Data Protection

This Data Protection statement applies to personal data processed through docarchivecore.one, related enrollment forms, and email threads initiated from published addresses. It does not govern purely offline paper archives kept by your employer when they purchase training for you. Enterprise customers remain responsible for notices they give their employees; we provide supporting language on request.

Depending on your relationship with us, you may request access, correction, deletion, or restriction of certain personal data we hold. We verify requests to a reasonable standard and may ask for corporate affiliation when the request concerns a business email. Where we cannot comply fully, we explain the legal or technical reason rather than issuing a blanket refusal.

We share data with processors who host the site, deliver transactional email, and provide classroom tooling under written agreements. We do not sell personal data to data brokers and we do not publish attendee lists without explicit permission tied to each event. Processors may only subprocess with our knowledge where contracts require equivalent protections.

We use contact details to respond to inquiries, schedule workshops, and send service messages about programs you joined. Analytics help us prioritize editorial topics; we avoid collecting free-form notes about individuals beyond what you voluntarily submit. Marketing messages, when they exist, are frequency-capped and include a clear opt-out path.

Categories include identity and contact data, professional affiliation, billing references for corporate purchasers, and technical metadata such as IP truncated for analytics. Sensitive categories are not targeted; if you disclose health or similar data in a free-text field, we encourage you to delete it and we will purge what we can on notice. Cookies are described in the Cookie Preferences tab of this legal hub.

The controller for site-related processing is SignalForge Academy reachable at academy@docarchivecore.one. Postal correspondence can be sent to the Gangnam district address shown in the site footer. For regulatory correspondence, mark envelopes clearly so they reach compliance-aware staff without delay.

Contact form submissions are retained twenty-four months unless a longer period is required for an open dispute. Billing records for training purchases follow statutory commercial record rules applicable in the Republic of Korea. Analytics aggregates may be kept longer in anonymized form that cannot identify individuals.

If we become aware of unauthorized access to personal data we process, we will notify affected users where law requires and document remedial steps. Notifications describe what happened, what data categories were involved, and what mitigations are underway without speculative promises. We cooperate with competent authorities in the Republic of Korea and with enterprise customers who host their own incident response playbooks.

We do not sell personal data and we do not use automated decision-making that produces legal effects concerning you. Newsletter or training interest forms may trigger manual follow-up by staff rather than unattended scoring. If that posture changes, this Data Protection page will be updated before new processing begins.

We maintain a working list of vendors that may touch personal data as part of hosting, email delivery, or diagnostics. Material additions will be reflected here and, for enterprise agreements, communicated through your account contact where one exists. You may object to a new subprocessor where your contract allows; otherwise contact us to discuss alternatives.

When you attend a paid workshop, attendance lists, payment references, and feedback forms are stored under stricter access controls than marketing leads. Recordings, if any, require a separate opt-in captured at the event and may be deleted on a fixed schedule communicated there. Lab exercises should not include live customer secrets; if they slip in, delete them and inform us so we can purge backups on the next rotation.

We log the date, channel, and outcome of each rights request to demonstrate accountability to external reviewers. Logs exclude unnecessary detail about your inquiry beyond what is needed to fulfill it. Logs are themselves retained only as long as the underlying retention chapter permits.