Data Protection

Last updated 2026-01-22 · Contact [email protected]

Use of data

Personal data is used to operate training services, verify eligibility, communicate schedules, and improve instructional quality through aggregated analytics where permitted. Marketing communications are sent only with consent or under another lawful basis recognized in Korea. Automated decision-making that produces legal effects is not applied to individuals in standard offerings. Data may be used to detect fraud or misuse of credentials. Internal access follows least-privilege principles, and operational staff are trained on confidentiality expectations. For more detail on categories and retention, see the sections that follow and cross-links to Cookie Settings where technologies overlap.

Data collected

We collect identifiers such as name, business email, organization, role, billing contact details for enterprise orders, and technical identifiers like IP address and device type when you use hosted labs. Payment references may be processed by processors under their policies; we do not store full payment card data on BlueVector Range servers. Support tickets may include attachments you choose to upload. Workshop recordings, if any, are governed by explicit notices per session. You should avoid submitting sensitive government identifiers unless a program explicitly requires them for accreditation purposes.

Your rights

Depending on your residency, you may have rights to access, rectify, erase, restrict processing, object, and port data where technically feasible. Korean residents may exercise rights under applicable personal information protection statutes, including complaint pathways to supervisory authorities. Requests should include reasonable identity verification to prevent disclosure to impersonators. We will respond within timelines required by law, typically within thirty days unless complexity requires extension with notice. Where erasure conflicts with legitimate retention duties, we will explain the limitation.

Contact

For privacy inquiries, contact [email protected] with the subject line “Data Protection Request” and include your cohort or contract identifier if applicable. Enterprise customers may also route requests through their designated account manager. If you believe a disclosure incident occurred, notify us promptly so we can coordinate review and any legally required notifications. Physical correspondence may be directed to the Gangnam-gu address published on the Contact page. Do not include passwords or authentication secrets in email.

Third parties

We rely on subprocessors for email delivery, video conferencing, ticketing, and cloud hosting. Contracts impose confidentiality and security obligations consistent with instructional use. We do not sell personal information as a business model. Where subprocessors operate outside Korea, safeguards such as standard contractual clauses or equivalent measures are applied where required. A current list of categories of recipients is available on request for enterprise sponsors. Changes to critical subprocessors will be communicated when your agreement requires notice.

Scope and retention

This Data Protection overview applies to websites and services operated by BlueVector Range under the avamarara.digital domain and related training environments. It does not govern third-party sites linked for reference. Offline events may post supplemental notices at registration desks. If you participate as part of an employer program, your employer may have separate policies governing work devices; this document describes BlueVector Range processing only. Where enterprise agreements add stricter controls, those controls apply to the contracted relationship. Account and billing records are retained for periods required by tax and commercial law, commonly seven years unless a shorter period is permitted. Cohort workspace artifacts are deleted or anonymized within ninety days after a program ends unless a separate archive license is purchased. Support correspondence is retained for two years unless a longer period is needed to document dispute resolution. Logs used for security monitoring roll off on a schedule designed to detect abuse while minimizing storage. You may request deletion where no overriding obligation exists.