Legal
Privacy Policy
Last updated: 28 March 2026
1. Who We Are
Blumonc Training is a brand operated by Viaabl Infolabs LLP, a limited liability partnership registered in India under the Limited Liability Partnership Act, 2008. In this policy, "we", "us", and "our" refer to Viaabl Infolabs LLP trading as Blumonc Training.
We are the data controller for personal data collected through this website (learn.blumonc.com) and our training services. For data protection queries, contact us at privacy@blumonc.com.
2. Data We Collect
We collect the following categories of personal data:
- Account data: name, email address, password (hashed), job title, company name.
- Booking data: course selections, payment status, booking reference numbers.
- Payment data: billing address. Card details are processed directly by Stripe or PayPal and are never stored on our servers.
- Learning data: course progress, assessment scores, attendance records, CPD hours earned.
- Communications: messages sent to us via contact forms, email, or support channels.
- Technical data: IP address, browser type, device identifiers, cookies (see our Cookie Policy).
- Employer/referral data: if your employer books training on your behalf, we receive the data they provide about you.
3. How We Use Your Data
| Purpose | Lawful Basis |
|---|---|
| Deliver booked courses and issue certificates | Contract performance |
| Process payments via Stripe/PayPal | Contract performance |
| Send course confirmation and reminder emails | Contract performance |
| Provide post-course support | Contract performance |
| Share learning progress with your assigned trainer | Contract performance / Legitimate interest |
| Send marketing emails about similar courses | Consent (opt-in) |
| Improve our platform and course content | Legitimate interest |
| Comply with legal and tax obligations | Legal obligation |
| Detect and prevent fraud or abuse | Legitimate interest |
4. Sharing Your Data with Trainers
When you book a course or a 1:1 session, your name, email, job title, and learning progress are shared with the assigned trainer so they can prepare and personalise your training experience. Trainers are bound by confidentiality obligations and may not use your data for any purpose other than delivering the course you have booked.
For corporate bookings, we may also share attendance and progress reports with the employer or training manager who arranged the booking on your behalf.
5. Third-Party Processors
We share data with the following trusted processors who act under data processing agreements:
- Stripe Inc. - payment processing (card data never reaches our servers)
- PayPal Holdings, Inc. - alternative payment processing
- Zoom Video Communications, Inc. - live online session delivery
- Vercel Inc. - website hosting and infrastructure
- Google LLC - analytics (anonymised) and email delivery
We do not sell your personal data to third parties.
6. International Transfers
Some of our third-party processors (including Stripe, PayPal, Zoom, and Vercel) process data outside India. Where this occurs, we ensure appropriate safeguards are in place in accordance with the Digital Personal Data Protection Act, 2023 (DPDPA) and any rules or regulations issued thereunder.
7. Retention
- Account and booking data: retained for 8 years after your last activity to comply with Indian tax and financial record-keeping obligations.
- Certificate records: retained indefinitely to support future verification requests.
- Marketing consent records: retained while your account is active and for 3 years after.
- Technical/log data: deleted after 90 days.
8. Your Rights Under the DPDPA
You have the following rights regarding your personal data:
- Right of access - request a copy of the data we hold about you.
- Right to rectification - ask us to correct inaccurate data.
- Right to erasure - request deletion of your data (subject to legal obligations).
- Right to restrict processing - ask us to pause processing in certain circumstances.
- Right to data portability - receive your data in a structured, machine-readable format.
- Right to object - object to processing based on legitimate interest or for direct marketing.
- Right to withdraw consent - withdraw marketing consent at any time via the unsubscribe link in any email.
To exercise any of these rights, email privacy@blumonc.com. We will respond within 30 days. You also have the right to lodge a complaint with the Data Protection Board of India once it is established under the DPDPA, 2023.
9. Security
We apply appropriate technical and organisational measures to protect your data, including TLS encryption in transit, hashed passwords, access controls, and regular security reviews. No online system is 100% secure; in the event of a data breach we will notify affected individuals and the Data Protection Board of India as required by law.
10. Children
Our services are directed at professionals aged 18 and over. We do not knowingly collect personal data from anyone under 18. If you believe a child has provided us with personal data, please contact us immediately.
11. Changes to This Policy
We may update this policy from time to time. Material changes will be notified by email or a prominent notice on the website. Continued use of our services after the effective date constitutes acceptance of the updated policy.
Contact: Viaabl Infolabs LLP · Blumonc Training · privacy@blumonc.com · Indore, Madhya Pradesh, India