Legal

Chapter 1: General Provisions

Article 1 (Purpose)

Involuti (hereinafter referred to as the "Company") prioritizes the security of creators' unique narrative data and personal information. This Privacy Policy is established to ensure that users can safely utilize the Company’s Professional Narrative Architecture & Authoring Support Platform (hereinafter referred to as the "Service"). The Company complies with all relevant data protection laws and maintains transparent guidelines to protect the intellectual property and privacy of all creators.

Article 2 (Principles and Security Philosophy)

• Security of Creative Data: The Company places the highest value on the security of the world-building (Codex) and script data designed by users.
• Exclusion from External Training: As a professional authoring tool, the Company maintains a strict policy of not allowing user-generated creative data to be used for the general training of external foundation models without authorization.
• Minimum Collection & Purpose Limitation: The Company collects only the minimum information necessary to provide authoring support and does not process data beyond the scope previously agreed upon by the user.

Chapter 2: Collection of Personal Information

Article 3 (Items Collected)

The Company collects the following information to provide authoring tools, manage computational resources, enhance security, and optimize the creative environment.

1. Account and Basic Identification

   • Required: Email address (ID), nickname, sign-up date, access logs, and service configuration (language, etc.).

2. Narrative Design Data (User Input)

   • Codex Settings: World-building configurations, character profiles, and codex databases designed by the user.
   • Narrative Context: Script drafts, scene direction instructions, and text guides entered for the Narrative Engine’s sophisticated computation.
   • Documents and Files: Any information contained in text documents or reference images uploaded by the user to assist in narrative design.

3. Numen Payment and Transaction Information

   • For paid services: Transaction timestamp, amount, quantity of Numen purchased, and records of cancellations or refunds. (Sensitive financial data, such as credit card info, is processed securely by professional payment providers and is not stored directly by the Company.)

4. Technical and Environmental Information

   • Operating system (OS), browser type, IP address, device identifiers, and service usage records.

Article 4 (Collection Methods)

• Direct input by the user during sign-up and profile configuration.
• Real-time data storage through the system while using narrative design and script editing tools.
• Voluntary provision through customer support inquiries and feedback.

Chapter 3: Purpose of Processing & Data Usage Policy

Article 5 (Specific Purposes)

Collected information is processed strictly for the following purposes:

• Provision of Professional Authoring Features: Synchronizing Codex data, maintaining the script editing environment, and providing real-time draft and description suggestions via the Narrative Engine.
• Numen Management: Calculating Numen consumption based on engine calls and managing remaining utility assets.
• Optimization and Security: Improving the accuracy of the Narrative Engine’s prompt engineering, enhancing safeguard (filtering) systems, and preventing unauthorized use.

Article 6 (Exclusion Policy for External AI Training)

To protect the originality of creators, the Company adheres to the following:

• Enterprise API Usage: The Company prioritizes Enterprise-grade API agreements with external engine providers (e.g., Google, Anthropic) to ensure that user data is not used for the general training of their foundation models.
• De-identification: When analyzing data for system improvements, the Company employs technical measures to completely remove all personal identifiers, processing data only in an anonymized state.

Chapter 4: Retention and Destruction Policy

Article 7 (Retention Period)

The Company retains personal information only for the period required by law or agreed upon with the user, and destroys it immediately once the purpose is fulfilled.

• Member Information: Until account withdrawal (Access logs are stored for 6 months to prevent fraudulent use).
• Creative Data: Until account withdrawal or upon the user's request for deletion.
• Legal Obligations: Payment and transaction records (5 years), consumer complaint records (3 years).

Article 8 (Destruction Method)

Electronic files are permanently deleted using technical methods that prevent recovery, and other records are shredded or incinerated.

Chapter 5: Data Entrustment and Overseas Transfer

Article 9 (Transfer to Technical Partners and Security)

• Narrative Computation: The Service integrates APIs from external providers or relay platforms for sophisticated narrative processing.
• Secure Transmission: Data transmitted for Narrative Engine calls is encrypted via SSL and protected under the partners' Enterprise terms. The Company constantly monitors these partners to ensure data is not leaked or used without authorization.
• Infrastructure Entrustment: The Company utilizes professional services such as Supabase, Vercel, Resend (Email) for stable operation and manages these trustees in accordance with relevant laws.

Chapter 6: User Rights and Obligations

Article 10 (Rights of the Creator)

• Users may request to view, modify, or delete their personal and creative data at any time.
• Users directly manage their Codex and script data and can delete it immediately through service features if they do not wish for the Company to retain it.

Article 11 (Security Measures)

• All passwords are stored using one-way encryption.
• Access to personal information is minimized to essential personnel, and regular security training is conducted for employees.

Chapter 7: Responsible Parties and Notification

Article 12 (Privacy Officer)

• Name / Title: Hyunwoo Kang / Representative
• Email: support@involuti.com

Article 13 (Amendments)

This policy may be updated according to technical requirements or changes in the operational environment. Significant changes will be notified via service announcements at least 7 days prior to the effective date (30 days for changes unfavorable to the user).