SCORM Hub
← Back

Privacy Policy

Last updated: March 31, 2026

1. Overview

SCORM Hub ("we", "our", or "us") is a SCORM training delivery and tracking application that connects to your CRM platform. This Privacy Policy explains how we collect, use, and protect information when agency administrators and their learners use our service.

2. Information We Collect

From Agency Administrators

  • CRM platform location ID and OAuth tokens (required to connect your account)
  • Organization name and branding preferences
  • SCORM Cloud API credentials (stored securely in our database)
  • Uploaded SCORM course packages (temporarily stored during import, then hosted by SCORM Cloud)

From Learners

  • First name, last name, and email address (used to create a SCORM registration)
  • Course progress data: completion status, score, time spent, quiz responses
  • Access timestamps: first access, last access, completion date
  • CRM contact ID (used to sync results back to your CRM)

3. How We Use Information

  • To deliver SCORM courses and track learner progress
  • To sync completion status, scores, and tags back to CRM contacts
  • To generate completion certificates
  • To provide reporting and analytics to agency administrators
  • To send optional enrollment notifications (email/SMS) when configured by the administrator

4. Data Sharing

We share data only with the services required to operate SCORM Hub:

  • SCORM Cloud (Rustici Software) — hosts and delivers SCORM courses, receives learner registration and progress data under your agency's SCORM Cloud account.
  • Your CRM platform — receives completion status, scores, and tags as configured by your agency.
  • Supabase — provides our PostgreSQL database and file storage infrastructure.

We do not sell, rent, or share learner data with third parties for marketing purposes.

5. Data Retention

Learner data is retained as long as the agency account is active. Agency administrators may delete individual registrations or courses from within the application. Upon account termination, all associated data is removed from our systems within 30 days.

6. Security

We use industry-standard security practices including encrypted connections (HTTPS/TLS), secure session tokens, and access controls. API credentials and tokens are stored in encrypted form. We do not store payment card information.

7. Learner Rights

Learners whose data is held by an agency using SCORM Hub may contact the agency administrator to request access to, correction of, or deletion of their training records. Agency administrators can delete learner registrations directly within the application.

8. Cookies & Sessions

We use a single session cookie to maintain your authenticated session within the application. This cookie is required for the application to function and contains an encrypted session token — no tracking or advertising data is stored in cookies.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Continued use of the service after any changes constitutes acceptance of the updated policy.

10. Contact

For privacy-related questions or data requests, please contact us at: support@scormhub.app

Terms of ServiceHome