PRIVACY

Privacy Policy

This Privacy Policy explains how Enrollait (“we”, “us”, “our”) collects, uses, discloses, and protects personal information when you access our platform and tenant-branded experiences powered by Enrollait.

Effective: 02 Feb, 2026 Last updated: 02 Feb, 2026

This Privacy Policy explains how Enrollait (“Enrollait,” “we,” “us,” “our”) collects, uses, discloses, and protects personal information when you access our websites, tenant-branded storefronts powered by Enrollait, and our administrative platform (collectively, the “Services”).

1) How Enrollait works (White-label / Multi-tenant)

Enrollait provides a white-label storefront layer and sales-to-access automation that organizations (“Tenants”) use to sell and deliver digital courses to end users (“Learners”). Enrollait is not a multi-vendor marketplace and does not resell Tenant courses.

Depending on your interaction with the Services, Enrollait may act as either:

  • A service provider/processor on behalf of a Tenant (for example, helping the Tenant create an LMS account and enroll a Learner after a successful course purchase); or
  • A controller/business for limited information needed to operate, secure, and improve the Enrollait platform (for example, security logs, fraud prevention, and admin account management).
Tenant privacy notices

If you interact with a Tenant-branded storefront, the Tenant may have its own privacy practices and notices. The Tenant is responsible for its own notices and compliance regarding Learner data it controls, including course content and support.

2) Information we collect

A. Information you provide

Learners / Purchasers (Tenant storefronts)
  • • Identifiers such as email address (and name if provided)
  • • Purchase metadata (order ID, product purchased, totals, timestamps, status)
  • • Support messages you send through the storefront or to us (if applicable)

Note: Payment card details are handled by the seller’s payment provider (e.g., the Tenant’s processor). Enrollait typically receives payment status/events and order metadata, not full card numbers.

Tenant admins (Enrollait accounts)
  • • Admin email, name (if provided), role/permissions, last login time
  • • Configuration data you enter (storefront settings, course/product mapping, integration settings)
  • • Support communications (messages you send us)

B. Information we collect automatically

  • • Device and log data (IP address, browser type, timestamps, pages/actions)
  • • Cookies/session identifiers (to keep you logged in and secure sessions)
  • • Security and fraud signals (rate limiting, suspicious login/activity indicators)

C. Information from integrations / third parties

  • • Checkout and payment status events from payment providers connected by the seller (e.g., Stripe webhooks/events)
  • • Email delivery events from email providers (e.g., delivery, bounce, complaint signals)
  • • LMS provisioning/enrollment data (e.g., user ID, enrollment status) when a Tenant connects an LMS such as Moodle
Merchant of Record (MoR) billing data

If you purchase an Enrollait subscription, the subscription may be billed by Enrollait or by an authorized Merchant of Record (MoR). In those cases, the MoR and/or its payment processor will receive billing and transaction information to process the subscription purchase, taxes (where required), and refunds/chargebacks.

Sensitive data

Please do not submit sensitive personal information (such as government IDs, full payment card numbers, health information, or information about minors) through support channels unless we specifically request it for a valid reason.

3) How we use information

We use personal information to:

  • • Provide and operate the Services (storefront flows, order creation, LMS provisioning/enrollment, admin access).
  • • Communicate about transactions and access (order confirmations, course access instructions, password setup/reset guidance).
  • • Provide customer support and respond to requests.
  • • Maintain security and prevent fraud/abuse (authentication, monitoring, auditing, enforcing our Terms).
  • • Improve performance and reliability (debugging, analytics in aggregate, product improvement).
  • • Comply with legal obligations and respond to lawful requests.
No “sale” of personal information

We do not sell personal information. We do not share personal information with third parties for their own direct marketing purposes without appropriate notice and, where required, consent.

4) How we disclose information

We may disclose personal information:

  • • To Tenants (as necessary for the Tenant to deliver access and support Learners).
  • • To service providers that help us run the platform (hosting, monitoring, email delivery, analytics, customer support tools).
  • • To payment parties for subscription billing (Enrollait and/or an MoR and their processors) and to the seller’s payment provider for course checkout events/status.
  • • For legal and safety reasons (to comply with law, respond to lawful requests, protect rights and safety).
  • • In connection with business transfers (merger, acquisition, financing, sale of assets).

We disclose only what is reasonably necessary for the purposes described in this policy.

5) Cookies & similar technologies

We use cookies and similar technologies to keep you logged in, remember preferences, secure sessions, and measure performance and usage.

Where required by law, we provide cookie choices and honor relevant opt-out signals.

6) Your privacy rights

Depending on where you live and how you interact with the Services, you may have rights to access, correct, delete, obtain a copy of your information, and object to or restrict certain processing. You may also have the right to opt out of certain types of sharing (where applicable).

How to exercise rights: Email us at support@enrollait.com . We may verify your identity (or your authority to act on behalf of an organization) before fulfilling a request.

Appeals: Where required by law, you can appeal a decision by contacting support@enrollait.com .

Tenant-controlled data

If a Tenant is the controller/business for your data (common for Tenant storefront purchases), we may route your request to the Tenant or help the Tenant fulfill it, as appropriate and permitted by law.

7) Data retention

We retain personal information only as long as reasonably necessary to provide the Services, maintain records for legitimate business purposes, comply with legal obligations, resolve disputes, and enforce agreements. Retention periods may vary depending on the type of data and why we hold it.

8) Security

We implement reasonable administrative, technical, and physical safeguards designed to protect information. No system is 100% secure; we cannot guarantee absolute security.

9) International users

If you access the Services from outside the United States, your information may be processed in the U.S. and other locations where our vendors operate. We take steps designed to ensure adequate protection consistent with applicable law.

10) Children’s privacy

The Services are not directed to children under 13. We do not knowingly collect personal information from children under 13. If you believe a child provided personal information, contact us to request deletion.

11) Email communications

We send transactional emails (e.g., purchase/enrollment confirmations, course access instructions, password setup/reset guidance). Transactional emails are necessary to deliver the Services. Where we send marketing emails (if any), you can opt out using the unsubscribe link.

12) Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The “Last updated” date reflects the most recent changes. Material updates may be posted in the Services or provided by other appropriate means.

13) Contact us

EMAIL
support@enrollait.com