Policies

Use of data

NimbusLedger processes personal data to respond to inquiries, operate demonstrations, and improve product documentation. Processing is limited to what is adequate, relevant, and not excessive for those purposes.

We do not use contact form submissions to train public machine learning models. Internal quality reviews may reference redacted excerpts strictly under access controls.

Third parties

Hosting, email delivery, and analytics vendors assist us under data processing terms. Each vendor receives the minimum information required for their function and may not contact you for unrelated marketing.

If you arrive through a reseller, that partner may have an independent privacy program. This notice governs NimbusLedger-controlled properties only.

Retention

Marketing leads are retained for twenty-four months after the last meaningful interaction unless a longer period is required by tax or contract law. Security logs rotate on a shorter schedule unless an incident investigation extends retention.

Backups may temporarily retain deleted records until the backup cycle expires; restoration after deletion is not offered except where legally compelled.

Contact

Data protection questions may be directed to welcome@bright-link.one. For rights requests, include enough detail to verify your relationship to the data subject without sending excessive sensitive identifiers through insecure channels.

Rights

Depending on your jurisdiction, you may have rights to access, rectify, erase, restrict, or object to certain processing, and rights related to automated decision-making. Korean residents may also lodge complaints with competent authorities after good-faith engagement with us.

We will verify requests to prevent fraudulent deletion or disclosure. Denied requests receive written reasons where the law requires.

Data collected

Categories include identity and contact data (name, email, company), technical data (IP address, user agent), and usage data (pages visited, time on page when analytics consent exists). We do not collect government identifiers through this marketing site.

Optional webinar registrations may request job title; that field is voluntary unless stated otherwise for a regulated session.

Scope

This Data Protection notice applies to bright-link.one and related marketing subdomains operated by NimbusLedger. It does not govern customer production environments that run NimbusLedger software under separate enterprise agreements.

Links to third-party sites are provided for convenience; review their notices before submitting personal data.

Security measures

We implement administrative, technical, and physical safeguards appropriate to the risk, including TLS transport, access logging, and least-privilege administration. No system is perfectly secure; we monitor for anomalies and patch critical dependencies on prioritized schedules.

Incident notification

If a breach affects personal data under our control, we will notify regulators and affected individuals as required by applicable Korean and contractual obligations, including timelines set forth in the Personal Information Protection Act where relevant.

Automated decisions

We do not make solely automated decisions that produce legal or similarly significant effects concerning individuals on this site. Lead scoring, if used internally, involves human review before sales outreach.

Changes to this notice

We update this Data Protection text when processing activities or laws change. Archived versions are available to enterprise prospects upon request for transparency reviews.

Consent

NimbusLedger records your cookie choices in the browser so we do not repeatedly interrupt your visit. Consent is granular: essential cookies load by default because the site cannot function without them, while analytics cookies require a positive action unless your jurisdiction mandates otherwise.

You may withdraw analytics consent at any time through the same control surface. Withdrawal does not erase historical aggregated statistics already collected, but it stops new event collection tied to your browser from that point forward.

Where Korean telecommunications and data protection guidance applies, we document the legal basis for each category and retain evidence of consent changes for a defined retention window described under retention headings.

Contact

Questions about this Cookie Notice or about how NimbusLedger reads cookie signals should be sent to welcome@bright-link.one with the subject line “Cookie inquiry”. Please include your organization name and, if applicable, the browser you use so we can respond with accurate steps.

We aim to acknowledge messages within five Korean business days. Complex investigations involving reseller relationships or federated identity setups may require coordinated responses and can take longer.

What are cookies

Cookies are small text files stored on your device when a site sets them through your browser. Similar technologies include local storage entries and session identifiers used to keep forms stable.

Cookies can be first-party (set by bright-link.one) or third-party (set by an embedded analytics vendor). This notice explains both classes in plain language rather than engineering shorthand.

Third parties

When analytics cookies are allowed, a bounded subset of events may be processed by subprocessors under contract with NimbusLedger. Those vendors are prohibited from using our telemetry for their own advertising products.

Third-party cookies are not used to resurrect deleted accounts or to sell personal data lists. If a vendor changes their compliance posture materially, we evaluate continuation or removal.

Preferences

Preference storage remembers choices such as theme mode and reduced-motion hints. These entries are treated as functional rather than marketing because they exist solely to respect your display settings.

If you clear site data manually, preferences reset and you will need to select them again. We surface a short reminder when we detect a reset to avoid surprise layout shifts.

Categories

Essential cookies maintain security tokens, load balancing hints, and consent receipts. Analytics cookies measure anonymous navigation patterns such as scroll depth on documentation pages.

We do not operate an advertising category on this marketing site. If that changes, this section will be updated before new tags fire, and we will prompt for consent where required.

Cookie inventory

The following list summarizes representative cookies. Exact names may include version suffixes during deployments.

nl_consent — stores analytics opt-in state — 12 months — NimbusLedger

nl_theme — stores light or dark preference — 12 months — NimbusLedger

nl_session — maintains secure form sessions — session — NimbusLedger

Browser controls

Every major browser ships with tools to block or delete cookies. Because those tools are vendor-controlled, consult the help documentation for Chrome, Safari, Firefox, or Edge for step-by-step instructions.

Blocking all cookies may break single sign-on flows or the contact form token we issue to reduce spam submissions.

Policy updates

We revise this Cookie Notice when tagging practices change or when regulators publish clarifications. Material updates increase the version note at the top of this document.

Continued use after an update constitutes acceptance of the revised notice only where permitted by law; otherwise we will collect fresh consent when mandated.

International transfers

Analytics subprocessors may process events in regions outside the Republic of Korea. Contracts include standard clauses where applicable and limit retention to operational needs.

We do not sell personal information. Transfer assessments are available to enterprise customers under NDA.

Children

This site is aimed at professionals evaluating cloud cost software. We do not knowingly collect analytics on child-directed segments. If you believe a school account was misconfigured, contact us and we will assist with deletion requests supported by your documentation.

Scope

This Cancellation Policy describes how prepaid software fees may be refunded or credited for NimbusLedger plans sold directly through bright-link.one or authorized Korean statements of work. Enterprise paper contracts follow their exhibits if different.

Professional services hours already consumed are outside the refund scope because labor cannot be returned.

Timeframe

Customers who qualify may request a full refund within fourteen days of the initial purchase date provided onboarding has not progressed beyond the kickoff workshop described in the order form.

After fourteen days, fees become non-refundable except where a statutory right applies or NimbusLedger materially fails to deliver documented baseline features after a cure period.

Eligibility

Eligibility requires timely payment, accurate company representation, and absence of abuse patterns such as repeated purchase-and-refund cycles.

Pilot conversions to annual contracts inherit the pilot start date for refund calculations, not the conversion click date.

Process

Email welcome@bright-link.one with invoice number, account identifier, and reason for the request. Finance validates against billing records and responds with approval, denial, or clarification questions.

Approved refunds return to the original payment method where technically possible; otherwise we coordinate an alternative traceable channel.

Contact

Refund correspondence uses the same mailbox as general privacy inquiries, but please tag the subject with “Refund request” to bypass triage queues.

Exceptions

Custom development, expedited onboarding surcharges, and third-party pass-through fees (cloud marketplaces, government filing fees) are non-refundable once incurred.

If regulatory action prohibits continued service in your jurisdiction, we issue a pro-rata credit rather than cash where local exchange controls complicate refunds.

Processing time

Approved refunds typically post within ten Korean business days depending on card networks or international wires. Holidays may extend timelines.

Chargebacks

Initiating a chargeback without first contacting us may delay resolution and can trigger account suspension until the dispute is clarified. We prefer collaborative resolution.

Credits

At our discretion, we may offer service credits instead of cash refunds when you prefer to continue the relationship or when FX treatment makes credits administratively simpler.

Recordkeeping

We retain refund decision logs for seven years aligned with tax record obligations. Logs contain minimal personal data and are access-controlled.

Governing consumer standards

Nothing in this policy limits non-waivable rights under the Framework Act on Consumers or other Korean consumer statutes. Where a mandatory rule conflicts with an internal policy, the mandatory rule prevails.