Privacy Policy for Lumora Rise

This privacy policy explains how Lumora Rise (operating at mstarrise.pro) collects, uses, discloses and protects personal data in the context of our AI skills education platform. It applies to visitors, learners, customers and business contacts. We describe the types of information processed, lawful bases for processing, data sharing practices, retention periods and the rights available to individuals.

17-04-2026 Lumora Rise [email protected]

Definitions

For clarity, we define key terms used in this policy related to personal data and the services provided by Lumora Rise.

Personal data means any information relating to an identified or identifiable natural person, including name, contact details, account identifiers, profile information and learning records tied to an individual.
Processing refers to any operation performed on personal data, whether automated or manual, such as collection, storage, retrieval, use, disclosure, modification, deletion and transmission.
User refers to any individual who accesses or uses Lumora Rise services, including learners, course administrators, trainers and visitors to mstarrise.pro.
Service denotes the Lumora Rise online learning platform, associated mobile interfaces, customer portals, training events, instructional materials and support services delivered to users and customers.
Cookies are small data files placed on a device to store preferences, session information and identifiers. We also use similar technologies such as web beacons and local storage to support functionality and analytics.

Data We Collect

We collect personal data that is necessary to provide the service, operate our platform, communicate with users and meet legal obligations. Data sources include information provided directly by users, data collected automatically and information from third parties.

Data You Provide

When you register, enroll in courses, request support, or communicate with us, you may provide the following categories of information.

  • Account and identity details: name, email address, username, password and professional affiliation.
  • Profile and organization data: job title, employer, team, business ID (for corporate accounts) and role-related attributes used for course placement.
  • Billing and payment information: company billing address, billing contact, invoicing details and payment records collected through third-party processors.
  • Communications and support data: messages you send to our support or sales teams, feedback, surveys and correspondence.
  • Learning activity and assessment data: course enrollments, completion records, assessment responses, badges and certificates.
  • Content you submit: uploaded documents, code samples, prompts and materials contributed to coursework or collaborative exercises.

Data Collected Automatically

When you interact with our platform, we automatically collect information necessary to operate, secure and improve the service.

  • Usage and interaction data: pages visited, course navigation, session timestamps and feature usage metrics.
  • Device and technical information: device type, operating system, browser, screen resolution and unique device identifiers.
  • Network-related data: IP address, approximate geolocation inferred from IP, and network performance metrics.
  • Cookies and tracking identifiers set by us and third-party analytics providers.
  • Performance and error logs: application logs, crash reports and diagnostic data used to maintain and improve service reliability.
  • Aggregated or anonymized analytics that do not identify individuals for product development and usage analysis.

Data Received From Third Parties

We may receive personal data from authorized third parties to facilitate authentication, payments, analytics and content delivery.

  • Identity and authentication providers used for single sign-on or external account linking.
  • Payment processors and invoicing partners that provide billing confirmation and transaction details.
  • Analytics and infrastructure partners that provide aggregated performance and usage metrics.

How We Use Data

We process personal data for the purposes necessary to deliver, secure and improve our services, to fulfil contractual obligations and to meet legal requirements.

  • To provide and operate the learning platform, manage accounts, enrollments and course delivery.
  • To perform billing, invoicing and payment reconciliation for paid services and enterprise contracts.
  • To communicate with users about account activity, course updates, support requests and administrative matters.
  • To personalise learning pathways and recommend relevant courses or materials based on role and progress.
  • To analyse platform performance, learner progress and course effectiveness for ongoing improvement.
  • To maintain security, detect abuse or fraud, and protect platform integrity and user data.
  • To comply with legal obligations and respond to lawful requests from regulators or courts.
  • To facilitate mergers, acquisitions or business transfers where required, with appropriate safeguards for personal data.

Legal Bases for Processing

Where applicable, we rely on the following lawful bases to process personal data.

  • Contractual necessity: processing to perform obligations under a service agreement or to take steps requested by the user prior to entering a contract.
  • Consent: where we have requested and obtained explicit consent for specific processing activities such as marketing communications.
  • Legitimate interests: processing necessary for platform security, fraud prevention, analytics and business operations, balanced against individual rights.
  • Legal obligation: processing required to comply with applicable laws, tax or regulatory reporting duties.

Rights Under Applicable Data Protection Law

When applicable, individuals have rights under data protection laws such as the EU General Data Protection Regulation (GDPR). The rights below describe options available to data subjects.

  • Right of access: you may request a copy of personal data we hold about you and information about how we process it.
  • Right to rectification: you may request correction of inaccurate or incomplete personal data.
  • Right to erasure: in certain circumstances you may request deletion of your personal data where retention is not required by law.
  • Right to restriction of processing: you may request limited processing while a dispute about accuracy or lawfulness is resolved.
  • Right to object and to withdraw consent: you can object to certain processing activities and withdraw consent where processing depends on it.
  • Right to data portability: where technically feasible, you may request a machine-readable copy of data you provided for transmission to another provider.

Cookies and Similar Technologies

We use cookies and similar technologies to provide essential functionality, personalise experiences and measure performance. You can manage cookie preferences via your browser or the settings provided on our site.

Types of cookies we use include essential cookies required for service operation, preference cookies for interface customization, analytics cookies for usage measurement, and marketing cookies used to personalise communications.

Essential: enable core platform features. Performance/Analytics: aggregate usage data for improvement. Functional: remember user preferences. Advertising/Marketing: used by third parties to deliver relevant content.

Most browsers allow you to control cookies through settings to block or delete them. Disabling certain cookies may limit functionality. For granular control, use the cookie settings available on mstarrise.pro.

View our Cookie Policy

Data Sharing and Disclosure

We share personal data only as necessary to operate the platform, fulfil agreements, comply with the law and work with trusted partners under contractual safeguards.

  • Service providers and vendors who perform functions on our behalf such as hosting, payments, analytics and customer support.
  • Affiliated companies and partners that deliver joint training programs or content under contractual terms that protect personal data.
  • Professional advisors, auditors and legal counsel where disclosure is necessary for compliance or defence of legal claims.
  • Regulators, law enforcement or courts where we are required to disclose data to comply with legal obligations or to respond to lawful requests.
  • Prospective buyers or third parties in connection with a merger, sale of assets or corporate reorganization, subject to confidentiality and data protection safeguards.
  • Third parties receiving anonymized or aggregated data that cannot reasonably be used to identify an individual for research or product improvement.

International Data Transfers

Personal data may be transferred to jurisdictions outside Singapore to support cloud hosting, analytics and service delivery. When transfers occur, we apply appropriate safeguards such as contractual data transfer agreements, standard contractual clauses and selection of providers with recognised security standards.

We assess third-party processors and seek contractual commitments that require adequate protection of personal data. Where appropriate, transfers are governed by legally recognized safeguards or explicit consent from the individual.

Data Retention

We retain personal data for as long as necessary to provide services, meet contractual obligations, resolve disputes, comply with legal requirements and enable legitimate business operations.

Account information and profile data are retained for the duration of the active account and for a reasonable period thereafter to allow for reactivation and to meet recordkeeping obligations. For closed accounts we retain limited records as required by law and for fraud prevention.

Communications and support records are kept for operational and training purposes for a period aligned with business needs and legal requirements, typically up to several years depending on the nature of the record.

System logs and analytics are retained in aggregated or pseudonymised form for product improvement and security monitoring. Retention periods vary by log type but are limited to what is necessary for operational purposes.

When data is no longer required, we securely delete or irreversibly anonymize it. Requests for deletion are processed in line with applicable law and subject to exceptions for necessary retention.

Security Measures

Lumora Rise maintains technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure or destruction. We monitor systems, enforce access controls and work with vetted providers to maintain a secure environment.

  • Encryption of data in transit (TLS) and encryption at rest for sensitive records where appropriate.
  • Role-based access controls, multi-factor authentication for administrative access and periodic review of privileges.
  • Regular security assessments, vulnerability management, logging and incident response procedures to detect and address threats.

User Rights and Choices

You may exercise your rights by contacting us at the address below. We will respond to requests in accordance with applicable law and may require verification of identity before taking action.

  • Access: request confirmation of processing and a copy of personal data we maintain about you.
  • Correction: request updates or corrections to inaccurate or incomplete information.
  • Deletion: request removal of personal data where retention is not required by law or contract.
  • Restriction and objection: request limits on processing or object to processing based on legitimate interests, subject to review.
  • Portability: request a machine-readable export of data you provided for transmission to another provider when technically feasible.
  • Right to object to profiling and automated decision-making affecting your participation in courses or assessments, where applicable under local law. You may request human review of any significant automated decision that affects your course progression or access to services.
  • Right to restriction of processing where accuracy is contested, processing is unlawful, or where we no longer need the personal data but you request retention for the establishment or defense of legal claims. Requests will be assessed per applicable law and internal retention requirements.
  • Right to withdraw consent for data processing that relies on consent; withdrawal does not affect the lawfulness of processing carried out prior to withdrawal. We will update your preferences and confirm implemented changes in writing or via the account interface.

How to Exercise Your Privacy Rights

To submit a request to access, correct, delete, or port your personal data, or to object to specific processing activities, contact our Data Protection Coordinator with a clear description of the request and any supporting documentation. We verify identity before processing rights requests to protect personal data from unauthorized disclosure.

[email protected]

We strive to acknowledge requests within 5 business days and to provide a substantive response within 30 calendar days of receipt. Complex requests or those requiring additional verification may take longer; we will notify you if an extension is necessary and explain the reason for the delay.

Marketing Communications and Preferences

We use your contact preferences to send relevant updates about Lumora Rise products, new courses, and events. Communications are limited to information related to your interests and previous interactions. We only send marketing where you have provided consent or where there is a legitimate interest subject to applicable law.

You can opt out of marketing emails at any time by using the unsubscribe link in our messages, by updating communication settings in your Lumora Rise account, or by contacting our Data Protection Coordinator. Opting out of marketing does not remove transactional messages related to your account or purchases.

Children and Minors

Lumora Rise does not knowingly collect personal data from children under the age required by local law for online services without verified parental consent. If we learn that we have collected personal data from a child without appropriate consent, we will take steps to delete the data promptly. For age-sensitive course enrollment, we require parental authorization where applicable.

Links to Third-Party Services

Our site and learning platform may contain links to third-party websites, tools, or integrations. These linked resources operate under their own terms and privacy practices. Lumora Rise is not responsible for the content or privacy practices of third parties; review the third party’s privacy policy before sharing personal information.

Changes to This Privacy Statement

We review and may update this privacy statement periodically to reflect changes in our services, legal obligations, or data-handling practices. Material changes will be posted on our privacy page at mstarrise.pro and, where required, notified to users by email or in-platform notice. Continued use of Lumora Rise after changes indicates acceptance of the revised policy.

Client Success Team
Client Success Team
Hello. You are connected to Lumora Rise client success. How can we assist with AI training, team scoping or curriculum design?