it does not directly (or indirectly) reveal your identity. For example, we may aggregate individuals' Usage Data to calculate the percentage of users accessing a specific Service feature in order to analyze general trends in how users are interacting with our Services to help improve the Services.
Where we process Client Data on behalf of a customer, we do so as a processor or service provider under our agreement with that customer. The customer determines what Client Data is submitted to the Services and is responsible for providing any required notices and obtaining any required permissions or consents from its users.
Sensitive Personal Data. Unless expressly permitted in a written agreement with Absorb, customers and users must not submit, upload, or otherwise make available sensitive personal data through the Services. Sensitive personal data may constitute “Prohibited Data” or similarly restricted data under the applicable customer agreement. Absorb does not intentionally request or require sensitive personal data through the Services, except where expressly identified by Absorb for a specific interaction or legally required purpose. If a customer or user submits sensitive personal data to the Services contrary to the applicable agreement, the customer remains responsible for that submission, including for determining whether the processing is lawful, providing any required notices, obtaining any required consents, and responding to any related rights requests.
HOW IS YOUR PERSONAL DATA COLLECTED?
We use different methods to collect data from and about you, including through:
METHOD | DESCRIPTION |
YOUR INTERACTIONS WITH US
| You may give us your personal data by filling in online forms or by corresponding with us by post, phone, email, chat, video conference, support portal, or otherwise or otherwise. This includes personal data you provide when you:
|
CUSTOMERS AND AUTHORIZED USERS OF THE SERVICES | We may receive personal data from our customers and their authorized administrators, instructors, learners, employees, contractors, or other users when they submit, upload, configure, import, or otherwise make personal data available through the Services. This may include Client Data, such as learner profile information, enrollment records, course activity, assessment results, completion records, certifications, user-generated content, administrative records, and other data determined by the customer. |
AUTOMATED TECHNOLOGIES OR INTERACTIONS | As you interact with our websites, Services, emails and other digital properties, we will automatically collect Technical Data and Usage Data about your equipment, browsing actions, usage patterns, and interactions. We collect this personal data by using cookies, pixels, web beacons, server logs, local storage, analytics tools, and other similar technologies. For example, we may use Google Analytics and similar analytics tools to help us understand how visitors interact with our websites and digital properties, measure traffic and usage patterns, improve website performance, and evaluate the effectiveness of our content and marketing. Google Analytics may collect information such as IP address, device and browser information, pages visited, links clicked, referring URLs, and other usage information through cookies and similar technologies. We may also receive Technical Data about you if you visit other websites or online services employing our cookies or similar technologies. |
PRODUCT, SECURITY, AND SYSTEM LOGS | When you access or use the Services, we may collect information through product functionality, audit logs, security logs, authentication logs, usage logs, and similar records. This may include login activity, device and browser information, IP address, feature usage, access dates and times, pages or modules viewed, errors, diagnostic information, and actions taken within the Services. We use this information to provide, secure, monitor, troubleshoot, support, and improve the Services. |
INTEGRATIONS AND CONNECTED SERVICES | We may receive personal data from systems, applications, and services that our customers or users connect to the Services, such as identity providers, single sign-on tools, human resources information systems, customer relationship management systems, content providers, payment processors, collaboration tools, analytics platforms, and other integrations. The personal data we receive depends on the integration configured by the customer or user and the permissions granted. |
THIRD PARTIES OR PUBLICLY AVAILABLE SOURCES | We may receive personal data about you from various third parties and public sources. We may receive information about you if you visit other websites employing our cookies or from third parties including, for example, business partners, sub-processors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies, data brokers, aggregators, social media platforms, professional networking platforms, publicly available websites, and providers of technical, payment, identity verification, security, enrichment, and delivery services. |
USER CONTRIBUTIONS | You also may provide information for us to publish or display, or that you choose to post, submit, upload, transmit, or make available (“post”) within public website areas, communities, forums, collaboration features, course areas, messaging features, or other interactive parts of the Services or transmit to other website users or third parties (collectively, "User Contributions"). You submit User Contributions for posting and transmission to others at your own risk. Although we may limit access to certain pages or features, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of any other users with whom you choose to share your User Contributions. Therefore, we cannot guarantee that unauthorized persons will not view your User Contributions. |
BROWSER EXTENSIONS AND SIMILAR TOOLS | If you install or use an Absorb browser extension or similar tool, we may collect information necessary to provide and secure the extension, such as account identifiers, authentication status, extension settings, browser and device information, usage and diagnostic data, and information processed based on the permissions enabled for the extension. The categories of information collected depend on the functionality of the extension, the permissions granted, and the customer’s configuration of the Services. |
HOW WE USE YOUR PERSONAL DATA
Legal Bases for Processing
Where applicable law requires a legal basis for processing, we rely on one or more of the following legal bases: performance of a contract; our legitimate interests or those of a third party, provided those interests are not overridden by your rights and freedoms; compliance with legal obligations; consent, where required; and, for Client Data, the customer documented instructions and applicable agreement.
Purposes For Which We Use Personal Data When Absorb Acts as Controller
We may use personal data to provide, operate, maintain, secure, support, personalize, analyze, and improve the Services and our websites; register accounts and authenticate users; administer customer relationships, subscriptions, billing, renewals, and support; respond to inquiries, demo requests, feedback, surveys, complaints, and communications; provide onboarding, training, implementation, professional services, and customer success; send marketing communications where permitted by law and subject to your preferences; administer events, webinars, promotions, communities, and similar programs; monitor, prevent, detect, investigate, and respond to fraud, misuse, security incidents, unlawful activity, policy violations, and technical or operational issues; comply with legal, regulatory, tax, accounting, sanctions, export, and contractual obligations; enforce agreements; establish, exercise, or defend legal claims; and evaluate or complete corporate transactions.
Purposes For Which We Use Client Data When Absorb Acts as Processor
When Absorb processes Client Data on behalf of a customer, we use Client Data only as instructed by the customer and as permitted by the applicable agreement, including to provide, configure, host, support, secure, monitor, troubleshoot, maintain, improve, and protect the Services; provide customer-requested integrations, reporting, analytics, support, implementation, professional services, and training; prevent or address technical, security, fraud, or legal issues; and comply with applicable law or binding legal process.
We do not use Client Data for our own independent marketing purposes. We may use aggregated, anonymized, or de-identified information derived from use of the Services for lawful business purposes, including to operate, analyze, improve, and benchmark the Services, provided the information does not identify an individual or customer except as permitted by the applicable agreement.
Automated Tools, Analytics, and Artificial Intelligence
We may use automated tools, analytics, machine learning, and artificial intelligence technologies to support the purposes described in this Privacy Policy, such as security monitoring, service diagnostics, product improvement, user experience, analytics, personalization, lead qualification, customer support, and administrative efficiency. Where required by applicable law, we provide notice, obtain consent, honor opt-out rights, or provide other required safeguards before using such technologies. We do not use automated decision-making to make decisions about individuals that produce legal or similarly significant effects unless permitted by law and subject to any required rights or safeguards.
Where we use artificial intelligence or automated tools to process Client Data on behalf of a customer, we do so in accordance with the applicable agreement, documented instructions, and applicable law. Customers are responsible for determining whether and how to use any AI-enabled features within the Services and for providing any notices or obtaining any consents required for their users.
Direct Marketing and Opting Out
You may opt out of marketing communications by following the unsubscribe instructions in the communication, by adjusting available preference settings, or by contacting us using the details in this Privacy Policy. Even if you opt out of marketing, we may still send transactional, service, security, legal, or administrative communications.
COOKIES AND SIMILAR TECHNOLOGIES
We use cookies, pixels, web beacons, local storage, server logs, SDKs, analytics tools, and similar technologies to operate and secure our websites and Services, remember your preferences, understand how users interact with our websites, Services, and communications, improve performance, personalize content, and, where permitted by law, support marketing and advertising.
Some of these technologies are necessary for our websites and Services to function. Others help us understand usage patterns, measure the effectiveness of our content and marketing, or provide more relevant communications and advertising.
For example, we may use Google Analytics and similar analytics tools to help us understand how visitors interact with our websites and digital properties, measure traffic and usage patterns, improve website performance, and evaluate the effectiveness of our content and marketing. These tools may collect information such as IP address, device and browser information, pages visited, links clicked, referring URLs, session information, and other usage information through cookies and similar technologies.
Some cookies and similar technologies are placed by third parties that provide analytics, advertising, security, content delivery, website functionality, or other services to us. These third parties may process information about your interactions with our websites and other online services over time, subject to their own privacy practices and our applicable agreements with them.
Where required by law, we obtain your consent before using non-essential cookies or similar technologies. You can manage your cookie preferences through our cookie banner or preference center, where available, and you can also control cookies through your browser settings. If you disable or refuse cookies, some parts of our websites or Services may not function properly.
For more information about the cookies and similar technologies we use, the purposes for which we use them, and how to manage your choices, please see our Cookie Notice at https://www.absorblms.com/cookie-policy.
DISCLOSURES OF YOUR PERSONAL DATA
We may disclose personal data to the following categories of recipients, where permitted by law and as appropriate for the purposes described in this Privacy Policy:
· Absorb Group companies and affiliates, for internal administration, shared services, customer support, business operations, security, and compliance.
· Service providers, vendors, contractors, consultants, and subprocessors that provide services such as hosting, infrastructure, data storage, security, analytics, communications, customer relationship management, payment processing, professional services, customer support, marketing operations, event management, and other business support.
· Business partners, resellers, integration partners, content providers, implementation partners, and other third parties where necessary to provide or support the Services, fulfill a request, operate an integration, or with your consent.
· Customer organizations and their authorized administrators, where you access the Services through or on behalf of a customer. Customer administrators may be able to access, export, disclose, restrict, or delete personal data associated with their account or tenant.
· Professional advisers, auditors, insurers, financial institutions, and legal, tax, accounting, compliance, and corporate governance advisers.
· Government authorities, regulators, courts, law enforcement, or other third parties where disclosure is required or appropriate to comply with law, legal process, or binding requests; enforce agreements; protect rights, property, safety, or security; or detect, prevent, or respond to fraud, misuse, security incidents, or unlawful activity.
· Parties involved in a corporate transaction, such as a merger, acquisition, financing, investment, divestiture, restructuring, reorganization, bankruptcy, or sale of assets.
· Other recipients where you direct us to disclose the information, where the customer instructs us to disclose Client Data, or where you provide consent.
When we disclose Client Data to subprocessors or other third parties on behalf of a customer, we do so in accordance with the applicable customer agreement, data processing addendum, and documented instructions. We require service providers and subprocessors to protect personal data and to use it only for authorized purposes.
We may disclose aggregated, anonymized, or de-identified information that does not identify an individual without restriction, subject to applicable law and our contractual commitments.
INTERNATIONAL TRANSFERS
Absorb operates globally, and personal data may be processed, stored, accessed, or transferred in countries other than the country in which you are located, including Canada, the United States, Australia, the United Kingdom, the European Economic Area, and other locations where Absorb, its affiliates, service providers, or subprocessors operate.
These countries may have privacy and data protection laws that differ from those in your jurisdiction. Where required by applicable law, we use appropriate safeguards for cross-border transfers, which may include adequacy decisions, standard contractual clauses approved by the European Commission, the UK International Data Transfer Agreement or UK Addendum, contractual commitments with service providers and subprocessors, transfer impact assessments, or other lawful transfer mechanisms.
For Client Data, international transfers are governed by the applicable customer agreement and data processing addendum. Customers may request information about applicable transfer safeguards as provided in their agreement with Absorb.
For individuals in Canada, personal data may be transferred outside your province or country and may be accessible to courts, law enforcement, government, national security, or regulatory authorities in accordance with the laws of those jurisdictions.
DATA SECURITY
We maintain administrative, technical, organizational, and physical safeguards designed to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These safeguards may include access controls, authentication, encryption, logging, monitoring, vulnerability management, employee training, confidentiality obligations, incident response processes, and vendor due diligence.
Access to personal data is limited to personnel, affiliates, service providers, and subprocessors who have a business need to access it and who are subject to appropriate confidentiality and security obligations. We maintain procedures designed to identify, assess, and respond to suspected personal data incidents and will provide notices to customers, individuals, or regulators where required by applicable law or contract.
No method of transmission over the internet or method of electronic storage is completely secure. You are responsible for maintaining the confidentiality of your login credentials and for using appropriate safeguards when accessing the Services.
DATA RETENTION
We retain personal data for as long as reasonably necessary to fulfill the purposes for which it was collected, including to provide the Services, maintain accounts, comply with legal, tax, accounting, regulatory, and reporting obligations, resolve disputes, enforce agreements, maintain security, and establish, exercise, or defend legal claims.
The retention period depends on the nature of the personal data, the purposes of processing, the sensitivity of the information, the risk of harm from unauthorized use or disclosure, applicable legal or contractual requirements, and whether the purposes can be achieved through other means.
For Client Data, retention is generally determined by the customer, the applicable agreement, customer configuration, and documented instructions. Upon expiration or termination of a customer Services, we handle Client Data in accordance with the applicable agreement, including any return, deletion, backup-retention, or archival requirements.
We may retain aggregated, anonymized, or de-identified information for lawful business purposes where the information no longer identifies an individual. We may also retain backup copies for a limited period in accordance with our backup, disaster recovery, legal, and security practices.
YOUR LEGAL RIGHTS
Depending on your location and relationship with Absorb, you may have rights regarding your personal data. These rights may include the right to request access to personal data; correction of inaccurate or incomplete personal data; deletion or erasure; restriction of processing; objection to processing, including objection to direct marketing; portability; withdrawal of consent where processing is based on consent; and the right not to be subject to certain automated decisions that produce legal or similarly significant effects.
Residents of certain U.S. states may also have rights to confirm whether we process personal information, access or delete personal information, correct inaccuracies, obtain a portable copy, opt out of certain targeted advertising, sales, or profiling, limit or withdraw consent for sensitive personal information, and appeal certain decisions. The exact scope of these rights varies by state.
We do not sell personal data for money. If our use of advertising or analytics technologies is considered a sale, sharing, or targeted advertising under applicable U.S. state privacy laws, you may have the right to opt out through the mechanisms we make available, such as a cookie preference tool, Your Privacy Choices link, or by contacting us.
Depending on where you are located, you may also have rights relating to automated decision-making or profiling, including the right to object to or opt out of certain automated decision-making activities.
To exercise rights regarding personal data for which Absorb acts as controller, contact us using the details in the Contact Details section. We may need to verify your identity and may request additional information to process your request. We will respond within the time required by applicable law and may deny a request where permitted by law.
If you are an end user of the Services through a customer organization and your request relates to Client Data, please direct your request to that customer. Because the customer controls Client Data, Absorb may be unable to respond directly to your request and may refer your request to the customer or support the customer in responding.
You may designate an authorized agent to submit certain requests where permitted by law. We may require proof of authorization and verification of identity before acting on an agent request. We will not discriminate against you for exercising privacy rights, except as permitted by law.
CONTACT DETAILS
If you have questions about this Privacy Policy or our privacy practices, or if you wish to exercise privacy rights relating to personal data for which Absorb acts as controller, you may contact us at:
Email: privacy@absorblms.com
Postal address: Absorb Software Inc., Centennial Place - East Tower, Suite 308, 520 - 3rd Avenue SW Calgary, AB, Canada T2P 0R3
Please do not include sensitive personal data in your request unless necessary. If your request relates to Client Data processed on behalf of a customer, please identify the relevant customer organization so that we can route the request appropriately.
COMPLAINTS
We encourage you to contact us first if you have concerns about our privacy practices so that we can attempt to resolve them.
Depending on your location, you may have the right to lodge a complaint with a privacy or data protection authority. In the United Kingdom, you may contact the Information Commissioners Office. In the European Economic Area, you may contact your local supervisory authority. In Canada, you may contact the Office of the Privacy Commissioner of Canada or the applicable provincial privacy regulator. You may also have rights to appeal certain privacy-rights decisions under U.S. state privacy laws.
CHANGES TO THE PRIVACY POLICY AND YOUR DUTY TO INFORM US OF CHANGES
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, Services, legal requirements, or other operational needs. When we update this Privacy Policy, we will revise the Last Updated or effective date and post the updated version on our website. Where required by law, we will provide additional notice or obtain consent.
THIRD PARTY LINKS
Our websites and Services may contain links to third-party websites, plug-ins, applications, platforms, content, or services. We do not control third parties and are not responsible for their privacy practices. When you leave our website or interact with a third-party service, you should review that third party privacy notice.
CHROME EXTENSION PRIVACY NOTICE
This section applies to any Absorb browser extension made available for Google Chrome or through the Chrome Web Store (each, a “Chrome Extension”). It supplements the rest of this Privacy Policy. If there is a conflict between this section and another section of this Privacy Policy with respect to a Chrome Extension, this section controls for the Chrome Extension.
User Data Processed by a Chrome Extension
Depending on the functionality enabled by the Chrome Extension and the permissions granted by you or your organization, a Chrome Extension may collect, access, use, store, or transmit the following categories of user data:
· account and authentication information, such as your name, email address, organization, user ID, access token, session identifier, and sign-in status;
· extension usage data, such as feature usage, settings, preferences, installation status, error logs, diagnostics, and performance data;
· technical data, such as browser type and version, device and operating system information, IP address, timestamps, and extension version;
· website and tab information, such as the URL, domain, page title, tab identifier, or web page metadata, but only where needed to provide a user-facing feature of the Chrome Extension;
· website content or user-selected content, such as text, links, files, form fields, learning content, or page content that you choose to access, submit, save, analyze, import, or interact with through the Chrome Extension; and
· Client Data, if the Chrome Extension is used in connection with a customer’s Absorb Services environment or an integration configured by a customer.
The Chrome Extension may also use Chrome extension permissions, such as storage, activeTab, tabs, scripting, identity, notifications, or host permissions, only where such permissions are reasonably necessary for the Chrome Extension’s disclosed functionality. The Chrome Extension’s Chrome Web Store listing or in-product disclosures may provide additional detail about the specific permissions used by that Chrome Extension.
How We Use Chrome Extension User Data
We use Chrome Extension user data only for purposes consistent with this Privacy Policy, the Chrome Extension’s disclosed functionality, and applicable law. These purposes may include to:
· provide, operate, maintain, and improve the Chrome Extension and related Services;
· authenticate users, maintain sessions, and connect the Chrome Extension to an authorized Absorb account, customer environment, or integration;
· perform user-requested actions, such as saving, importing, launching, analyzing, or synchronizing learning-related content or activity;
· apply user preferences and extension settings;
· provide support, troubleshoot errors, monitor performance, and maintain security;
· detect, prevent, and investigate fraud, abuse, misuse, security incidents, and policy violations;
· comply with legal obligations and enforce applicable agreements; and
· process Client Data on behalf of, and under the instructions of, the applicable customer when the Chrome Extension is used as part of the Services.
Limited Use and Chrome Web Store Commitments
We do not sell Chrome Extension user data. We do not use or transfer Chrome Extension user data for purposes that are unrelated to the Chrome Extension’s user-facing functionality, for creditworthiness or lending decisions, or for targeted advertising unrelated to the Chrome Extension. We do not collect or transmit web browsing activity, website content, or similar Chrome Extension data except to the extent necessary to provide a user-facing feature that is described in the Chrome Extension’s Chrome Web Store listing, in-product disclosures, or this Privacy Policy.
Where the Chrome Extension receives information from Google APIs, Absorb’s use and transfer of that information will adhere to the Chrome Web Store User Data Policy, including the Limited Use requirements.
Sharing Chrome Extension User Data
We may disclose Chrome Extension user data as described in this Privacy Policy, including to the Absorb Group, service providers and subprocessors, security and infrastructure providers, analytics and diagnostics providers, professional advisers, public authorities where required by law, and parties involved in a corporate transaction. If you use the Chrome Extension through an organization, such as your employer, training provider, or another Absorb customer, we may disclose relevant Chrome Extension user data and Client Data to that organization and process it according to that organization’s instructions and agreement with Absorb.
Storage, Retention, And Deletion
The Chrome Extension may store certain information locally in your browser or device, such as settings, preferences, identifiers, cached content, or authentication state, and may transmit certain information to Absorb systems or authorized service providers. We retain Chrome Extension user data for as long as reasonably necessary for the purposes described in this Privacy Policy, to provide the Chrome Extension and related Services, to comply with legal obligations, to resolve disputes, and to enforce agreements, unless a longer retention period is required or permitted by law or by the applicable customer agreement. You may remove locally stored extension data by uninstalling the Chrome Extension, clearing browser storage, revoking permissions, or using available browser or account settings. Some data may continue to be retained in Absorb systems or customer-controlled systems as described in this Privacy Policy and applicable customer agreements.
Security
We use administrative, technical, and organizational safeguards designed to protect Chrome Extension user data. Where the Chrome Extension transmits personal data, we use secure transmission methods, such as HTTPS, where technically feasible and appropriate. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.
Your choices and rights
You may control certain Chrome Extension data by managing Chrome permissions, changing extension settings, signing out of your account, revoking access, clearing browser storage, or uninstalling the Chrome Extension. You may also exercise applicable privacy rights as described in this Privacy Policy. If the Chrome Extension is provided to you through an Absorb customer and your request relates to Client Data, you should direct your request to that customer. If Absorb receives such a request directly, we may refer the request to the customer or support the customer in responding, consistent with applicable law and our contractual obligations.