Legal · QueryPilot Academy
Privacy Policy
Last updated · 13 February 2026
This Privacy Policy describes how QueryPilot Academy collects, uses, and protects personal information processed in connection with the website at gyplautis.digital and the cohort programs delivered through it. The policy is written in plain language but reflects the formal obligations of the data controller under the Personal Information Protection Act of the Republic of Korea.
1. Retention
Personal information is retained only for as long as is necessary for the purposes for which it was collected and any legal obligations that apply to those purposes. Cohort enrolment records, including submitted work and mentor feedback, are retained for thirty-six months after the conclusion of the relevant cohort to support post-program follow-up and the issuance of completion letters. Marketing contact records are retained until the contact requests deletion or for twenty-four months from the most recent meaningful interaction, whichever is shorter. Aggregated, non-identifying analytics may be retained indefinitely for the purpose of program improvement.
2. Third-party processors
QueryPilot Academy engages a small number of third-party processors for hosting, video conferencing, transactional email, and customer relationship management. Each processor is engaged under a written agreement that requires processing only on documented instruction and the implementation of appropriate technical and organisational measures. Categories of processor include cloud infrastructure providers operating from the Republic of Korea or regional data centres, video conferencing providers used for live sessions, and email delivery providers used for cohort communications. A current list of processors is available on request.
3. Contact for privacy enquiries
Enquiries about this Privacy Policy, requests to exercise the rights described below, and notifications of suspected unauthorised access to personal information should be addressed to [email protected]. Where an enquiry concerns a personal information breach, please include sufficient detail to allow QueryPilot Academy to investigate promptly. The response timeframe is set in accordance with the Personal Information Protection Act and is, in any event, not more than thirty days from the date of receipt.
4. Categories of personal information collected
The categories of personal information collected include: contact details supplied at registration or enquiry (name, email address, optional company affiliation); cohort participation records (sessions attended, submitted work, mentor feedback); technical data generated by the use of the cohort sandbox (lab activity logs that are personal only by virtue of being attributable to a registered account); and limited website analytics data, in line with the cookie consent provided by the visitor.
5. Scope of this policy
This policy applies to the website at gyplautis.digital and to the cohort programs delivered through it. It does not apply to third-party websites that may be linked from the website; visitors are encouraged to review the privacy practices of those third parties before providing personal information to them. Where this policy refers to a separate Cookie Settings page, the rules described there form a part of QueryPilot Academy’s privacy practice and should be read alongside this document.
6. Purposes of processing
Personal information is processed for the following purposes: to administer cohort registrations and deliver programs; to provide mentor feedback and issue completion letters; to communicate operational changes to scheduled sessions; to issue invoices and reconcile payments; to respond to enquiries; to send cohort-relevant updates where consent has been given; and to improve the curriculum and the website on the basis of aggregated, non-identifying analytics.
7. Rights of the data subject
Subject to the conditions and limitations of the Personal Information Protection Act, individuals have the right to request access to their personal information, the correction of inaccurate information, the erasure of information no longer required for the purposes for which it was collected, the suspension of processing in defined circumstances, and the portability of certain information in a structured, commonly used format. Requests should be addressed to the contact set out in section 3.
8. Security measures
QueryPilot Academy implements technical and organisational measures appropriate to the nature of the personal information processed. These include access controls based on the principle of least privilege, encryption of personal information in transit and at rest where technically reasonable, periodic review of access logs for the cohort sandbox, and regular review of the third-party processors engaged. Security measures are reviewed at least annually and following any material change to the services.
9. International transfers
Where the delivery of services requires the transfer of personal information outside the Republic of Korea — for example, the use of a video conferencing provider with infrastructure in another jurisdiction — QueryPilot Academy ensures that such transfers are conducted in accordance with the Personal Information Protection Act, including by relying on the explicit consent of the data subject where required and by entering into appropriate contractual arrangements with the recipient.
10. Children
The cohort programs are designed for adult professionals and the website is not directed to children under the age of fifteen. QueryPilot Academy does not knowingly collect personal information from children under that age. If a parent or guardian becomes aware that a child has provided personal information through the website, the parent or guardian is invited to contact QueryPilot Academy at the address in section 3 so that the information can be reviewed and, where appropriate, deleted.