What Information We Collect

When you use our financial education platform, we gather different types of information depending on how you interact with us. Here's what we collect and why:

Account Information

If you create an account with us, we need some basics: your full name, email address, and a password you choose. For our programs starting in autumn 2025, we might also collect your educational background and professional experience to better tailor the learning experience.

Learning Activity Data

As you work through our valuation courses, we track your progress — completed modules, assessment scores, time spent on materials. This isn't about surveillance. It helps us identify where students typically struggle so we can improve our content.

Technical Information

Like most websites, we automatically collect technical data: IP address, browser type, device information, and how you navigate through our site. This helps us ensure the platform works smoothly across different devices and browsers.

Payment Information

When you enroll in a paid program, we collect billing details. However, payment card information goes directly to our payment processor — we don't store complete card numbers on our servers.

How We Use Your Information

We're pretty straightforward about this. Your information serves specific purposes related to delivering quality financial education:

• Providing access to learning materials and tracking your progress through courses
• Sending important updates about your enrollment, upcoming sessions, or platform changes
• Responding to your questions and providing technical support
• Improving course content based on aggregated learning patterns
• Processing payments and maintaining transaction records
• Complying with legal obligations under South Korean law

We don't sell your personal information to third parties. Period. That's not our business model and never will be.

Legal Basis for Processing

Under South Korean PIPA regulations, we need a lawful basis to process your personal information. Here's our legal justification:

We also rely on legitimate interests for certain processing activities — like analyzing aggregated usage patterns to improve our curriculum. And in some cases, we have legal obligations that require us to retain certain records for specific periods.

Who We Share Information With

We keep information sharing to a minimum, but there are a few situations where we need to involve third parties:

All our service providers are contractually obligated to protect your information and use it only for the specific purposes we've authorized. We vet these partners carefully.

International Data Transfers

Our primary operations are based in South Korea, and we store most data on servers located within the country. However, some of our service providers operate cloud infrastructure across multiple regions.

When we transfer data internationally, we ensure appropriate safeguards are in place through standard contractual clauses and verified security measures. Your data protection rights travel with your information.

Your Privacy Rights

South Korean PIPA gives you meaningful control over your personal information. Here's what you can do:

Access Your Information

You can request a copy of all personal data we hold about you. We'll provide this in a commonly used electronic format within 10 business days.

Correct Inaccuracies

Spotted an error in your account details? You can update most information directly through your account settings. For other corrections, just reach out to us.

Request Deletion

You can ask us to delete your personal information. We'll comply unless we have a legal obligation to retain certain records — for example, tax and accounting requirements mean we keep transaction records for five years.

Withdraw Consent

For processing activities based on your consent, you can withdraw that consent at any time. This won't affect the lawfulness of processing before you withdrew consent.

Data Portability

You can request your data in a structured, machine-readable format to transfer to another service provider. We support open standards for this purpose.

To exercise any of these rights, contact us at contact@cognitpulsewave.com. We'll respond within the timeframes required by South Korean law.

How We Protect Your Information

Security isn't just a checkbox for us. We've implemented multiple layers of protection:

• All data transmissions use TLS encryption to prevent interception
• Passwords are hashed using industry-standard algorithms — we can't see your actual password
• Access to personal information is restricted to authorized employees who need it for their work
• We conduct regular security assessments and vulnerability testing
• Our systems are monitored for unusual activity that might indicate a breach
• We maintain incident response procedures to address security events quickly

That said, no system is completely impenetrable. If we experience a data breach that affects your information, we'll notify you and relevant authorities as required by South Korean law.

Data Retention Periods

We don't keep information longer than necessary. Here are our retention periods for different data types:

• Active Account Data: Retained while your account is active and for one year after closure
• Learning Progress Records: Kept for three years after course completion for certificate verification
• Financial Records: Maintained for five years to comply with South Korean tax regulations
• Marketing Communications: Kept until you unsubscribe, then deleted within 30 days
• Technical Logs: Automatically deleted after 90 days

After these periods expire, we either delete the data or anonymize it so it can no longer identify you personally.

Cookies and Tracking Technologies

Our website uses cookies — small text files stored on your device. These help the platform function properly and remember your preferences.

Essential Cookies

These are necessary for the platform to work. They enable core functionality like secure login and course access. You can't opt out of these if you want to use our services.

Analytics Cookies

We use these to understand how people use the platform — which features are popular, where users encounter problems. This data is aggregated and anonymized.

You can control cookie preferences through your browser settings, though disabling certain cookies might affect your experience on our platform.

Children's Privacy

Our financial education programs are designed for adults and professionals. We don't knowingly collect information from individuals under 14 years old. If we discover we've inadvertently collected data from a child, we'll delete it promptly.

Changes to This Policy

We review and update this privacy policy periodically to reflect changes in our practices or legal requirements. When we make significant changes, we'll notify you through your registered email address or by posting a prominent notice on our platform.

The "Last Updated" date at the top shows when we most recently revised the policy. We recommend checking back occasionally to stay informed about how we're protecting your information.

South Korea Specific Provisions

As a business operating in South Korea, we comply with additional requirements under PIPA:

If you're dissatisfied with how we've handled your personal information, you have the right to file a complaint with the Personal Information Protection Commission in South Korea.

For residents of South Korea, we provide additional protections including the right to request suspension of processing and the right to be informed of the purpose and scope of data collection before providing consent.