Last Revised: May 4, 2026
Your privacy is important to us. This Privacy Policy (“Privacy Policy”) describes how LearnUp AI Create Inc. (“LearnUp AI”, “we”, “us”, or “our”) may collect, use, store, disclose, process, and transfer your personal information through your access to or use of LearnUp AI products and services, including those at https://www.learnupai.com/ as well as any subdomains, website of ours that links to this Privacy Policy, related websites, mobile applications, and other offerings (collectively, the “Services”). By using the Services or, if required by laws applicable to you, opting into this Privacy Policy, you signify your acceptance of this Privacy Policy. If you do not agree to this Privacy Policy, please do not use the Services. LearnUp AI may change this Privacy Policy from time to time by posting changes at https://www.learnupai.com/privacy-policy and may send notification emails regarding such changes. Your continued use of the Services following the posting of such changes will be deemed your acceptance of those changes, unless additional consent is required.
Privacy Policy Applicability
LearnUp AI provides a cloud based software platform that enables organizations to create, manage, and deliver digital training courses. The platform allows businesses to convert existing documentation, SOPs, and training materials into structured learning content, including courses, videos, quizzes, and knowledge checks. Customers use LearnUp AI to support employee training, onboarding, customer enablement, and operational knowledge management.
This Privacy Policy applies when you use or access the Services or share information with LearnUp AI. By accessing or using the Services and/or opting into this Privacy Policy (as applicable in your jurisdiction), you consent to this Privacy Policy. LearnUp AI may update this Privacy Policy at any time. If you do not consent to this Privacy Policy for any reason, please do not access or use the Services or share your information with us. Please note that this Privacy Policy applies only to the Services and not to any other third-party website linked to or from it, or any third-party website in which LearnUp AI’s content or functionality is embedded. We do not control the privacy policies or practices of others.
Information We Collect about You
In general, we receive and collect all information you provide via the Services, including through website input fields, advertisements, phone, email (including email campaigns), or other such ways. This includes personal information that can identify or relates to you, including, but not limited to:
Where We Collect Personal Information From
We may collect personal information from:
Who We May Share Personal Information With
We may share personal information with:
You have the choice regarding what information you share and the Services you want to engage. You can choose not to provide information to us, but in general, some information about you is required in order for you to access certain functionalities of the Services.
We may periodically obtain information about you from customers, affiliated entities, partners and other independent third-party sources and will add it to our database of information, including any information that you provide to third parties that are associated with or whose products or services are integrated with the Services.
Additionally, you may provide personal information to us to facilitate your access to and interaction with a third-party provider, such as Anthropic API (each, a “LearnUp AI Provider”). If you direct us to provide personal information to such LearnUp AI Provider, any usage of that information will be subject to the agreement(s) in place between you and such LearnUp AI Provider.
We may use cookies, log files, web beacons, device identifiers, and similar tracking technologies, including those from third-party service providers like Google Analytics and HubSpot, to automatically collect your preferences, performance data, and information about your web usage when you visit the Services. For example, we may collect usage data about you when you access and use the Services, including your IP address, device and browser information, log and diagnostic data, access times, browser type and language, Internet Service Provider, the web pages that you visit, behavior during the visit, the content you use, and the URL of the web page you visited before navigating to our Services. If you access the Services from a mobile device, we collect information about the device, including hardware model, operating system and version, unique device identifiers, and mobile network information. By collecting and using this information, we may operate and personalize the Services for you and may also combine this data with other information we have collected about you. For more information on how we use cookies, please see the “Cookies” section below.
The Services are not designed to recognize or respond to “do not track” signals received from browsers. You can control the information collected by such tracking technologies or be alerted when cookies are sent by adjusting the settings on your Internet browser or devices, but such adjustments may affect or disable certain functionality of the Services. You can learn more about targeted ads and your ability to opt out of receiving interest-based ads at optout.aboutads.info and www.networkadvertising.org/choices.
Sensitive Information. LearnUp AI does not collect any sensitive personal information through our Services. Sensitive personal information, as defined by applicable data protection laws, includes information relating to your race, ethnicity, religious beliefs, moral beliefs, philosophical beliefs, sex life, sexual orientation, gender identity, political opinions, trade union membership, citizenship status, national origin, medical information (including mental health), genetic data, biometric data, or financial information (such as account numbers). We also do not collect any information about criminal convictions or offenses.
Cookies
Cookies, also known as tracking cookies or browser cookies, and similar technologies such as web beacons, clear GIFs, pixel tags, and JavaScript (collectively, “Cookies”) are small pieces of data, usually text files, placed on a computer, tablet, phone, or similar device when you use that device to access the Services. We use the following types of Cookies:
You have the option to decide through your internet browser’s settings whether or not to accept Cookies. Most browsers allow users to choose whether to turn off the Cookie feature, which will prevent your browser from accepting new Cookies, as well as (depending on the browser) allow you to toggle whether to accept each new Cookie. You can also clear all Cookies that are already on your device. If you do this, however, you may have to manually adjust some preferences every time you visit the Services and some functionalities may not work. To explore what Cookie settings are available to you, look in the “settings”, “preferences” or “options” section of your browser’s menu.
To find out more information about Cookies, including information about how to manage and delete Cookies generally, please visit http://www.allaboutcookies.org/.
How We Use Your Information
We process your personal information with your consent or as needed to provide you the Services. We may also use your personal information to comply with legal obligations, operate our business, protect the vital interests of you, our customers, or the public, or for other legitimate interests of LearnUp AI as described in this Privacy Policy.
More specifically, we may use your personal information to:
We may use any aggregated information (as described below) for any purpose. For the avoidance of doubt (and as described below), LearnUp AI does not collect, use, or make available your personal information to any Generative AI Products, including for the purpose of training any generative AI model.
How We Share Your Information
We share your information with our partners, service providers, contractors, agents, and third-party vendors indicted in the “Information We Collect from You” section as needed to fulfill Services, including Generative AI Products as further discussed below. Please note that our partners may contact you as necessary to obtain additional information about you, facilitate any use of the Services, or respond to a request you submit.
Third-party vendors who provide products, services or functions on our behalf may include cloud database providers, data analytics companies, customer service vendors, communications service vendors, logistics service providers, marketing vendors, and security vendors. Third-party vendors have access to and may collect personal information only as needed to perform their functions, may only use personal information consistent with this Privacy Policy and other appropriate confidentiality and security measures, and are not permitted to share or use the information for any other purpose.
We also may share your information:
Other than as set out above, we will attempt to notify you when your personal information will be shared with third parties.
Aggregated Information. We may use, publish, share, distribute, or disclose personal information that has been aggregated with information from other users and otherwise anonymized and de-identified in a manner that does not allow third parties, including LearnUp AI partners, customers, and vendors, to de-identify the data or identify it as originating from you. Such information may help LearnUp AI identify and analyze training, demographic, and psychographic trends and information and report to third parties how many people saw, visited, or clicked on certain content, areas of the Services, or other materials. We may also use such data for research purposes and optimizing the Services’ functionality.
Generative AI. As further discussed in our Terms, the Services may include or provide access to third party products that provide certain generative AI functionalities (“Generative AI Products”), like Open.AI’s GPT and Anthropic, PBC’s Claude.ai application programming interfaces. You acknowledge that different terms of use and privacy policies may apply to your use of such Generative AI Products and that such terms and policies are solely between you and the advertiser or other third party. LearnUp AI will not use your personal information to train a Generative AI Product.
How We Store and Secure Your Information
Personal information collected by LearnUp AI may be stored and processed in your region, in locations throughout the United States, and in any other country where LearnUp AI or its affiliates, subsidiaries, or service providers operate facilities. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective). However, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this Privacy Policy.
LearnUp AI takes technological and organizational measures designed to protect your personal information against loss, theft, and unauthorized access, use, disclosure, or modification. For example:
We rely on the security and compliance practices of Microsoft Azure to help protect personal information processed through the Services. For more information on Microsoft’s security practices and processes, please see https://learn.microsoft.com/en-us/azure/azure-sql/database/security-overview.
LearnUp AI currently uses Stripe, LLC (“Stripe”) for payment, analytics, and other business services. Stripe collects identifying information about the devices that connect to each of their services. Stripe uses this information to operate and improve the services they provide to LearnUp AI, including for fraud detection. You can learn more about Stripe and read its privacy policy at https://stripe.com/privacy. As with all third-party providers, LearnUp AI is not a party to any agreement between you and Stripe, and LearnUp AI does not control Stripe’s privacy and data security policies. LearnUp AI reserves the right to change payment processors at any time.
LearnUp AI complies with applicable data protection laws, including applicable security breach notification requirements.
Data Retention
LearnUp AI will retain your information as long as necessary for the purposes outlined in this Privacy Policy, in a manner consistent with our data retention policy discussed in this section, and for a commercially reasonable time thereafter for backup, archival, fraud prevention or detection or audit purposes or as permitted by applicable law. LearnUp AI will retain your personal information consistent with the original purpose of collection or as long as necessary to comply with our legal obligations; maintain accurate accounting, financial and other operational records; resolve disputes; and enforce our agreements. We will never retain your information for a period longer than permitted by law.
We determine the appropriate retention period for personal information on the basis of the amount, nature, and sensitivity of the personal information being processed; the purpose for which it was collected; the potential risk of harm from unauthorized use or disclosure of the personal information; whether we can achieve the purposes of the processing through other means; and applicable legal requirements.
After expiration of the applicable retention periods, your personal information will be deleted. As discussed below, you may have the right to request we delete this information earlier.
Accessing and Updating Your Information
To the extent provided by the law of your jurisdiction, you may:
You may make these requests and any other inquiries about this Privacy Policy by emailing edward@learnupai.com. Any such requests are subject to the protection of other individuals’ rights and applicable law. Additionally, to help protect your privacy and maintain security, we may take steps to verify your identity before granting you access to the requested information. To the extent permitted by applicable law, a charge may apply before we provide you with a copy of any of your personal information that we maintain.
Additional Privacy Information
Data Transfer. Our databases are currently located in the Applicable Location. LearnUp AI makes no claim that its Services are appropriate or lawful for use or access outside the Applicable Location. If you access the Services from outside the Applicable Location, you are consenting to the transfer of your personal information from your location to the Applicable Location. You are solely responsible for complying with all local laws, rules and regulations regarding online conduct and access to the Services. By providing us your information, you further consent to its storage within the Applicable Location.
Collection of Data from Children. The Services are not directed to children, and you may not use the Services or provide any personal information to LearnUp AI if you are under the age of 16 (or the lowest age permitted by applicable law) or if you are not old enough to consent to the processing of your personal information in your country. We do not collect or process personal information of individuals under the age of 16 or the lowest age permitted by applicable law unless we receive all necessary consents from the individual’s parent or guardian.
California Resident Privacy Rights. California Civil Code Section 1798.83 permits our customers who are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please e-mail us or contact us through the methods stated above.
European Union, United Kingdom, and Swiss Data Subject Rights
If you are a resident of the European Union (“EU”), United Kingdom (“UK”), Switzerland, Lichtenstein, Norway or Iceland]], you may have additional rights under the EU or UK General Data Protection Regulation (the “GDPR”) or the Swiss Federal Act on Data Projection (“FADP”, and together with the GDPR, “EU Privacy Laws”), as applicable, with respect to your Personal Data. The following discusses these rights.
For this section, the EU Privacy Laws definition of “Personal Data” and “processing” are used. Generally, “Personal Data” means information that can be used to individually identify a person, and “processing” relates to actions that can be performed in connection with collecting, using, storing, and disclosing such data. LearnUp AI is the controller of your Personal Data processed in connection with the Services.
If a conflict exists between this this section and any other provision of this Privacy Policy, the more protective policy or portion shall govern to resolve such conflict. If you have any questions about this section or whether any of the following applies to you, please contact us at edward@learnupai.com.
We may also process Personal Data of our customers’ end users in connection with our provision of services to our customers. In this case, we are the processor of Personal Data. If you have any questions regarding Personal Data when LearnUp AI is the data processor, please contact the controller party in the first instance to address your rights with respect to such data.
Personal Data We Collect. The “Information We Collect from You” section above details the Personal Data that we collect from you.
Personal Data Use and Processing Grounds. The “How We Use Your Information” section above explains how we use your Personal Data. We will only process your Personal Data as explained in this Privacy Policy and if we have a lawful basis for doing so. The lawful bases include receiving your consent, having a contractual necessity, and furthering our legitimate interests or the legitimate interest of others. The following sections describe these in greater detail.
Consent
We process Personal Data based on the consent you expressly grant to us at the time we collect the data. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection.
Contractual Necessity
We may process the Personal Data as a matter of “contractual necessity”. This means that we need to process the data to perform under our agreement with you and enable us to provide you with the Services. When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of the Services.
Legitimate Interest
We process the following categories of Personal Data when we believe it furthers the legitimate interest of us or third parties providing products or services in connection with the Services:
We may also de-identify and anonymize Personal Data to further our legitimate interests.
Examples of these legitimate interests include (as described in more detail above in the “How We Use Your Information” section):
Other Processing Grounds
Occasionally, we may also need to process Personal Data to comply with legal obligations, to protect the vital interests of you or other data subjects, or to carry out a task necessary for the public’s interest.
Sharing Personal Data. The “How We Share Your Information” section above details how we share your Personal Data with third parties.
EU and UK and Swiss Data Subject Rights
EU and UK and Swiss data subjects have certain rights with respect to Personal Data. This is further set forth below. For more information about these rights or to submit a request, please email us at edward@learnupai.com. Please note that in some circumstances, LearnUp AI may be unable to fully comply with your request, including if the request is frivolous, extremely impractical, jeopardizes other’s rights, or not required by law. In those circumstances, we will still notify you of such a decision. Generally, we may also need you to provide us additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request. Your rights include:
Transfers of Personal Data. The “Data Transfer” information in the “Additional Privacy Information” section above details how and where we transfer your data. Most significantly, our databases are currently located in the Applicable Location, and you are consenting to LearnUp AI transferring your Personal Data to the Applicable Location. When we transfer your Personal Data from the EU, UK, or Switzerland to the Applicable Location or other countries that may not provide an equivalent level of data protection, we implement appropriate safeguards to protect your Personal Data. These safeguards include Standard Contractual Clauses approved by the European Commission and/or reliance on adequacy decisions where applicable.
Last Revised: May 4, 2026
1. Purpose and Scope
LearnUp AI Create Inc. (“LearnUp,” “we,” “us,” or “our”) provides a cloud based software platform that enables organizations to create, manage, and deliver digital training content. This Security Policy describes the administrative, technical, and organizational measures LearnUp maintains to support the confidentiality, integrity, and availability of Customer Personal Data and other information processed through the Services.
This Policy establishes the security principles, governance responsibilities, and operational controls designed to protect systems, infrastructure, and customer information processed through the Services. Security measures are maintained in a manner appropriate to the size, complexity, risk profile, and operating environment of LearnUp.
This policy is the Security Policy referenced in Section 5 of the LearnUp Data Processing and Protection Addendum (the “DPA”) and supports the commitments made in the LearnUp Privacy Policy and Usage Guidelines. Capitalized terms not defined here have the meaning given in the DPA or the applicable Master Services Agreement.
LearnUp maintains technical and organizational measures consistent with customer agreements, privacy commitments, usage requirements, and applicable data processing obligations.
2. Security Ownership and Governance
Security responsibilities are owned by LearnUp Leadership, which designates a Security Owner accountable for maintaining the information security program, overseeing operational security practices, and coordinating responses to security related matters.
LearnUp maintains documented security practices and periodically reviews security measures based on changes to services, infrastructure, legal obligations, and operational requirements.
3. Hosting and Infrastructure
Customer data is primarily stored and processed using Microsoft Azure cloud infrastructure together with approved subprocessors and service providers necessary to deliver the Services. LearnUp implements security controls across application, infrastructure, and operational layers while leveraging inherited controls from cloud infrastructure providers where appropriate.
LearnUp relies on the security and compliance practices of Microsoft Azure to help protect data processed through the Services, including Azure’s physical, network, and platform security controls. LearnUp does not operate its own data centers; physical and environmental security for production infrastructure is inherited from Microsoft Azure.
Microsoft Azure maintains independent third party certifications and attestations, including ISO/IEC 27001 and SOC 2. More information is available at https://learn.microsoft.com/en-us/azure/security/.
4. Access Control and Identity Management
Workforce members accessing systems remotely use authentication and security controls appropriate to the sensitivity of the information accessed.
5. Encryption
Customer data processed by LearnUp services is encrypted in transit and stored using infrastructure that supports encryption at rest. Data is transmitted over secured communication channels using SSL/TLS. These measures are designed to protect data against loss, theft, and unauthorized access, use, disclosure, or modification.
6. Data Governance and Classification
6.1 Data Handling Principles
LearnUp maintains operational distinctions between public, confidential, and customer restricted information to support appropriate handling, access management, and protection measures.
6.2 Sensitive Data Handling
LearnUp does not generally require special category or regulated personal data to provide the Services unless otherwise agreed in writing or uploaded at Customer direction.
Consistent with LearnUp agreements and usage requirements, customers should avoid submitting sensitive personal data, government issued identification numbers, financial account information, health or medical information, biometric identifiers, or precise geolocation data unless otherwise expressly agreed in writing.
6.3 Data Retention and Disposal
Customer information is retained and deleted in accordance with applicable agreements, operational requirements, and LearnUp data handling practices.
7. Logging, Monitoring, and Operational Security
LearnUp maintains logging and operational monitoring capabilities intended to support operational oversight, security investigations, and incident response activities.
8. Vulnerability and Patch Management
LearnUp maintains processes intended to identify, prioritize, and remediate vulnerabilities affecting systems and dependencies supporting the Services. Security updates are applied according to operational risk and platform requirements.
Underlying infrastructure patching responsibilities are shared with Microsoft Azure according to the applicable shared responsibility model.
9. Subprocessors
LearnUp engages a limited set of subprocessors to provide the Services. Microsoft Azure is the primary infrastructure provider. Additional subprocessors and service providers may be identified in the DPA Appendix A and Privacy Policy.
Before a subprocessor processes Customer Personal Data, LearnUp imposes contractual obligations substantially similar to those contained in applicable customer agreements and maintains responsibility for oversight of subprocessors supporting delivery of the Services.
LearnUp also uses third party service providers supporting customer engagement, analytics, infrastructure, and AI functionality, including providers such as HubSpot, OpenAI, Anthropic, and other approved providers as necessary to deliver the Services.
10. Artificial Intelligence and Model Data Use
The Services use AI features to generate Output, and certain features rely on third party generative AI providers.
LearnUp does not intentionally use Customer Personal Data to train publicly available generative AI models unless otherwise agreed in writing.
Where the Services pass data to third party AI providers to generate Output, processing is performed solely to provide the Services and remains subject to applicable agreements and usage requirements.
LearnUp evaluates AI related risks, including unauthorized disclosure, misuse of customer data, and model related operational risks, as part of LearnUp’s broader security and operational risk management practices.
11. Data Retention and Deletion
LearnUp retains Customer Personal Data for the term of applicable agreements and for the period during which LearnUp continues to process such data on behalf of customers.
Following termination or expiration of applicable agreements, and upon request where applicable, LearnUp will delete or return Customer Personal Data within ninety (90) days unless continued retention is required by law.
12. Business Continuity, Availability, and Backups
LearnUp maintains data backups and relies on the resilience, redundancy, and availability capabilities provided by Microsoft Azure to support service continuity.
Backup and recovery processes are maintained in a manner appropriate to the size, complexity, and operational requirements of the environment.
13. Incident Response and Breach Notification
LearnUp maintains operational processes intended to support the identification, investigation, containment, remediation, and communication of security incidents.
Upon becoming aware of a Personal Data Breach, LearnUp will notify affected customers without undue delay and in any event within seventy two (72) hours, consistent with applicable contractual obligations.
A Personal Data Breach does not include unsuccessful attempts or activities that do not compromise Customer Personal Data, including unsuccessful login attempts, pings, port scans, or denial of service activity.
14. Personnel
LearnUp personnel and contractors are bound by confidentiality obligations and are granted access to Customer Personal Data only on a least privilege basis as necessary to perform their role responsibilities.
15. Compliance, Certifications, and Audit
LearnUp designs services and contractual commitments to support applicable privacy and data protection obligations, including GDPR, UK GDPR, Swiss FADP, and CCPA/CPRA where applicable.
LearnUp infrastructure is hosted on Microsoft Azure, which maintains ISO/IEC 27001 certification and SOC 2 attestation.
LearnUp’s own SOC 2 and ISO 27001 efforts are currently under evaluation and roadmap planning.
LearnUp may provide additional information regarding security controls or operational practices upon reasonable customer request and subject to applicable confidentiality obligations. Such requests may be fulfilled through documentation, questionnaires, or other commercially reasonable means.
16. Policy Review and Contact
LearnUp periodically reviews this policy and may update it to reflect changes to services, infrastructure, legal requirements, operational practices, or risk conditions.
Material updates may be reflected through updated versions of this policy or successor documentation.
Questions regarding this policy or LearnUp security practices may be directed using the contact information identified within the LearnUp Privacy Policy.
Standardize knowledge, reduce ramp time, and keep teams aligned as work evolves.