Privacy policy

Last updated: May 16, 2026

Introduction

Welcome to OpenSCORM (“we,” “our,” or “us”). We respect your privacy and are committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our open source web application and the hosted service at openscorm.com.

Information we collect

Information you provide directly

We may collect information that you voluntarily provide when using our service, including:

• Account information (username, email address, password)
• Profile information you choose to add
• SCORM packages and related content you upload
• Learner records generated when learners interact with content you host
• Communications you send to us (support requests, feedback)

Information collected automatically

When you use our application, we may automatically collect:

• Log data (IP address, browser type, operating system)
• Usage information (features used, time spent, interactions)
• Device information (device type, unique device identifiers)
• Cookies and similar tracking technologies

How we use your information

We use the collected information to:

• Provide, maintain, and improve our services
• Authenticate users and ensure security
• Respond to your requests and provide support
• Send important service-related communications
• Analyze usage patterns to enhance user experience
• Comply with legal obligations
• Protect against fraudulent or illegal activity

Data storage and security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the internet or electronic storage is 100% secure.

Your data is stored using cloud services provided by Microsoft Azure. We retain your information only for as long as necessary to fulfill the purposes outlined in this policy or as required by law.

Data sharing and disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• With your consent: When you explicitly agree to share your information.
• Service providers: With trusted third parties who assist us in operating our application (hosting, payments, analytics).
• Legal requirements: When required by law, court order, or governmental request.
• Protection of rights: To protect our rights, property, safety, or that of our users.
• Business transfers: In connection with a merger, acquisition, or sale of assets.

Your rights and choices

Depending on your location, you may have certain rights regarding your personal information:

• Access: Request access to your personal information.
• Correction: Request correction of inaccurate information.
• Deletion: Request deletion of your personal information.
• Portability: Request a copy of your data in a structured format.
• Opt-out: Opt-out of certain communications or data processing.

To exercise these rights, email us at scoop@openscorm.com.

Open source considerations

As an open source project:

• Our source code is publicly available at github.com/openscorm/scoop.
• Third parties may create their own instances of this application.
• We aren’t responsible for the privacy practices of third-party instances.
• This policy applies only to the hosted instance we operate at openscorm.com.

Third-party links and services

Our application may contain links to third-party websites or services. We aren’t responsible for their privacy practices. Review their policies separately.

Children’s privacy

Our service is not directed to individuals under the age of 13. We don’t knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us.

International data transfers

If you access our service from outside Canada, please be aware that your information may be transferred to, stored, and processed in Canada (or in the United States via our cloud infrastructure provider). By using our service, you consent to such transfer.

Changes to this policy

We may update this privacy policy from time to time. We’ll notify you of any changes by posting the new policy on this page and updating the “Last updated” date. Review periodically.

Contact information

If you have questions about this privacy policy or our data practices, contact us:

• Email: scoop@openscorm.com
• GitHub issues: github.com/openscorm/scoop/issues

Additional disclosures for specific regions

European Union users (GDPR)

If you are located in the European Union, you have additional rights under the GDPR, including the right to object to processing and the right to lodge a complaint with your local supervisory authority.

Legal basis for processing. We process your personal data based on:

• Your consent
• Performance of a contract
• Compliance with legal obligations
• Our legitimate interests

California residents (CCPA)

California residents have specific rights under the CCPA, including the right to know what personal information is collected and the right to request deletion.