Humaloom Inc. ("we," "us," "our," or "Company") is committed to protecting your privacy. This Privacy Policy describes how and why we might access, collect, store, use, and/or share ("process") your personal information when you use our services ("Services"), including when you:
Scope: Our Services are currently intended for business customers in the United States. We do not intentionally market or offer the Services to individuals in the European Economic Area, United Kingdom, or Switzerland.
Questions or concerns? Reading this Privacy Policy will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you have any remaining questions or concerns, please contact us at contact@humaloom.ai.
We collect personal information that you voluntarily provide to us when you express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us. The personal information we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use.
We collect the following categories of personal information:
| Category | Examples |
|---|---|
| Contact Information | First and last name, email address, phone number, company name, job title, mailing address |
| Account and Profile Information | Username, password (encrypted), account preferences, profile information, communication preferences |
| Usage and Analytics Data | Pages or features you access, time spent on pages, clicks, interactions with content, search queries, referral source, device type, operating system, browser type, IP address |
| Learning and Performance Data | Responses to assessments and scenarios, performance evaluations, learning progress, completion status, quiz and test results, training engagement metrics |
| Communications and Support Data | Messages you send us, support tickets, feedback, survey responses, testimonials, chat interactions within the platform |
| Payment and Billing Information | Billing address, payment method type (credit card details are processed by third-party payment processors and not stored by us) |
We do not intentionally collect or request sensitive personal information such as social security numbers, financial account information, government identification numbers, health information, or biometric data. We ask that you do not submit this type of information through our Services. However, some learning content may reference sensitive topics for training purposes. If you do submit sensitive information, you do so at your own risk, and we are not responsible for any consequences resulting from such submission.
When you visit our website and use our Services, we automatically collect certain information about your device and your interaction with our Services, including:
We may receive personal information about you from third parties, including:
We collect information in the following ways:
We process your personal information for a variety of reasons, depending on how you interact with our Services:
Artificial intelligence is integrated throughout the Humaloom platform and powers core learning experiences. Our AI systems process your information for purposes such as:
Our AI processes your learning data (responses, assessments, progress), profile information, and content you provide within the platform. We do not use this information to train, retrain, or fine-tune foundation models or any generative AI models.
We may use third-party AI providers to deliver these features. We contractually prohibit them from using your personal information to train their public models. We do not use your personal information to train publicly available AI models or foundation models.
Humaloom's AI-generated evaluations and assessments are designed for learning and development purposes only. Humaloom does not use AI to make binding legal, employment, hiring, promotion, or credit decisions. Customer is responsible for ensuring that any use of AI-generated evaluations in employment-related decisions complies with applicable employment laws, including requirements for human review and approval of any such decisions.
Cookies are small files that are placed on your device when you visit a website. We use cookies and similar technologies (such as web beacons and pixels) to enhance your experience and analyze usage within our own Services.
| Cookie Type | Purpose |
|---|---|
| Essential Cookies | Required for basic website functionality, security, and user authentication. These cannot be disabled without affecting site functionality. |
| Analytics Cookies | Help us understand how visitors interact with our website, including which pages are visited, how long users stay on pages, and what actions they take. This helps us improve our Services. We use first-party analytics only and do not share data with third-party analytics providers. |
| Preference Cookies | Remember your preferences and choices (such as language or display settings) to personalize your experience. |
We use only first-party analytics and cookies to understand how our Services are used. We do not use third-party analytics providers, advertising networks, or cross-site tracking technologies. Your data is not shared with external analytics or advertising companies, and we do not track you across different websites or platforms.
You have the following options to control cookies:
We do not sell your personal information. However, we do share personal information with trusted third-party service providers who assist us in operating our website and conducting our business.
We may share your personal information with the following categories of service providers:
| Category | Examples of Service Providers | Purpose |
|---|---|---|
| Email Service Providers | Mailchimp, SendGrid, or similar platforms | To send emails on our behalf, including newsletters, marketing communications, and transactional emails |
| Customer Relationship Management (CRM) Tools | HubSpot, Salesforce, or similar platforms | To manage our communications with you, track interactions, and improve customer service |
| AI Service Providers | Third-party AI API providers | To deliver AI-powered features. We prohibit them from using your data for training public models. |
| Payment Processors | Stripe, PayPal, or similar payment processors | To process payments and manage billing (payment card details are not stored by us) |
| Hosting and Cloud Service Providers | AWS, Google Cloud, Microsoft Azure, or similar providers | To host our website and Services and maintain data security |
All third-party service providers with whom we share personal information are contractually obligated to keep your information confidential and use it only for the purposes we specify. We ensure that service providers comply with appropriate data protection measures and standards.
We may disclose your personal information if required by law, legal process (such as a court order or subpoena), government request, or if we believe in good faith that such disclosure is necessary to:
If Humaloom is involved in a merger, acquisition, bankruptcy, or other business transaction or reorganization, your personal information may be shared as part of that transaction. We will provide notice before your personal information becomes subject to a different privacy policy.
We may share aggregated or de-identified information that cannot reasonably be used to identify you with third parties for research, marketing, analytics, and other purposes without restriction.
As a B2B SaaS platform, Humaloom plays different roles depending on the context:
For customers who need enhanced data protection commitments for data they upload to our platform, we maintain a separate Data Processing Addendum (DPA) that outlines our obligations as a data processor, security measures, and data handling practices. Please contact us at contact@humaloom.ai to request a copy.
Humaloom is a business-to-business platform. Customers using Humaloom provide access to authorized users (such as employees, contractors, or team members).
If you access Humaloom through a Customer's workplace account:
You should not expect privacy in work-related use of the platform. The Customer controls access to and use of your workplace data.
You retain rights under federal labor law (NLRA Section 7) to discuss wages, hours, and working conditions with coworkers. For questions about how the Customer uses your data, contact your Customer's administrator.
We retain your personal information only for as long as it is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting, legal, or regulatory requirements).
| Data Category | Retention Period | Reason |
|---|---|---|
| Account and Billing Information | Retained while account is active, plus 7 years after closure | Required for account management, financial/tax obligations, and dispute resolution |
| Learning and Performance Data | Retained while account is active; data may be retained for 1-3 years after account closure for historical tracking and analytics | For ongoing learning management, progress tracking, and improving AI recommendations; older data may be aggregated or anonymized |
| Usage and Analytics Data | Typically 12-24 months | For product analytics, trend analysis, AI model improvement, and security monitoring; older data is aggregated or deleted |
| Support Communications | Retained for 3 years after the last interaction | To monitor support quality, resolve recurring issues, and comply with service level obligations |
| Marketing Communications | Until unsubscribe or 5 years of inactivity | To deliver relevant marketing content; deleted upon opt-out or extended inactivity |
| Cookies and Tracking Data | Varies by cookie type; typically 1-24 months | For analytics and site functionality |
| Legal/Compliance Records | As required by applicable law (typically 3-7 years) | To comply with legal and regulatory obligations |
Learning and performance data may be retained for longer periods to continuously improve our Services, including AI-powered features and prompt engineering. However, such data will be aggregated, anonymized, or de-identified whenever possible. Any personally identifiable information is removed or separated from aggregated data used for service improvement.
When we have no ongoing legitimate business need to process your personal information, we will either:
Regardless of your location, you have the following rights regarding your personal information:
If you are a California resident, you have the following additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):
To exercise any of the rights listed above, please submit a request through one of the following methods:
When you submit a rights request, we will verify your identity to ensure that we are responding to a legitimate request. We may request additional information to confirm your identity. We will respond to verified requests within the timeframes required by applicable law, typically within 30-45 days. If we cannot fulfill your request, we will explain the reason in our response.
You have the right to opt out of receiving marketing emails from us at any time. Humaloom respects CAN-SPAM requirements and ensures that all marketing emails include clear opt-out mechanisms.
You can unsubscribe from marketing emails by:
When you unsubscribe, we will remove you from our marketing email list within 10 business days, in compliance with CAN-SPAM regulations. Please note that even after unsubscribing from marketing emails, we may still send you:
If you have an account with us, you may be able to adjust your communication preferences by logging into your account settings. Please check your account for additional preference options.
We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. Our security practices include:
Despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. We cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information.
Transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment. If you have concerns about the security of your personal information, please contact us immediately at contact@humaloom.ai.
In the event of a confirmed data breach involving your personal information, we will notify affected individuals and any relevant authorities as required by applicable law, without undue delay.
Our website and Services may contain links to third-party websites, applications, and resources that are not operated by Humaloom. These links are provided for your convenience and reference only. We are not responsible for the privacy practices, content, or security of these external sites. We encourage you to review the privacy policies and terms of use of any third-party website before providing any personal information or using their services. Your use of third-party websites is at your own risk and subject to their terms and privacy policies, not this Privacy Policy.
Our Services are intended for use by business professionals and adults. The Services are not directed to children under 18 years of age, and we do not knowingly collect personal information from children.
In compliance with the Children's Online Privacy Protection Act (COPPA), we do not knowingly collect, solicit data from, or market to children under 13 years of age. By using the Services, you represent that you are at least 18 years of age or that you are the parent or guardian of a minor between 13 and 18 and consent to such minor's use of the Services.
If we learn that personal information from users less than 18 years of age has been collected, we will:
If you become aware of any data we may have collected from children under age 18, please contact us immediately at contact@humaloom.ai.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the "Last Updated" date at the top of this policy.
If we make material changes to this Privacy Policy—particularly changes that affect your rights or how we use your personal information—we will:
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal information. Your continued use of our Services following the posting of a revised Privacy Policy means you accept and agree to the changes.
If you have any questions, comments, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us using the following method:
We will respond to inquiries, privacy rights requests, and concerns within a reasonable timeframe, typically within 7-10 business days for general inquiries and 30-45 days for formal privacy rights requests (as required by applicable law).
Acknowledgment: By accessing and using Humaloom's website and Services, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and use of your personal information as described above.
© 2026 Humaloom Inc. All rights reserved.