top of page

Privacy Policy

PRIVACY POLICY

www.lassomgmt.com

Effective Date: 16th September 2025
 

1. Introduction & Scope

This Privacy Policy explains how devcws LLC, a U.S. limited liability company, collects, uses, shares, and safeguards personal information in connection with our website, hosted learning management system (“LMS”), and custom eLearning development services, including features powered by artificial intelligence (“AI”).

This Policy applies to:

  • Clients who purchase or use our Services;

  • Authorized users and learners who access training content through our LMS; and

  • Visitors who browse our website.

By accessing or using the Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, you must discontinue use of the Services immediately. Supplemental agreements (including Terms & Conditions, Statements of Work, and Data Processing Agreements) may also govern specific projects or features; in the event of conflict, the more specific agreement will prevail.

 

2. Definitions

For purposes of this Privacy Policy:

  • “Personal Data” means any information relating to an identified or identifiable individual (e.g., name, email, IP address, learner progress data).

  • “Processing” means any operation performed on Personal Data, including collection, storage, use, disclosure, or deletion.

  • “Client Data” means data provided by our business clients (including employee or learner information uploaded into the LMS).

  • “Learner Data” means training and performance information generated by users of the LMS.

  • “AI Outputs” means any text, audio, translation, narration, or assessment generated through automated or AI-enabled features.

  • “Applicable Laws” means all relevant privacy and data protection laws, including the EU General Data Protection Regulation (GDPR), UK GDPR, California Consumer Privacy Act as amended by CPRA (CCPA), the Children’s Online Privacy Protection Act (COPPA), and any U.S. state privacy laws that may apply.

 

3. Data Controller & Contact Information

For the purposes of U.S. privacy law and international regulations (such as GDPR):

If required by law, we may also appoint a Data Protection Officer (“DPO”) or EU/UK Representative, whose details will be made available in this Policy.

Clients who upload or otherwise submit their employees’ or learners’ Personal Data into our LMS act as “controllers” of such data. In that capacity, devcws LLC operates as a “processor” under GDPR and similar regimes, processing such data solely on clients’ instructions.

 

4. Categories of Data Collected

We may collect and process the following categories of Personal Data:

  • Identifiers: Name, company, email address, phone number, username, password.

  • Professional Data: Job title, department, training role (e.g., administrator, learner).

  • Transaction Data: Billing details, payment confirmations, subscription plan details.

  • Usage Data: IP address, browser type, operating system, device identifiers, LMS activity logs, clickstream data.

  • Training & Performance Data: Course enrollments, progress, scores, completion certificates, feedback responses.

  • Client Content: Materials, policies, and training modules uploaded by clients.

  • AI Interaction Data: Text prompts, translations, narrations, or other inputs/outputs generated using AI features.

  • Cookies & Tracking Data: Information collected through cookies and similar technologies, further described in our Cookie Policy.

We do not knowingly collect sensitive categories of data (such as health, biometric, or religious data) unless explicitly provided by the client for training purposes, in which case the client is solely responsible for compliance with applicable laws.

 

5. How We Collect Data

We collect Personal Data through the following means:

  • Direct Collection: When clients register, purchase Services, upload content, or communicate with us.

  • Automated Collection: Through cookies, analytics scripts, server logs, and device identifiers when you interact with our website or LMS.

  • Learner Interaction: When users engage with training modules, assessments, or other LMS content.

  • Third-Party Sources: From integrated tools (e.g., payment processors, analytics providers, translation engines) where permitted by law.

  • AI Tools: When clients or learners use AI features, resulting in collection of prompts, interactions, and generated outputs.

 

6. Purpose of Processing

We process Personal Data only for legitimate and disclosed purposes, including:

  • Service Provision: Delivering eLearning content, administering LMS access, and providing customer support.

  • Customization & Enhancement: Adapting learning experiences, generating assessments, or tailoring content through AI-powered features.

  • Business Operations: Account management, billing, auditing, and dispute resolution.

  • Analytics & Improvements: Monitoring performance, usage trends, and system health.

  • Legal & Compliance: Meeting regulatory requirements, responding to lawful requests, and enforcing our agreements.

  • Marketing & Communication: Sending service updates, newsletters, or promotional offers (where permitted and with opt-out rights).

We will not process Personal Data for purposes incompatible with this Policy without first obtaining your consent.

 

7. Legal Bases for Processing (GDPR & Global Frameworks)

Where GDPR, UK GDPR, or other global laws apply, we rely on the following legal bases:

  • Contractual Necessity: Processing required to perform our contractual obligations to clients.

  • Legitimate Interests: For internal business operations, fraud prevention, product improvement, and service security, provided such interests are not overridden by data subject rights.

  • Consent: Where required (e.g., marketing emails, cookies, AI personalization features).

  • Legal Obligation: To comply with applicable laws, tax rules, or regulatory investigations.

For U.S. users, we comply with applicable state privacy regimes (including CCPA/CPRA) by ensuring you can exercise rights to access, correct, delete, or opt out of data sharing.

8. Use of AI & Automation

The Services incorporate AI-powered features such as narration, translation, automated assessments, and content enhancement. While these features are designed to improve efficiency and learner engagement, AI-generated outputs may contain inaccuracies, limitations, or unintended results.

Clients and learners must review all outputs before relying on them. Approval or deployment of AI-generated content constitutes acceptance of full responsibility by the Client. devcws LLC is not liable for damages, compliance issues, or losses arising from unreviewed or unverified AI outputs.

 

9. Sharing & Disclosure of Data

We do not sell personal data. We may share Personal Data only as follows:

  • Service Providers: With trusted vendors that provide hosting, payment processing, analytics, email delivery, or technical support.

  • Affiliates: With corporate affiliates under common ownership, subject to this Policy.

  • Legal Disclosures: When required by law, subpoena, court order, or to protect our legal rights and security.

  • Business Transfers: In the event of a merger, acquisition, or sale of assets, Personal Data may be transferred to the successor entity.

All third parties receiving Personal Data are bound by contractual obligations to safeguard the data and process it only for authorized purposes.

 

10. International Data Transfers

If Personal Data is transferred outside the United States or the European Economic Area, we implement appropriate safeguards, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission.

  • Adequacy decisions where applicable.

  • Additional technical and organizational safeguards such as encryption and limited access.

Clients remain responsible for ensuring that any data they upload complies with export and cross-border transfer restrictions.

 

11. Cookies & Tracking Technologies

We use cookies, beacons, and similar technologies to improve the functionality and performance of our Services. These may include:

  • Essential Cookies: Required for the LMS and website to operate.

  • Analytics Cookies: To monitor traffic and usage trends.

  • Functional Cookies: To remember user preferences and settings.

Users in jurisdictions requiring consent (e.g., EU, UK) will be provided with cookie banners and choices in line with legal requirements. Full details are provided in our separate Cookie Policy.

 

12. Data Retention & Deletion

We retain Personal Data only for as long as necessary to provide the Services, fulfill contractual obligations, or comply with legal requirements. Retention periods may vary depending on:

  • Active client contracts.

  • Regulatory or tax obligations.

  • Security or fraud-prevention considerations.

Upon account closure or upon verified request, we will delete or anonymize Personal Data unless retention is legally required.

 

13. Data Security Measures

We employ industry-standard security measures to safeguard Personal Data, including:

  • Encryption of data in transit and at rest.

  • Multi-factor authentication for administrative access.

  • Regular penetration testing and monitoring.

  • Access controls ensuring only authorized personnel handle sensitive information.

While we implement strong protections, no system is completely secure. Clients are responsible for safeguarding their login credentials and maintaining appropriate security for data uploaded into the LMS.

 

14. Children’s Privacy

Our Services are not directed to children under the age of 13 (U.S.) or 16 (EU/UK), and we do not knowingly collect Personal Data from them. If we learn that a child’s information has been collected without parental consent, we will delete it promptly. Clients uploading learner data must ensure compliance with COPPA and similar laws.

 

15. Client Data vs. Learner Data Responsibilities

  • Client Responsibility: Clients act as “data controllers” with respect to learner information uploaded into the LMS. Clients must obtain all required consents and provide necessary privacy notices to learners.

  • Company Responsibility: devcws LLC acts as a “processor,” handling learner data strictly in accordance with client instructions and contractual obligations.

  • No Assumption of Liability: We do not assume liability for a client’s misuse of learner data or failure to comply with privacy laws.

 

16. Your Rights (GDPR, CCPA, and Other Regimes)

Depending on jurisdiction, you may have the following rights:

  • Access to your Personal Data.

  • Correction of inaccuracies.

  • Deletion (Right to be Forgotten).

  • Restriction of processing.

  • Portability of your data.

  • Right to opt out of sale/sharing (CCPA).

  • Right to withdraw consent where processing is based on consent.

We will honor these rights in line with applicable law.

 

17. Exercising Privacy Rights

To exercise your rights, contact us at privacy@lassomgmt.com. We may require identity verification before fulfilling requests. Requests will be addressed within legally mandated timeframes (30 days under GDPR; 45 days under CCPA, extendable where allowed).

We will not discriminate against individuals for exercising privacy rights.

 

18. Third-Party Links & Services

Our Services may link to external websites, APIs, or applications. We are not responsible for the privacy practices or content of third parties. Users should review third-party privacy policies before engaging with their services.

 

19. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, technology, or business practices. Updates will be posted on our website with a revised “Effective Date.” Where legally required, we will notify you of material changes and obtain consent before continuing processing.

 

20. Contact & Complaints

For questions, concerns, or complaints regarding this Privacy Policy or our data practices, please contact:

Lasso Mgmt LLC

support@lassomgmt.com

Mgmt

Contact

Sales:
sales@lassomgmt.com

Get a Proposal

Customer Care:
support@lassomgmt.com

Contact:
howdy@lassomgmt.com

Follow

Sign up to get the latest news on our product.

© 2025 by Lasso Mgmt

bottom of page