Cookie Policy
Last updated: 2025-12-08
Questions: team@boxvault.one
1. Cookie categories
BlueTrace Forge groups cookies into essential, functional, analytics, and preference families. Essential cookies keep sessions stable and protect forms from basic abuse. Functional cookies remember accessibility choices you explicitly set, such as reduced motion or font sizing when those toggles exist. Analytics cookies help us understand which articles and scenario descriptions are read fully versus skimmed, using aggregated counts rather than individualized surveillance. Preference cookies store optional UI states like theme selection when you opt in through the settings control. We do not use cookies to determine eligibility for employment or to score individuals for unrelated marketing categories.
2. What cookies are
Cookies are small text files stored by your browser when you visit a site. They can be short-lived session markers or longer-lived configuration tokens. Local storage entries behave similarly for some features and are covered here with the same standards. Because this property is a static informational site, most cookies relate to remembering consent, optional theme preferences, and lightweight analytics identifiers if enabled. Cookies are not executable programs and cannot read unrelated files on your device. You can remove them at any time using browser controls described later in this statement.
3. Contact
Questions about this Cookie Policy may be sent to team@boxvault.one with the subject line “Cookie inquiry.” Please include the page URL you were viewing and a description of the concern. We respond to operational privacy questions within a reasonable period for a small team, typically within ten business days for non-urgent items. If you believe a cookie is malfunctioning, include your browser name, version, and whether you use private browsing. We do not provide hotline support for cookie questions and cannot troubleshoot every browser extension interaction.
4. Consent
Non-essential cookies require a clear affirmative action through the cookie banner or settings menu. Dismissing the banner without accepting limits storage to essentials required for basic functionality and security. You may withdraw consent at any time by clearing site data or revisiting settings where available. Withdrawing consent does not affect the lawfulness of processing that occurred beforehand. If analytics cookies were previously allowed, identifiers reset on the next visit after removal. We do not use pre-ticked boxes for optional categories.
5. Preferences
Preference storage is limited to values you explicitly choose, such as dark or light display modes when that toggle is enabled. We avoid storing free-form text in cookies. Preference cookies expire on a rolling basis and are refreshed only when you revisit the site and interact with controls again. If you use multiple devices, preferences do not automatically synchronize because we do not maintain accounts for casual readers. Corporate customers with contractual arrangements may receive separate documentation for authenticated portals not hosted on this static domain.
6. Third parties
This static site does not embed social trackers or advertising pixels. If we link to external documentation, those destinations apply their own policies once you leave boxvault.one. Fonts and assets are served locally from the same origin after build, which reduces passive leakage to external hosts. Should we ever embed permitted third-party video or webinar players for optional events, we will list those providers in an updated table with purpose and duration. Until then, third-party exposure is limited to ordinary DNS and routing handled by your network provider.
7. Retention periods
Session cookies typically expire when you close the browser. Preference cookies may persist up to twelve months unless you clear them sooner. Analytics identifiers, if enabled, rotate on a schedule designed to reduce long-lived fingerprinting while still giving us coarse readership trends. We document maximum durations in internal runbooks even when browsers enforce shorter lifetimes in practice. Legal holds for investigations, if ever applicable, could extend retention for specific logs maintained outside this static site, and would be governed by separate enterprise agreements rather than this public page.
8. Security measures
We configure hosting with modern transport security where TLS termination is managed by the infrastructure provider you select. Because the public site is static, attack surface is smaller than dynamic applications, yet we still monitor for unexpected asset swaps during publication. Cookie values do not include secrets such as API keys. If we detect tampering with published assets, we rotate builds and invalidate cached copies according to internal procedures. Users should still keep browsers updated and exercise caution on shared workstations.
9. Children
This site is aimed at adult professionals in security operations roles. We do not knowingly collect personal information from children through cookies or forms. If you believe a minor submitted information inadvertently, contact team@boxvault.one so we can assist with deletion where feasible. Educational partners using our scenarios in classrooms remain responsible for obtaining appropriate permissions from institutions and guardians. Cookie controls on shared classroom machines should be managed by the institution’s IT administrators.
10. International readers
Readers may access this site from multiple countries. Static delivery may route through caches geographically close to you. Those caches temporarily store files but are not used to build behavioral profiles on our behalf. If Korean data protection standards differ from your local expectations, you may rely on the rights described in our Privacy Statement for broader context. We do not attempt to determine nationality through cookies for marketing sorting.
11. Updates
We revise this Cookie Policy when practices change materially, such as adding a new analytics vendor or optional authenticated area. The last updated date at the top of the page signals when a human reviewed the text. Continued use after updates constitutes acceptance of the revised policy for non-essential cookies only after you provide fresh consent where required. Archived copies may be available to enterprise customers under contract. We do not promise indefinite public archives of every minor wording tweak.
12. Definitions
“Essential” means necessary for transmission, security, or explicitly requested functionality. “Analytics” means aggregated measurement without selling personal data. “Preference” means optional UI state you choose. “Site” means the boxvault.one static property described here. “We” means BlueTrace Forge as the publishing brand for this content. These definitions apply only within this policy and do not import specialized meanings from unrelated industries. If a term conflicts with a defined term in the General Terms, the more specific document controls for its subject matter.