Last Updated on January 1, 2026
Scope
We may collect personal information from you when you visit our website, register for an account, or interact with our services. This information may include your name, email address, contact details, and any other information you voluntarily provide to us.
It does not govern how customers independently process personal data within their own WebbLMS environments.
Our Role (Controller vs Processor)
For website visitors, prospects, and account holders, WebbLMS acts as a data controller.
For learner, instructor, and end-user data stored within customer LMS instances, WebbLMS acts solely as a data processor on behalf of the customer.
Customers determine the purposes and means of processing learner and user data within their LMS.
Personal Information We Collect
3.1 Information You Provide
We may collect:
Name, email address, and contact details
Organisation name and role
Account and administrator credentials
Support communications
3.2 Automatically Collected Information
We may collect limited technical data such as:
IP address, browser type, and device information
Log and usage data for security and reliability
Cookie and analytics data (see Section 12)
3.3 Billing Information
All payments and billing data are processed by Paddle, our Merchant of Record. WebbLMS does not store payment card information.
How We Use Personal Information
We use personal information to:
Provide, operate, and support the Services
Provision and manage LMS instances
Process subscriptions and renewals via Paddle
Communicate service notices and support responses
Maintain platform security and prevent misuse
Comply with legal obligations
We do not sell personal data or use it for targeted advertising.
Legal Bases for Processing (GDPR)
Where GDPR applies, we process personal data based on:
Performance of a contract
Legitimate interests (platform security, support, service improvement)
Legal obligations
Consent, where required
Customer LMS Data
Personal data stored within a customer’s WebbLMS instance (including learner records, assessments, logs, and content):
Is controlled and owned by the customer
Is processed by WebbLMS solely to provide the Services
Is logically isolated per customer environment
Customers are responsible for:
Providing notices and obtaining consent from users
Defining retention and deletion policies
Responding to data subject requests related to LMS data
Data Storage and Security
WebbLMS uses industry-standard technical and organisational measures to protect personal data, including:
Dedicated or isolated infrastructure per customer
Encrypted data in transit
Access controls and audit logging
Regular patching and monitoring
No system can be guaranteed to be completely secure.
Data Retention
We retain personal information only for as long as necessary to:
Provide the Services
Meet legal, accounting, or compliance requirements
Resolve disputes and enforce agreements
Customer LMS data may be deleted after account termination, subject to reasonable retention periods unless otherwise agreed.
Sharing and Disclosure
We may share personal information with:
Service providers (hosting, monitoring, support) under contractual confidentiality obligations
Paddle, for billing and subscription management
Authorities, where required by law
We do not share personal data for advertising purposes.
International Data Transfers
WebbLMS operates globally and may process data in multiple jurisdictions, including the United States and European Union.
Where required, international transfers are safeguarded through appropriate mechanisms such as standard contractual clauses or equivalent protections.
Your Rights
11.1 EU / UK (GDPR)
You may have the right to:
Access your personal data
Correct or delete your data
Restrict or object to processing
Request data portability
Lodge a complaint with a supervisory authority
11.2 United States
Depending on your state of residence, you may have rights to:
Know what personal data we collect
Request deletion or correction
Opt out of certain processing activities
Requests can be made using the contact details below.
Cookies and Analytics
The WebbLMS website uses cookies and similar technologies to:
Enable core website functionality
Measure aggregate usage and performance
We do not use cookies for cross-site behavioural advertising.
Children’s Data
WebbLMS does not knowingly collect personal data directly from children through its website.
Within customer LMS environments, customers are responsible for ensuring compliance with applicable child data protection laws (including COPPA, GDPR-K, or equivalent).
Changes to This Policy
We may update this Privacy Policy periodically. Updates will be posted on our website with a revised effective date.
Continued use of the Services constitutes acceptance of the updated policy.
Contact Us
WebbWorx (Pty) Ltd
Cape Town, South Africa
📧 hello@webblms.com
