Bugcraft Academy
This policy explains how Bugcraft Academy collects, uses, stores, and shares personal data when you visit gitarna.digital, create an account, enroll in courses, or contact us.
It applies to learners, prospective learners, and business contacts who interact with our marketing or support channels. Partner-delivered programs may add notices; we will link them when applicable.
If you do not agree with this policy, please discontinue use of the services and avoid submitting personal data through forms or email.
Depending on your situation, you may request access, correction, deletion, restriction, or portability of personal data we hold, subject to legal exceptions.
You may object to certain processing based on legitimate interests, and you may withdraw consent where processing relies on consent, without affecting the lawfulness of processing before withdrawal.
We respond within a reasonable period and in line with Korean personal information protection requirements. You may lodge a complaint with the Korea Personal Information Protection Commission if you believe we have infringed applicable law.
We use account and profile data to deliver courses, authenticate access, communicate scheduling changes, and provide optional mentor feedback you purchase.
We analyze aggregated usage patterns to improve navigation, fix broken lessons, and understand which practice tasks confuse learners, using identifiers that do not need to be stored longer than necessary.
We do not sell personal data. Paid advertising partners, if any in the future, would be disclosed here before collection changes take effect.
We keep account records for as long as your profile is active and for a period afterward to resolve disputes, satisfy tax or audit obligations, and defend legal claims where permitted.
Support emails may be retained in ticketing archives with access limited to staff who need them. You may request deletion where law allows, understanding that some retention may be mandatory.
Analytics logs that do not identify you individually may be kept in aggregated or de-identified form for longer periods to study curriculum effectiveness.
Email [email protected] with the subject line “Privacy request” and include your full name, the email address tied to your account, and a description of the action you seek.
We may ask for reasonable verification before disclosing or changing records. This protects you and other learners from impersonation attempts.
If we cannot honor a request entirely, we will explain the legal or technical reason and, where possible, offer a narrower option such as partial redaction.
Identifiers: name, email address, phone number if you provide it, organization name, and country or timezone selections.
Learning data: assignment uploads, quiz responses where used, mentor comments, cohort identifiers, and bookmark metadata you create inside the platform.
Technical data: IP address, device type, browser version, approximate location derived from IP for fraud prevention, and diagnostic logs when errors occur.
We rely on subprocessors such as email delivery, video conferencing, calendar scheduling embeds, and cloud hosting. Contracts require confidentiality, security assistance, and deletion or return of data when services end.
Where a subprocessor is located outside Korea, we implement safeguards such as standard contractual clauses or equivalent measures when required.
We do not allow subprocessors to use learner personal data for independent marketing unrelated to delivering our services.
If you follow links to external sites, their privacy policies govern those visits. We do not control cookies or trackers placed by third-party sites you choose to open.
When we embed a scheduling widget, the provider may collect data under its own notice. We select providers that publish retention and security documentation suitable for small education businesses.
You may request an up-to-date list of core subprocessors; we refresh it at least annually or sooner when a material vendor changes.
We apply access controls, encrypted transport for web sessions, and least-privilege administrative accounts. Staff training covers phishing resistance and confidential handling of learner submissions.
No online service can guarantee perfect security. If we learn of a breach that risks your rights, we will notify regulators and affected individuals as required by law and in a timely manner.
You should use unique passwords, enable device updates, and avoid sharing session links in public channels.
Questions: [email protected]