BlueTrace Forge — Privacy Statement

1. Retention

Contact form submissions, if stored by your mail provider or ours depending on configuration, should be deleted according to the retention table in our internal data inventory. Marketing interest lists, when used, retain email addresses only as long as the campaign remains active or until you unsubscribe. Telemetry from optional analytics cookies is aggregated and rotated on a short schedule. We do not build multi-year behavioral dossiers from casual browsing of this static site. Enterprise customers with separate agreements receive project-specific retention schedules.

2. Scope

This Privacy Statement covers information collected through boxvault.one pages, forms, and optional email correspondence initiated by you. It does not govern third-party sites linked for attribution or reading. Training environments delivered under contract may introduce additional controllers and processors; those engagements are described in order forms and data processing addenda rather than here. If you access materials through a partner academy, both organizations may have independent roles under applicable law.

3. Data collected

We may collect names, email addresses, company names, and message text when you submit forms. Technical logs from hosting may include IP addresses, timestamps, user agent strings, and requested paths. Optional analytics may collect coarse page views and scroll depth. We do not intentionally collect government identifiers through this public site. If you include sensitive information voluntarily in a message, we will treat it as ordinary correspondence and suggest redaction for future notes.

4. Use of data

We use contact details to respond to inquiries, schedule workshops when requested, and maintain relationships with existing customers. Technical logs help diagnose misconfiguration and abuse patterns. Aggregated analytics informs editorial decisions about which articles deserve follow-ups. We do not sell personal information as a line of business. We do not use this site to automate credit decisions or similar eligibility scoring. Marketing emails, if any, include opt-out mechanisms compliant with Korean electronic marketing norms where applicable.

5. Contact

Privacy questions may be directed to team@boxvault.one. Please allow reasonable time for a substantive reply. If you represent a data subject making a formal request, identify your relationship to the organization you believe processed data and include approximate dates of interaction. We may need to verify identity before disclosing records to prevent fraudulent takeovers. If we cannot fulfill a request due to legal conflict, we will explain the limitation at a high level without compromising security.

6. Rights

Depending on jurisdiction, you may have rights to access, correct, delete, or restrict certain processing, and to object to direct marketing. In Korea, the Personal Information Protection Act provides a framework for many of these requests. We honor applicable rights for data we control. Some rights may be limited where retention is necessary for dispute resolution or legal claims. If you are unsatisfied with our response, you may escalate to competent supervisory authorities as permitted by law.

7. Third parties

Infrastructure and email providers act as processors according to their agreements. We select vendors with reasonable security practices yet remain responsible for instructions we issue. If we integrate optional webinar tools in the future, we will name those processors and purposes. We do not allow unrelated advertising networks on this static property. Transfers outside Korea, if any, occur through standard contractual mechanisms or vendor certifications appropriate to the situation.

8. Security

We apply access controls to mailboxes and build repositories handling personal data. Static publishing reduces server-side attack surface. Employees with access receive onboarding on phishing resistance and least-privilege handling. No online system is perfectly secure; we encourage you to use unique passwords and hardware security keys for your own accounts when contacting us. Incident notifications to affected users will be provided consistent with legal requirements and the severity of risk.

9. Automated decisions

We do not use personal data from this site to make solely automated decisions with legal or similarly significant effects. Optional analytics may compute aggregates, but those aggregates do not determine individual eligibility for services. If future features introduce automation, we will update this Statement and provide meaningful information about logic and consequences. Human review remains central to training scenario assessments sold to enterprises.

10. Notifications

If a breach affects personal data under our control, we will assess notification duties under Korean law and any relevant contract. Notifications may include recommended mitigations such as password resets when applicable. We maintain internal timelines for escalation and evidence preservation. Public blog posts are not the primary channel for urgent breach notices; direct email or customer portals would be used for confirmed incidents involving enterprise data.

11. Training records

Enterprise training engagements may generate attendance logs, scores, and facilitator notes. Those records are governed by customer agreements and are not described exhaustively on this public page. Individuals participating through an employer should contact their internal privacy office for access questions, and we will assist controllers as contractually required. Public readers who never purchase services will not have training scores created solely from browsing this site.

12. Cookies cross-reference

Cookie-specific details appear in the Cookie Policy, including categories and consent. This Statement should be read together with that document for a complete picture of technologies used. Disabling optional cookies does not remove legitimate business records created when you email us directly. Clearing browser storage may reset theme preferences if you previously opted into storing them.