Nimbus Harbor Academy
AppearanceCookie Notice
HomeAll coursesProgram studioHow it worksBlogFAQTestimonialsContact

Last updated: 2026-02-09

Data Protection

1. Retention

We retain enrollment records, billing references, and support correspondence only as long as needed to deliver services, satisfy quality standards, and meet lawful record-keeping duties in Korea. Telemetry from optional analytics cookies is retained according to the Cookie Notice categories. You may request deletion where applicable law permits, subject to legitimate archival exceptions.

2. Use of data

Data is used to schedule sessions, operate labs, respond to inquiries, and improve curricula based on aggregated feedback. We do not sell personal data; limited subprocessors assist with email delivery and hosting as described under third parties.

3. Contact

Questions about this Data Protection statement may be sent to [email protected] with “Data Protection” in the subject line. We respond within a reasonable period consistent with applicable Korean privacy guidance.

4. Third parties

Infrastructure and communications vendors may process data under instructions and contractual safeguards. Microsoft and other cloud vendors maintain their own notices for services you access directly with your credentials.

5. Scope

This notice applies to personal data collected through graichy.digital, related enrollment forms, and official community channels administered by the academy. It does not govern third-party sites linked for reference.

6. Your rights

Depending on circumstances, you may request access, correction, deletion, or restriction of certain processing activities. We verify requests to protect account integrity and may ask clarifying questions before acting.

7. Data collected

Identifiers such as name, email, organization, and country; technical data like IP address and device type; and usage metrics when you opt into analytics cookies. Payment references may appear on invoices handled by processors; we avoid storing full payment credentials on our site.

8. Security measures

We apply administrative, technical, and organizational measures appropriate to the risk, including access controls and encryption in transit for supported flows. No method of transmission is perfectly secure; please report suspected incidents promptly.

9. Children's data

Services are intended for professionals; we do not knowingly collect data from children without appropriate authorization.

10. International aspects

Where data moves outside Korea, we rely on appropriate safeguards and vendor commitments consistent with this notice.

11. Changes to this notice

Material updates will be posted with a revised “last updated” date and, when appropriate, highlighted in learner communications.

Contact: [email protected]