Introduction
In your platform, you can create a customized privacy policy for your users to accept when registering or logging into the platform. You can also create and assign specific privacy policies to specific domains, for those using Docebo’s Extended Enterprise app.
Furthermore, privacy policies can be versioned, so you can create a new version of the same policy when certain terms have been modified or updated. Your platform tracks all versions of the privacy policy, and whether each user has agreed to, rejected or not yet answered to each version of the privacy policy. As the Superadmin, you can create and view reports related to your privacy policy as well.
By default, the privacy policy is activated in new platforms, meaning that users will have to agree to the policy in order to access their platforms. For those that were using the privacy policy functionality prior to April 24, 2018, please refer to the Questions and Answers article to learn how to navigate the transition to the new privacy policy functionality in your platform.
When requested to provide consent to the Privacy Policy, users can choose a language different from the one you selected for them, among the platform’s active languages. If the language they select while reading the policies is different from the language selected in their My Profile area, once they access the platform, the language will be reset to the language set in their My profile area.
This article outlines how to activate and manage the privacy policy if your platform uses a single domain (any platform that is not using Docebo’s Extended Enterprise app). Customers using the Extended Enterprise app can learn how to manage privacy policies for their subdomains by referring to the article for the Extended Enterprise app.
Terms & Conditions vs. Privacy Policy
Your platform has both a Privacy Policy and Terms & Conditions that Superadmins can configure and all learners must accept if they are activated. While the configuration process is nearly identical, consider them as two separate functionalities that serve two different purposes that can work together to ensure that your learners are provided with all of the legal and policy-related information before using the platform.
The Privacy Policy should cover the legal language on the data that you record (such as material viewed in the platform or the number of times a user attempts to take a test) and how you manage it.
On the other hand, Terms & Conditions should outline the rules and guidelines that learners should respect in order to use the learning platform (e.g. not uploading informal learning assets related to specific subjects). Terms & Conditions should primarily focus on Discover, Coach & Share and E-Commerce, so learners know which rules to follow when asking questions to Experts, uploading informal learning assets, writing comments on assets, and purchasing courses or learning plans in the platform.
When learners log into their learning platform for the first time, when they self-register into the platform for the first time, or when they login again for the first time after you’ve updated the Privacy Policy or Terms & Conditions, they will always be prompted to accept the most recent version of the Privacy Policy or Terms & Conditions (or both, depending on what you’ve updated).
Checkboxes with links to both sets of content appear in the login or registration form, or just after logging into the platform, for those that had already accepted an older version of either one. Learners will also find a link to the Terms & Conditions in their shopping carts and on the Share Content page in their platforms.
Activating the Privacy Policy
In order to manage a privacy policy, log into your platform as the Superadmin. Access the Admin Menu from the gear icon in the top right corner, then press the Advanced Settings item in the Settings section. Now, access the Users tab. In the Options section, flag the Privacy Policy MUST be accepted option and press Save.
Please Note: If this option is not enabled, you are still able to access the Privacy Policy configuration area in your platform, and you can create and manage the privacy policy, but it will not appear to your users on the login or registration page of the platform. You may want to keep this option disabled as you draft your privacy policy, then activate it after creating the first policy in your platform.
Creating the Privacy Policy
To create the privacy policy for the first time, access the Admin Menu, then select the Privacy Policy item in the Settings section. On the main Privacy Policy page, there are three tabs at the top: Settings, Preview and Versioning.
When you first draft your privacy policy, all of your work will be done in the Settings tab. Find any later policy versions that you create in the Versioning tab. If you want to preview how your policy will look for learners before saving it as a new version, you can switch to the Preview tab at any time before pressing Save Changes.
In the Settings tab, begin in the the Privacy Policy Content section. You need to create the privacy policy in your platform’s default language. Provide a policy name.
In the Header Message section, add an introductory message that appears above all of your policy and sub-policy text on the registration form for learners. Please note that this text can be no longer than 500 characters, and should serve as a brief introduction to what users will accept below the message in the form. Please note that this message is not mandatory, but suggested.
Then, provide a title message (this is the acceptance message that your users will see) and the text body of the policy.
In the text body, you can format and stylize the text as desired. Additionally, you can add PDF files into the body of the text by pressing the Attach Files button in the text formatting bar. Note that your platform does not track whether learners click on the link to the file or download the file, but the Versioning functionality in your platform ensures that the version of the file that is served to the end user is always the right historical one.
Once you’ve completed all of the required fields, you can press Save Changes to publish this version of the privacy policy for your users. If you need to add any policy extensions or sub-policies to the privacy policy, move to the Sub-Policy section before saving your changes.
Creating and Managing Sub-Policies
If you need to add any sub-policies or additional acceptance messages to your privacy policy, press the Add New button in the Sub-policy section when creating or editing your privacy policy. This option is useful if you need users to accept additional options when accepting the privacy policy, such as allowing user data to be viewed by a third-party system or subscribing to newsletters.
Then, insert the sub-policy acceptance message into the corresponding text field and flag whether it’s mandatory or not. If you set a sub-policy to be mandatory, users will not be able to access their platforms until they’ve accepted the sub-policy.
Repeat this process for up to three sub-policies per privacy policy. To delete a sub-policy, simply press the X icon in the corresponding row. When you’re finished, press Save Changes.
Creating a Privacy Policy in Multiple Languages
When creating or updating a privacy policy, you can create the same version of the policy in multiple languages using the multi-language selector tool. Learn more about this tool.
Please note that when you’re creating or editing a policy in the platform’s default language, the default language fields are mandatory. However, when adding content in a language that is not the default language, the fields are not mandatory. Therefore, if you do not populate a field in one of the additional languages, that field will appear to users in the default language instead of appearing blank.
For example, if your default language is English, you must fill out every field of the privacy policy in English. If you then create content of the same policy in French but you do not fill out the acceptance message, learners with their platforms set in French will see the acceptance message of their privacy policy in English.
Any time that any field of the privacy policy is updated in any language, a new version is created. Versioning for the privacy policy is at a global language level, not localized to individual languages. Therefore, you cannot have a privacy policy with 3 versions in English and 7 versions in French.
Once you update any fields and press Save Changes, a new version is created for all languages. Therefore, when you are updating the privacy policy, be sure to update it in all necessary languages before pressing Save Changes. Refer to the following section to learn more about versioning.
Updating a Privacy Policy and Managing Versions
Once you’ve created a privacy policy, any of the fields can be updated, which will automatically create a new version of the policy. All versions can be found in the Versioning tab. Any time a new version is created and published, all users must re-accept the privacy policy upon the next log into the platform.
Versions are at global language level. If you update a policy in any language, a new version is created for all languages. Users will have to re-accept the policy, regardless of their platform language. Therefore, if you’re managing a policy that is published in multiple languages, you should update any necessary fields in ALL languages before pressing Save Changes and creating a new version.
In the Versioning tab of a policy, use the sliding bar in the area at the top of the page to see all of the available versions and switch between which version you want to view. For each currently viewed version, you will see the version name, who published that version and the date and time of publication.
Below, you will see the full privacy policy version, including all acceptance messages, title, and text. To change the language in which you’re viewing the version, use the Language dropdown menu in the top right corner of the policy.
Note on the Text Editor
Please note the text editor embedded in the platform is Froala, refer to the Froala Knowledge Base for further information on its usage. Also remember that the rendering of the output of WYSIWYG editors may be slightly different from the input, depending on the CSS rules applied.