Privacy Notice | Cognidev

1. Data Controller

Cognidev acts as the data controller for personal data collected through cognidev.digital and related enrollment workflows. Contact: hello@cognidev.digital · +82-8-595-7235 · 39-10, Gwangmyeong 3(sam)-dong, Gwangmyeong-si, Gyeonggi-do, Korea.

2. Categories of Personal Data

We may process identity and contact data (name, email, company), communication content, technical data (IP address, device type, basic logs), and program participation data (attendance, assignments submitted, survey responses). Payment card data, if collected, is handled by payment partners under their terms; we do not store full card numbers on our servers.

3. Purposes of Processing

Data is used to respond to inquiries, administer courses, improve materials, secure our services, comply with law, and—only where you opt in—send marketing about related programs.

4. Legal Bases (where GDPR concepts assist KR operations)

Where GDPR applies to individuals in the EEA/UK, we rely on contract necessity, legitimate interests (service improvement, security), consent for non-essential cookies and marketing, and legal obligation where required. Korean processing follows applicable PIPA requirements and fair information practices.

5. Retention

Contact form data is retained up to twenty-four months unless a longer period is needed for active sales cycles. Enrollment records are retained for the duration of the program plus seven years where accounting and tax rules require. Analytics logs are rotated on a shorter schedule unless investigating abuse.

6. Processors and Third Parties

We use cloud hosting, email delivery, analytics (if consented), and videoconferencing vendors. Contracts include confidentiality and security expectations. A current list is available on request.

7. International Transfers

Data may be processed in Korea and other regions where subprocessors operate. Where required, we implement safeguards such as standard contractual clauses alongside local assessments.

8. Security Measures

We apply access controls, encryption in transit, vulnerability patching cadences, and staff training. No method is perfectly secure; you should use unique passwords and report suspected incidents promptly.

9. Your Rights

Depending on jurisdiction, you may request access, correction, deletion, restriction, or portability, and withdraw consent where processing is consent-based. Korean residents may exercise PIPA rights via our contact channel. We will verify requests to prevent fraud.

10. Children and Policy Updates

Programs are directed at professionals; we do not knowingly collect data from children under 14 without parental authority. We may update this notice with a revised date; substantive changes affecting consent-based processing will seek fresh consent where required.