Legal changelog
Every meaningful change to the Terms of Service or Privacy Policy bumps the document version and adds a row here. Material changes (anything that affects your rights, payment, or data handling) are also announced 14 days in advance via in-app notification and email to registered users.
v7.0-2026-04
2026-04-29 · material
- Service refocused on US-targeted operation. Korea-specific PIPA scaffolding removed across signup, profile-privacy management, and Privacy / ToS documents.
- Signup: dropped the "I consent to my data being processed outside Korea" checkbox (PIPA §17 ② is no longer the operative regime). Required consents now: 4 (Age 14+, ToS, Privacy, AI disclaimer). Optional unchanged.
- ToS §15: governing law moved from Republic of Korea (Seoul Central District Court) → State of Delaware, USA. The 정보통신망법 §44-2 counter-notice channel and 전자상거래법 reference removed.
- Privacy §6: rewritten as jurisdiction-neutral "International data flows" — same recipient table + safeguards, no PIPA framing.
- Privacy §8: rights anchored on US state laws (CCPA/CPRA, VCDPA, CPA, CTDPA) + GDPR/UK GDPR; Korean 개인정보보호위원회 / KISA references replaced with US state AG / FTC + EU/UK supervisory authority.
- Privacy §9: breach-notification anchored on GDPR Art.34 + US state breach-notification statutes (e.g. Cal. Civ. Code §1798.82). PIPA §34 ① / 정보통신망법 §27-3 references removed.
- Privacy §10: 14+ floor justified on COPPA only (PIPA §22 ⑥ reference dropped).
- Marketing-email opt-in description: 정보통신망법 §50 reference removed; CAN-SPAM-style framing only.
v5.0-2026-04
2026-04-25 · material
- Privacy: full sub-processor list (Stripe, R2 logo storage now disclosed) + per-item retention + legal basis (PIPA / GDPR Art.6).
- Privacy: international-transfer disclosure expanded with explicit recipient + purpose + period table.
- Privacy: audit-log retention shortened from 7 years to 2 years; users may request earlier purge.
- Privacy: cookies section split — strictly-necessary vs. optional Sentry session replay, latter gated behind explicit consent.
- Privacy: data export is now self-serve (/api/users/me/export). Breach-notification SLAs added.
- ToS: governing law set to Republic of Korea (Seoul Central District Court). DMCA takedown procedure added.
- ToS: UGC moderation SLA documented (48 h ack, 7 d substantive response, same-day for imminent harm).
- ToS: liability cap floor raised to USD 100 to account for the new paid tier.
- Signup: 3-checkbox consent replaced with PIPA-compliant required (5) + optional (2) split.
- Cookie banner added; Sentry session replay now opt-in (default OFF) instead of always-on at 10% / 100% sampling.
- Audit log: legal basis re-anchored to legitimate interest in safety-claim defense (was unspecified retention).
v4.3-2026-04
2026-04-22 · editorial
- First publication of Terms of Service and Privacy Policy.
- 3-checkbox signup consent (age 18+, ToS + Privacy bundle, AI disclaimer).
- Audit log retention: 7 years (later revised in v5.0).