Open eLMS Privacy Policy

What information does Open eLMS collect?

The information Open eLMS collects is very much dependent upon the client organisation’s wishes, as a minimum the information required to register on the system includes email address, first name and last name.  If manual registration is used by the system then this is an open and honest process and you will be informed what the data will be used for when registering.

Privacy has been considered as a primary factor in design of all our systems.

What do we use your information for?

Any of the information we collect is used in one of the following ways:

  • To personalize your training
    (your information helps system to assign training that matches your individual needs)
  • To send periodic emails
    (the system sends out periodic emails e.g. when learning is due)
  • To record progress for the tracking of progress both for the individual and for management oversight.

The email address you provide will not be used for marketing purposes or shared with any third party organisations.

Where do we store your information?

Data storage is provided by European leading infrastructure supplier Microsoft Azure with the Primary Server located in London, UK and the Secondary in Cardiff, UK.

How do we protect your information?

We implement a variety of security measures to maintain the safety of your personal information when you enter, submit, or access your personal information.

We offer the use of a secure server. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Database to be only accessed by those authorized with access rights to our systems, and are required to keep the information confidential.

After a transaction, relevant financial Personally Identifiable Information (credit cards, social security numbers, etc.) will not be stored on our servers.

Azure maintains the largest compliance portfolio in the industry both in terms of breadth (total number of offerings), as well as depth (number of customer-facing services in assessment scope). Details of compliance standards to which the hosting body adheres can be found at the Azure, Dynamics 365, Microsoft 365, and Power Platform compliance offerings page.

Do we use cookies?

The Open eLMS system does not use cookies.

How does the Open eLMS system use the YouTube API?

Open eLMS Ltd verifies that its Open eLMS system accurately represents its identity and intent as specified by Google’s API Services User Data Policy when using the YouTube Data API. Open eLMS utlises the YouTube API’s Playlists request read only access to populate its own database with each YouTube URL in the requested playlist along with associated metadata, namely the video name, description, author and thumbnail image. The purpose of requesting the data is to populate the Open eLMS Learning Management System with YouTube video content saving the user from manually inputting the information. This data will be imported into the Learning Library and can henceforth be shared with users of the system.

Do we disclose any personal information to outside parties?

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety.

Subject Access Requests

Information kept on any subject will be provided in the response to any subject access request in a machine readable form within 30 days.  This will be in xml or csv formats and contain all personal data and information concerning any occasions when that data was transferred to any third party (such as trusted parties or assist us in operating our website who have agreed to keep any information confidential.)

Children’s Online Privacy Protection Act Compliance

We are in compliance with the requirements of COPPA (Childrens Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age. Our website, products and services are all directed to people who are at least 13 years old or older.

Your Consent

By using our site, you consent to our privacy policy.

Your Choices and rights

You have a number of legal rights in relation to the personal information that we hold about you and you can exercise your rights by contacting us using the details set out below. Depending on applicable law, these rights may include:

  • obtaining information regarding the processing of your personal information and access to the personal information which we hold about you (please note that there may be circumstances in which we are entitled to refuse requests for access to copies of personal information. In particular, information that is subject to legal professional privilege will not be disclosed other than to our client and as authorised by our client.);
  • requesting that we correct your personal information if it is inaccurate or incomplete and cannot be done so by the client’s system administrator;
  • requesting that we erase your personal information in certain circumstances. Please note that there may be circumstances where you ask us to erase your personal information but we are legally entitled to retain it;
  • objecting to, and requesting that we restrict, our processing of your personal information in certain circumstances. Again, there may be circumstances where you object to, or ask us to restrict, our processing of your personal information but we are legally entitled to refuse that request;
  • in some circumstances, receiving some personal information in a structured, commonly used and machine-readable format and/or requesting that we transmit that information to a third party where this is technically feasible. Please note that this right only applies to personal information which you have provided to us;
  • withdrawing your consent, although in certain circumstances it may be lawful for us to continue processing without your consent if we have another legitimate reason (other than consent) for doing so; and
  • lodging a complaint with the relevant data protection authority, if you think that any of your rights have been infringed by us.
  • we can, on request, tell you which data protection authority is relevant to the processing of your personal information.
  • in certain jurisdictions like France, you have the right to provide directives on the processing of your personal data after your death.

Changes to our Privacy Policy

If we decide to change our privacy policy, we will post those changes on this page.

This policy was last modified on 1st August 2023.

Contacting Us

If there are any questions regarding this privacy policy or if you would like further information on the collection, use, disclosure, transfer or processing of your personal information or the exercise of any of the rights listed above, please contact us.  You may contact the following person in the company responsible for GDPA compliance and other privacy issues using the information below.


Emil Reisser-Weston
Managing Director

Open eLMS Ltd.
Kemp House, 124 City Rd, London, EC1V 2NX
info@openelms.com 
+44 (0)203 929 2051