မြန်မာ Log in Start free
🔒 Privacy

Privacy Policy

Your data is yours. Here's exactly what we collect, why, and how we keep it safe.

Last updated 10-Jun-2026

Effective date: 10-Jun-2026

1. Introduction

This Privacy Policy explains how mmlms ("mmlms", "we", "us" or "our") collects, uses, discloses and safeguards personal data when you use our learning management platform, websites, mobile applications and related services (together, the "Service"). It also describes your rights and how to exercise them.

We are committed to protecting personal data and to handling it lawfully, fairly and transparently. By accessing or using the Service, you acknowledge that you have read and understood this Policy. If you do not agree with it, please do not use the Service.

2. Our role & scope

mmlms is a multi-tenant platform, and our role depends on how you use it:

  • Where mmlms is the controller — for personal data we process about our website visitors, prospective customers, account administrators and billing contacts, mmlms determines the purposes and means of processing and is the data controller.
  • Where mmlms is the processor — when an organisation (a school, company or university — the "Customer") uses the Service, the Customer is the controller of the personal data within its workspace ("Customer Data"), and mmlms processes that data on the Customer's behalf and under its instructions. The Customer's own privacy notice governs that data, and you should direct requests about it to the Customer.

This Policy describes our practices in both roles. Where there is a conflict between this Policy and a written agreement with a Customer, that agreement governs the Customer Data it covers.

3. Information we collect

We collect the following categories of personal data:

  • Account & profile data — name, email address, phone number, password (stored only as a salted hash), role, job title, profile photo and the organisation you belong to.
  • Learning data — enrolments, course progress, attendance, quiz and assessment responses and scores, attestations, certificates and credentials earned.
  • Content you provide — lessons, questions, files, images, video and other materials you upload to a workspace.
  • Usage & device data — log-in events, IP address, browser and device type, operating system, pages viewed, actions taken, timestamps and approximate location derived from IP, collected to operate and secure the Service.
  • Billing data — for paying customers, billing contact, organisation details, plan, invoices and payment status. Card and bank details are handled by our payment processors; we do not store full payment card numbers.
  • Communications — messages, support requests and feedback you send us, and our correspondence with you.
  • Cookies & similar technologies — as described in section 6.

You are not required to provide all data, but some data is necessary to create an account or use core features. We do not intentionally collect special-category (sensitive) data and ask that you do not upload it unless strictly necessary and lawful.

4. How we use information

  • To create and manage accounts and authenticate users.
  • To provide, operate and maintain the Service — delivering courses, running assessments and issuing certificates.
  • To process payments, manage subscriptions and send billing communications.
  • To provide customer support and respond to your enquiries.
  • To secure the Service, prevent fraud and abuse, and maintain audit and activity logs.
  • To analyse and improve the Service, develop new features, and produce aggregated, de-identified statistics.
  • To send service, security and transactional messages, and — where permitted — relevant product updates (you can opt out of marketing at any time).
  • To comply with legal obligations and enforce our agreements.

We do not sell your personal data, and we do not use Customer Data to train AI models for unrelated purposes.

5. Legal bases for processing

Where data-protection law requires a legal basis, we rely on one or more of the following: (a) performance of a contract with you or your organisation; (b) our legitimate interests in operating, securing and improving the Service, balanced against your rights; (c) your consent, where requested (for example, certain cookies or marketing); and (d) compliance with a legal obligation. You may withdraw consent at any time without affecting prior processing.

6. Cookies & similar technologies

We use cookies and similar technologies to keep you signed in, remember preferences, maintain security, and understand how the Service is used. These include strictly necessary cookies (required to run the Service), functional cookies (preferences such as language and theme) and analytics cookies (aggregated usage). You can control non-essential cookies through your browser settings or any cookie controls we provide; disabling some cookies may affect functionality.

7. How we share information

We share personal data only as described here:

  • Service providers (processors) — trusted vendors that host infrastructure, deliver email and SMS, process payments, provide video streaming, and supply analytics or support tooling, each bound by contract to protect the data and use it only on our instructions.
  • Within your organisation — administrators, instructors and managers in your workspace may access learning data as needed to run training and reporting.
  • Legal & safety — where required by law, regulation, legal process or governmental request, or to protect the rights, property or safety of mmlms, our users or the public.
  • Business transfers — in connection with a merger, acquisition, financing or sale of assets, subject to this Policy.
  • With your direction or consent — for example, integrations you choose to enable.

8. International data transfers

We are based in Myanmar and serve customers across Southeast Asia and beyond. Personal data may be processed in, or accessible from, countries other than your own, including where our service providers operate. Where data is transferred across borders, we take steps to ensure it remains protected by appropriate safeguards and that the transfer is lawful.

9. Data retention

We retain personal data for as long as needed to provide the Service and for the purposes set out in this Policy, then delete or anonymise it. Customer Data is retained for the duration of the Customer's subscription and, after termination, made available for export for a reasonable period before deletion in line with our agreement. We may retain limited information longer where required to comply with legal, tax, accounting or security obligations, or to resolve disputes.

10. Security

We implement technical and organisational measures appropriate to the risk, including encryption in transit, hashed passwords, role-based access controls, tenant isolation, audit logging, monitoring and regular backups. No method of transmission or storage is completely secure; while we work continuously to protect your information, we cannot guarantee absolute security. If we become aware of a personal-data breach affecting you, we will notify the relevant parties as required by law.

11. Your rights & choices

Depending on your location, you may have the right to: access a copy of your personal data; correct inaccurate data; request deletion; restrict or object to certain processing; receive your data in a portable format; and withdraw consent. To exercise these rights, contact us using the details below. We will respond within the timeframe required by applicable law and may need to verify your identity.

Where your personal data is held within a Customer's workspace, mmlms acts as a processor — please direct your request to that organisation, and we will assist them as needed. You may also opt out of marketing emails using the unsubscribe link in any such message.

12. Children's privacy

The Service is intended to be administered by organisations and is not directed to children for direct sign-up. Where a school or institution uses mmlms to provide learning to students who are minors, it does so as the controller and is responsible for obtaining any parental or guardian consents required by law. We process such data only on the institution's instructions. If you believe a child has provided us personal data without appropriate authority, please contact us and we will take appropriate steps.

13. Changes to this Policy

We may update this Policy from time to time to reflect changes in our practices, technology or legal requirements. When we make material changes, we will update the "Effective date" above and, where appropriate, provide additional notice. Your continued use of the Service after the changes take effect constitutes acceptance of the revised Policy.

14. Contact us

If you have questions, concerns or requests regarding this Policy or your personal data, contact us at privacy@mmlms.com, or write to mmlms, Yangon, Myanmar. We will respond promptly and work in good faith to resolve any concern.

Rejoining the server...

Rejoin failed... trying again in seconds.

Failed to rejoin.
Please retry or reload the page.

The session has been paused by the server.

Failed to resume the session.
Please retry or reload the page.