Privacy Policy

Under the Personal Information Protection Act and related regulations in Korea, you may request access, correction, deletion, and suspension of processing where grounds exist. You may also withdraw consent for optional processing without affecting the lawfulness of earlier processing based on consent.

Exercising rights may require identity verification to prevent fraudulent requests. The academy responds within statutory timelines and may extend where complexity warrants, with explanation.

If you believe processing violates law, you may lodge a complaint with the Personal Information Protection Commission or other competent supervisory bodies.

Privacy inquiries, including data subject requests, should be directed to the email below with “Privacy Request” in the subject line. Include your full name, relationship to any corporate account, and a concise description of the request.

For security, the academy may ask follow-up questions before disclosing records. Communications may be retained as required to demonstrate compliance.

The academy collects account details (name, email, employer name when provided), billing references for corporate purchasers, attendance metadata, assessment scores, support tickets, and cookie identifiers described in the Cookie Preferences page.

Live sessions may generate chat transcripts when enabled; facilitators remind participants not to paste secrets. Optional surveys collect satisfaction metrics and content suggestions.

Device technical data such as browser type and approximate region may be processed for security monitoring and service improvement when you opt in to analytics cookies.

Data is used to deliver courses, authenticate users, provide mentor feedback, improve materials, issue certificates, and comply with legal obligations. Marketing communications are sent only with consent or soft opt-in where permitted.

Analytics aggregates are generated to understand module completion patterns without selling personal data to unrelated advertisers. Profiling, if any, is limited to educational personalization rather than automated legal decisions.

Corporate purchasers receive roster-level reporting as contractually agreed; individual health data is not collected beyond voluntary accommodation notes stored with restricted access.

Infrastructure and email delivery may rely on subprocessors bound by data processing terms. A current list is available on request and includes categories such as hosting, video conferencing, and ticketing.

Subprocessors must implement appropriate safeguards for international transfers, including standard contractual clauses or adequacy decisions where applicable.

The academy does not permit subprocessors to use learner personal data for independent marketing unrelated to delivering the services.

This policy applies to websites, enrollment portals, and live experiences operated under the hubgridweb.one domain by AssetLattice Academy. Linked third-party sites follow their own policies.

Former learners remain covered regarding retention of records necessary for legal defense, tax, or certification audit trails even after account closure.

Account data is retained while the relationship is active and for a defined period afterward to resolve disputes and satisfy tax or accounting rules. Assessment artifacts may be retained longer where required for credential verification.

Backup systems may delay deletion propagation; the academy purges on rolling cycles. Anonymized statistics may be kept without identifiers.

You may request deletion where no overriding legal basis applies; some records must be kept in minimal form to prove consent or completion.

The academy implements access controls, encryption in transit for modern browsers, logging, and vendor due diligence. No method is perfectly secure; users should protect passwords and enable multi-factor authentication where offered.

Incidents are assessed under a response plan that includes notification timelines required by law and cooperative engagement with affected corporate purchasers.

Services are not directed to children under fourteen without guardian involvement. If information is collected inadvertently, it will be deleted upon verified notice.

Material updates will be posted with a revised date and, where required, additional notice via email. Continued use after the effective date constitutes acknowledgment except where explicit consent is mandated.