Privacy Notice

Last updated: 2026-04-02

1. Contact

The data controller is SprintCanvas Academy, reachable at [email protected] and at the postal address shown on the Contact page. For privacy requests, include your name, organization, and a description of the request so we can verify identity proportionately.

2. Use of data

We process personal data to deliver training, manage billing references, improve our curriculum, and comply with quality standards. Legal bases include contract performance, legitimate interests in securing our services, and consent where required (for example optional analytics cookies).

3. Data collected

We collect enrollment details (name, email, role), organization name, communications you send us, and technical logs such as IP address and browser type when you use our site. Payment card data is handled by our payment partners when applicable; we do not store full card numbers on our servers.

4. Your rights

Depending on applicable law, you may request access, correction, deletion, restriction, or portability of your personal data, and you may object to certain processing. You may lodge a complaint with the Korean Personal Information Protection Commission or your local authority where available.

5. Third parties

We use processors for email delivery, video conferencing, analytics (if consented), and cloud hosting. Processors are bound by written agreements requiring appropriate safeguards and processing only on our instructions.

6. Retention

We retain enrollment records for the period needed to administer refunds, respond to disputes, and meet tax or accounting obligations. Marketing contacts are retained until you withdraw consent or we delete stale data according to our retention schedule.

7. Scope

This Privacy Notice applies to personal data processed through ravoleg.digital and related operational email. It does not cover third-party sites we link to; their policies govern their processing.

8. Security measures

We implement access controls, encryption in transit where supported by our stack, and vendor due diligence. No online service is perfectly secure; please use strong passwords and protect shared workshop links.

9. International transfers

If we transfer personal data outside Korea, we rely on appropriate safeguards such as standard contractual clauses or adequacy decisions where recognized, plus supplementary measures when required.

10. Children

Our services are directed to professionals. We do not knowingly collect data from children under 14. If you believe a child provided data, contact us and we will delete it promptly.

11. Automated decisions

We do not make solely automated decisions with legal or similarly significant effects about participants based on their personal data.

12. Changes to this notice

We update this Privacy Notice when our processing activities change. The “last updated” date at the top reflects the latest revision. Significant changes will be communicated through email or an on-site notice when appropriate.