monthly Newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
We won’t share your data with third parties. Ever.
AI Summary
If you are a customer of Lyearn or a visitor to the Lyearn website, then this Privacy Policy applies to your use of such a Website and/or product Services.
Note: A customer of Lyearn is not to be misunderstood as an individual user engaging on the platform. The customer here refers to a "company"
If you are a visitor to or user of a third-party Website or Service ("Third-Party Property") that utilizes any extended Services of Lyearn, then any information you submit to such Third-Party Property (including via the Lyearn product) is collected under the privacy policy of the owner of such Third-Party Property, and you should contact such owner with any related requests or inquiries you may have. If you have any inquiries about this Privacy Policy, please email our Data Protection Officer (DPO) at compliance@lyearn.com
Across the Privacy Policy, terms like "Lyearn," "Us" and "We" might be repeated and refer to Lyearn, Inc. and its affiliates, if any. The "Website(s)" means Lyearn’s Website (including without limitation [www.lyearn.com](https://www.lyearn.com/) and any successor URLS, mobile or localized versions and related domains and subdomains), and the "Service(s)" means Lyearn’s product services, in each case, in whatever format they may be offered now or in the future. The Websites and Services are collectively referred to herein as the "Offerings."
A. Information Related to Your Interaction with Lyearn and the Offerings and communicating the Offerings.
Registration and Contact Information:
We collect information about you when you (a) register to use the Services and (b) otherwise provide contact information to us via email, mail, or through our Offerings. This information you provide may include your username, first and last name, email address, mailing address or phone number.
Payment Information:
When you purchase the Services, we will also collect transaction information (on a customer basis, not individual user), which may include the credit card information, billing and mailing address, and other payment-related information ("[Payment Information](https://www.lyearn.com/#/privacy-policy/1.4)"). We describe how Payment Information may be collected and processed in Section 4.
Technical, Usage and Location Information:
We collect information on how you interact with the Offerings, such as the IP address from which you access the Offerings, date and time, information about your browser, operating system and computer or device, pages viewed and items clicked with the help of a third party service named "[Amplitude](https://www.amplitude.com/)". We also use cookies to collect some of this information. However, we ensure that any data is not collected, stored, or shared data regarding a particular user’s activity (including IP) across multiple websites, or applications that are not owned by Lyearn. For more information, please see Lyearn’s [Cookie Policy](https://www.lyearn.com/#/privacy-policy/2).
Third Party Platforms:
We do not collect any information when you interact with content on third-party sites or platforms, such as social networking sites.
Legal Basis:
Our Legitimate Interest. Lyearn product works together to help companies engage their employees under the sales, marketing, and support banners to learn and enhance their skills in dealing with customers. We consider your privacy and data protection rights when we pursue our legitimate interests and ensure that the way our Offerings work don't impact on those rights. For website visitors Lyearn will store this data until the individual opts out or when they have not engaged with Lyearn in 24 months..
Other Information:
We may collect other information from you that is not specifically listed here. We may use any such information in accordance with this Privacy Policy or as otherwise permitted by you.
Technical, Usage and Location Information: We collect information on how you interact with the Offerings, such as the IP address from which you access the Offerings, date and time, information about your browser, operating system and computer or device, pages viewed and items clicked with the help of a third party service named "[Amplitude](https://www.amplitude.com/)". We also use cookies to collect some of this information. However, we ensure that any data is not collected, stored, or shared data regarding a particular user’s activity (including IP) across multiple websites, or applications that are not owned by Lyearn. For more information, please see Lyearn’s [Cookie Policy](https://www.lyearn.com/#/privacy-policy/2).
B. Customer Data
You may submit various types of information and data into the Services for hosting and processing purposes ("Customer Data"). Customer Data may include, without limitation, billing information, personal information such as names, email addresses, phone numbers, location and photos of your end user customers, potential customers and other users of and visitors to your websites, apps and other properties (e.g. Teammates' details ("People"), which information may be input into the Services by you or collected by the Services using Lyearn tags, scripts and other code implemented on such properties.
We will only use, disclose and otherwise process Customer Data for the purposes set forth in your agreement with us for the provisioning of the Services ("Customer Agreement"). The Services use third-party services provided by "Amplitude" to capture your website interactions for usage tracking and to help us in debugging errors (leading to a better user experience) which go as an input into the Services. Amplitude uses People’s information as described in its privacy policy, available at [https://amplitude.com/privacy](https://amplitude.com/privacy). Customers can review and sign our Data Processing Agreement as an addendum to our Terms and Conditions.
Legal Basis:
We process and store Customer Data to perform our Customer Agreement with you. Without this information, we wouldn't be able to provide our Offerings to you. We also process Customer Data to pursue our legitimate interests by ensuring the smooth running of your Customer Agreement and to help our customers engage their employees under the sales, marketing, and support banners to learn and enhance their skills in dealing with their respective external clientele. We consider your privacy and data protection rights when we pursue our legitimate interests and ensure that the way Offerings work don't impact on those rights.
We use your information in the following ways:
To provide, maintain and improve the Offerings and our products and services, including to operate certain features and functionality of the Offerings;
- To process your inquiries and otherwise deliver customer service;
- To process your payments, we share and use Payment Information as described in Section 4 (Payment Information);
- To control unauthorized use or abuse of the Offerings and our other products and services, or otherwise detect, investigate or prevent activities that may violate our policies or be illegal;
- To analyze trends, administer or optimize the Offerings, monitor usage or traffic patterns (including to track users’ movements around the Offerings) and gather demographic information about our user base as a whole;
- In the manner described to you at the time of collection or as otherwise described in this Privacy Policy.
We do not sell, trade, share or transfer your personal information to third parties except in the following limited circumstances:-
-We may share your personal information with third-party service providers to permit such parties to provide services that help us with our business activities, which may include assisting us with maintaining and improving the features and functionality of the Offerings by user-platform engagement tracking, among other things. For example, we may provide personal information to our service providers "[Sendgrid](https://sendgrid.com/)" for emailing of our product related notifications. The data shared can include name, email address, company information. All third parties are engaged under contract and obliged to meet appropriate security requirements and comply with all applicable legislation;
- We may share your personal information when we have a good faith belief that access, use, preservation or disclosure of such information is reasonably necessary to (a) satisfy any applicable law, regulation, legal process or enforceable governmental request, (b) enforce a Customer Agreement, including investigation of potential violations thereof, or (c) protect against imminent harm to our rights, property or safety, or that of our users or the public as required or permitted by law;
- We may share your personal information with third parties (including our service providers and government entities) to detect, prevent, or otherwise address fraud or security or technical issues;
- We may share your Payment Information to process your payments, as further described in Section 4 (Payment Information);
- We may share and/or transfer your personal information if we become involved in a merger, acquisition, bankruptcy, or any form of sale of some or all of our assets; and
- We may share your personal information with a third party if we have your consent to do so.
We may also share aggregated or anonymized information with third parties for other purposes. Such information does not identify you individually, but may include usage, viewing and technical information such as the types of Offerings our customers and users generally use, the configuration of their computers, and performance metrics related to the use of Offerings which we collected through our technology. If we are required under applicable law to treat such information as personal information, then we will only disclose it as described above. Otherwise we may disclose such information for any reason.
When you make a purchase on the Offerings, any credit card information you provide as part of your Payment Information is collected and processed directly by our payment processor Stripe through their Stripe Checkout service. We never receive or store your full credit card information. Stripe commits to complying with the Payment Card Industry Data Security Standard (PCI-DSS) and Strong Customer Authentication (SCA) using industry standard security. Stripe may use your Payment Information in accordance with their own Privacy Policy here: [https://stripe.com/us/checkout/legal](https://stripe.com/us/checkout/legal).
The Offerings may also contain links to third party websites. This Privacy Policy applies solely to information collected by us. Even if the third party is affiliated with us through a business partnership or otherwise, we are not responsible for the privacy practices of such third party. We encourage you to familiarize yourself with the privacy policies of such third parties to determine how they handle any information they separately collect from you. Please be aware that we do not warn you when you choose to click through to another website when using the Offerings.
The Websites contain features that enable you to post reviews, comments or other content that is publicly viewable. You should be aware that any personal information you submit as part of those posts can be read, collected, or used by other visitors to the Websites, and could be used to send you unsolicited messages. We are not responsible for the personal information you choose to publicly post on the Websites. Please see our [Website Terms of Use](https://www.lyearn.com/#/privacy-policy/5) for more information and for other guidelines about posting content on the Websites.
Opt-Outs. We may provide you with the opportunity to "opt-out" of having your personal information used for certain purposes when we ask for this information. If you decide to opt-out, we may not be able to provide certain features of the Offerings to you.
Blocking Cookies. You can remove or block certain cookies using the settings in your browser but the Offerings may cease to function properly if you do so. For more information, please see Lyearn’s [Cookie Policy](https://www.lyearn.com/#/privacy-policy/2).
How We Respond to Do Not Track Signals. Your Web browser may have a "do not track" setting which, when enabled, causes your browser to send a do not track HTTP header file or "signal"...
This section describes how Lyearn ("we," "our," or "us") accesses, uses, stores, and protects data obtained through Google Workspace APIs when you connect your Google account to Lyearn. This section is supplemental to our main Privacy Policy and applies specifically to data accessed via Google Workspace integrations.
1. Overview
Lyearn is a workplace learning, performance, and coaching platform. To deliver core product functionality, Lyearn integrates with Google Workspace services including Gmail, Google Calendar, Google Meet, and Google Admin Directory. Access to these services is granted by you (or your organization's Google Workspace administrator) through Google's OAuth 2.0 consent flow. You can revoke this access at any
time.
2. Compliance with Google API Services User Data Policy
Lyearn's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We do not use Google user data for advertising, do not sell Google user data, and do not transfer Google user data to third parties except as necessary to provide or improve user-facing features that are visible and prominent within the Lyearn application, to comply with applicable law, or as part of a merger, acquisition, or sale of assets with explicit prior user consent.
3. Google Scopes Requested and Their PurposeLyearn requests only the scopes necessary to deliver specific user-facing features. The following tabledescribes each scope, why we request it, and how the data is used.
3.1 Gmail (https://www.googleapis.com/auth/gmail.readonly)
Why we request it: To derive activity signals that power productivity insights and coaching recommendations shown to the user and their authorized manager within Lyearn.
What we access: Email metadata (sender, recipient, timestamp, labels), subject lines, and attachment presence indicators. We access email bodies only to the extent required to extract structured activity signals (e.g., references to deal names, accounts, or projects).
How we use it:
• Generate activity scores and trends (e.g., email frequency per deal, response cadence).
• Surface coaching recommendations and "next best action" suggestions in the Lyearn UI.
• Attribute communication activity to specific accounts, deals, or learning objectives.
What we store:• Derived structured signals (e.g., "5 emails to Account X this week," extracted entity tags, activity timestamps, scores).
• We do not persist raw email bodies, subject lines, or attachments in long-term storage. Email content is processed transiently and discarded after signal extraction.
• We do not index, search, archive, or display raw email content within Lyearn.
What we do not do:• We do not read, store, or analyze emails outside the scope of generating user-visible insights.
• We do not share email data with third parties.
• We do not use email content to train generalized AI or machine learning models.
• We do not export or back up email data.
3.2 Google Calendar (https://www.googleapis.com/auth/calendar.events.readonly)
Why we request it:To check availability, display upcoming learning sessions, and schedule training eventswithin the Lyearn platform.
What we access: Read-only access to calendar events on calendars you authorize.
How we use it:
• Show your upcoming learning sessions and meetings inside Lyearn.
• Check availability when scheduling sessions through the platform.
• Correlate calendar activity with productivity insights (e.g., meeting frequency per deal).
What we do not do:We do not modify, delete, or create calendar events using this scope. We do not access calendars you have not authorized.
What we store:Event metadata required to render the user-facing experience (event title, start/end time,participants, associated meeting links). Stored encrypted at rest.
3.3 Google Meet (meetings.space.created, meetings.space.readonly, meetings.space.settings)
Why we request it:To create Google Meet rooms for learning sessions scheduled through Lyearn, retrieve post-meeting conference details (such as start/end time and transcript availability), and render recorded sessions and transcripts within the Lyearn platform for asynchronous learner access.
What we access:• Conference details for Meet sessions created through Lyearn.
• Post-meeting artifacts including start/end timestamps and transcript availability.
• Meet space settings for sessions Lyearn creates.
How we use it:• Create Meet rooms when a user schedules a learning session.
• Render recorded sessions and transcripts inside Lyearn so learners who missed live sessions can review them.
• Display session metadata (duration, participants) for reporting.
What we store:Conference metadata, transcript content, and links to recorded sessions, encrypted at rest. Access to recorded content is restricted to authorized members of the learning cohort.
Why we request them:To mirror your organization's users, groups, and organizational structure into Lyearn so that role-based access control, team hierarchies, and reporting structures function correctly
3.4 Google Admin Directory (read-only scopes)The following read-only scopes are accessed only by Workspace administrators during initial Lyearn setup and during periodic synchronization:
• admin.directory.user.readonly
• admin.directory.group.readonly
• admin.directory.group.member.readonly
• admin.directory.orgunit.readonly
• admin.directory.userschema.readonly
Why we request them:To mirror your organization's users, groups, and organizational structure into Lyearn so that role-based access control, team hierarchies, and reporting structures function correctly.
What we access:Read-only metadata about users, groups, group memberships, organizational units, and user schemas within your Google Workspace domain.
How we use it:• Provision Lyearn user accounts that mirror your Workspace directory.
• Apply role-based access controls based on Workspace groups and org units.
• Generate reports that reflect your organizational hierarchy.
What we store:Directory metadata required to maintain user provisioning and role assignments, encrypted at rest. Sync frequency is configurable by the administrator.
What we do not do:We do not modify directory data. We do not access directory data of organizations that have not authorized Lyearn.
3.5 Basic Profile (userinfo.email, userinfo.profile)
Why we request them:To identify the authenticated user, display their name and profile picture within Lyearn, and contact them about their account.
What we access:Your Google Account email address and basic profile information (name, profile photo) that you have made publicly available.
What we store:Email address and profile information associated with your Lyearn account.
4. Data Storage and SecurityEmail address and profile information associated with your Lyearn account.
All data obtained through Google Workspace APIs is:
• Encrypted in transit using TLS 1.2 or higher.
• Encrypted at rest using industry-standard encryption (AES-256 or equivalent).
• Stored in access-controlled environments with role-based access restricted to authorized personnel.
• Logged and monitored for unauthorized access attempts.
• Retained only as long as necessary to provide the service or to comply with legal obligations.
Auth access tokens and refresh tokens are stored encrypted and are never exposed in client-side code, logs, or to third parties Lyearn maintains an information security program aligned with industry standards including OWASP ASVS and ISO/IEC 27001 principles. Our application undergoes annual third-party security assessments, including the Google Cloud Application Security Assessment (CASA), to maintain compliance with Google's security requirements for restricted scopes.
5. Third-Party Sub-Processors
Lyearn uses the following categories of sub-processors that may handle Google user data as part of
providing the service:
• Cloud infrastructure providers (for hosting and storage).
• AI/ML processing providers (for signal extraction from text content, where applicable). Where AI/ML services are used, we use enterprise-grade configurations that prohibit the use of customer data for training the provider's general models.
• Observability and security monitoring providers (configured to exclude sensitive content from logs).
A current list of sub-processors is available on request. We require all sub-processors to be bound by data protection terms at least as protective as those in our agreement with you.
6. User Control and Data Deletion
You can:
• Revoke Lyearn's access to your Google account at any time by visiting https://myaccount.google.com/permissions and removing Lyearn.
• Request deletion of data Lyearn has stored that was derived from your Google account by contacting support@lyearn.com. Upon verified request, we will delete derived data within 30 days, except where retention is required by law.
• Export your data in a machine-readable format on request.
• Disconnect specific integrations (Gmail, Calendar, Meet) independently through your Lyearn account settings.
Revoking OAuth access prevents Lyearn from accessing new data from your Google account but does not automatically delete data already derived and stored; use the deletion request process above to remove stored data.
7. AI/ML Use DisclosureLyearn uses machine learning models to extract structured signals from communication content (e.g., identifying entity references, classifying activity types). Where third-party AI/ML services are used to process Google user data:
• Data is sent only as needed to perform the extraction task.
• We use enterprise/zero-retention configurations where available, which prohibit the provider from retaining data or using it to train their general-purpose models.
• We do not use raw Google user data to train Lyearn's own generalized AI or machine learning models intended for use by other customers.
8. Changes to This PolicyWe may update this section as our integrations or practices change. Material changes will be communicated to administrators of connected workspaces and reflected on this page with an updated "Last updated" date. Continued use of the Google integrations after a material change constitutes acceptance of the updated policy.
• Email: privacy@lyearn.com
• Data Protection Officer: dpo@lyearn.com
• Mailing address: support@lyearn.com
To report a suspected security incident, email security@lyearn.com