Privacy Statement

This Privacy Statement covers personal data collected through chain-point.one and related workshop intake forms operated by Civic Signal Workshop. It applies to visitors, prospective clients, and organizational contacts who email us. Work performed under separate contracts may reference an additional data appendix. Where the appendix conflicts on processing, the appendix controls for that engagement only. Our studio is based in the Republic of Korea. We describe rights referencing the Personal Information Protection Act (PIPA) where relevant.

We collect contact details you submit voluntarily, such as name, email address, organization, and project descriptions. Workshop intake may include optional phone numbers for scheduling. Technical logs from our hosting provider can include IP addresses, timestamps, and user agents. We use them for security monitoring, not for automated profiling. Cookies and local storage may store consent and theme preferences as described in the Cookie Notice.

We use infrastructure vendors to serve static files and to forward email to hello@chain-point.one. Those vendors process data under their agreements and only on our instructions where applicable. If you join a video session hosted on a partner platform, that platform acts as an independent controller for meeting metadata. We do not sell personal information as a commodity. Any sharing for legal compliance is documented and narrow.

Contact form submissions are retained long enough to respond and to maintain a record of legitimate business interest, typically up to twenty-four months unless a contract requires longer. Security logs rotate according to provider defaults, often ninety days, unless an incident investigation requires extension. You can request deletion where law allows. Some records must be kept for tax or dispute resolution reasons.

Contact hello@chain-point.one for privacy questions. For postal requests, use the address in the site footer. We may ask you to verify identity before disclosing records to prevent spoofing. If you represent a data subject, include signed authorization documentation where required.

We use data to respond to inquiries, schedule workshops, improve site clarity, and meet legal obligations. We do not use workshop intake content to train generalized public models unless a future contract explicitly allows it and you opt in. Aggregated analytics may inform editorial changes to page structure without identifying individuals.

Depending on applicable law, you may request access, correction, deletion, or restriction of processing. Korean data subjects may also have rights under PIPA including withdrawal of consent where processing is consent-based. You may lodge a complaint with the Personal Information Protection Commission in Korea if you believe we violated the law. We will explain any refusal where the law permits us to decline a request, for example when information is legally privileged.

This additional Scope section clarifies international visitors. If you access the site from outside Korea, your data may transit global networks. We apply reasonable safeguards such as encrypted transport. Translations of this statement are for convenience. The English version governs unless local law requires otherwise. Children should not submit personal data without guardian involvement. We delete obviously juvenile marketing signups when discovered.