Privacy Policy

COALSLAW ("Company," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI subscription platform service ("Service"). By using our Service, you consent to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access the Service.

We collect several types of information for various purposes: Personal Information: • Email address • Name or display name • Password (stored encrypted) • Payment information (processed by third-party payment processors) • Profile picture (optional) • Phone number (optional) Automatically Collected Information: • IP address • Browser type and version • Operating system • Device information • Access times and dates • Pages viewed and features used • Referring website addresses • Cookies and similar tracking technologies

We use the information we collect for various purposes, including: • Providing and maintaining our Service • Processing transactions and sending related information • Sending administrative notifications, updates, and security alerts • Responding to your comments, questions, and customer service requests • Analyzing usage patterns to improve our Service • Detecting, preventing, and addressing technical issues • Personalizing your experience • Sending marketing communications (with your consent) • Complying with legal obligations

We may share your information in the following situations: AI Service Providers — International Data Transfers: To provide our Service, your input data (prompts and conversation content) is transmitted in real-time to the following third-party AI providers located in the United States: • OpenAI, LLC (USA) — GPT models Privacy Policy: https://openai.com/policies/privacy-policy/ Contact: privacy@openai.com • Anthropic, PBC (USA) — Claude models Privacy Policy: https://www.anthropic.com/legal/privacy Contact: privacy@anthropic.com • Google LLC (USA) — Gemini models Privacy Policy: https://policies.google.com/privacy • xAI Corp. (USA) — Grok models Privacy Policy: https://x.ai/legal/privacy-policy Contact: privacy@x.ai As we use API services, your input data is not used for training AI models by default. However, this may vary depending on each provider's policy changes, and we will notify you promptly of any such changes. Service Providers: We may share your information with third-party service providers who perform services on our behalf: • Payment processors (Toss Payments — South Korea, Stripe — USA) • Cloud hosting (Amazon Web Services — USA) Legal Requirements: We may disclose your information if required by law or in response to valid requests by public authorities. Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. When we transfer your information internationally, we implement appropriate safeguards in accordance with applicable data protection laws.

We retain your personal information for as long as necessary to provide you with our Service and as described in this Privacy Policy. We will also retain and use your information as necessary to: • Comply with our legal obligations • Resolve disputes • Enforce our agreements Specific retention periods: • Account information: Until account deletion • AI conversation history (input/output): Until account deletion or upon user request • Transaction and payment records: 5 years (as required by the Korean Electronic Commerce Act, Article 6) • Consumer complaint or dispute records: 3 years (Korean Electronic Commerce Act, Article 6) • Website access (login) logs: 3 months (Korean Protection of Communications Secrets Act, Article 15-2) • Electronic financial transaction records: 5 years (Korean Electronic Financial Transactions Act, Article 22) • Tax-related records: 5 years (Korean Framework Act on National Taxes, Article 85-3) For users outside of South Korea, we comply with the applicable data retention requirements of your jurisdiction, including but not limited to GDPR (EU), CCPA/CPRA (California), and LGPD (Brazil). Where local law mandates shorter retention periods, we will delete your data accordingly.

We implement appropriate technical and organizational security measures to protect your personal information, including: • Encryption of data in transit (TLS/SSL) • Encryption of data at rest • Access controls and authentication • Regular security assessments • Employee training on data protection However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security.

Depending on your location, you may have certain rights regarding your personal information: • Access: Request access to your personal data • Correction: Request correction of inaccurate data • Deletion: Request deletion of your personal data • Portability: Request a copy of your data in a portable format • Objection: Object to certain processing of your data • Restriction: Request restriction of processing To exercise these rights, please contact us at privacy@coalslaw.ai. We will respond to your request within 30 days.

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA): • Right to know what personal information is collected • Right to know whether your personal information is sold or disclosed • Right to say no to the sale of personal information • Right to equal service and price We do not sell your personal information. To exercise your CCPA rights, please contact us at privacy@coalslaw.ai.

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR): • Right of access • Right to rectification • Right to erasure • Right to restrict processing • Right to data portability • Right to object Legal Basis for Processing: We process your data based on: • Contractual necessity (to provide our Service) • Legitimate interests (to improve our Service) • Consent (for marketing communications) • Legal obligations For GDPR-related inquiries, contact our Data Protection Officer, Wonki Choi (Founder), at agewell.es@gmail.com.

We use cookies and similar tracking technologies to collect and track information about your use of our Service. Types of cookies we use: • Essential cookies: Required for the Service to function • Analytics cookies: Help us understand how you use the Service • Preference cookies: Remember your settings and preferences You can control cookies through your browser settings. However, disabling certain cookies may affect the functionality of our Service. For detailed information about cookie types, third-party cookies, and management options, please refer to our Cookie Policy (coalslaw.ai/en/cookies).

Our Service is not intended for individuals under the age of 14. We do not knowingly collect personal information from children under 14. If we become aware that we have collected personal information from a child under 14, we will take steps to delete such information. Users between the ages of 14 and 18 may only use the Service with the consent and supervision of a parent or legal guardian. The parent or legal guardian is responsible for all activities conducted under the minor's account. If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@coalslaw.ai.

Your information may be transferred to and processed in countries other than your country of residence, primarily the United States. These countries may have different data protection laws. AI Input/Output Data Processing: When you use our Service, the following data processing occurs: • Input Data: Your prompts and conversation content are transmitted in real-time to third-party AI providers via API calls to generate responses. • Output Data: AI-generated responses are transmitted back to you through our servers. • Data Retention by AI Providers: As we use API services, your input data is not used for model training by default. However, AI providers may temporarily retain input and output data for abuse monitoring and safety purposes, typically for up to 30 days. • No Model Training: Your conversations are not used to train or improve AI models when accessed through our API-based Service. Anonymized and Aggregated Data: We may anonymize and aggregate data collected through your use of the Service so that it can no longer identify you personally. We may use such anonymized and aggregated data for the following purposes: • Improving service quality and developing new features • Analyzing AI model usage patterns and producing statistical reports • Industry trend analysis and research reports • Providing or selling anonymized aggregated data to third parties Anonymized data cannot identify any individual and will not be re-combined with your personal information. We do not sell personally identifiable raw data to third parties. When we transfer your information internationally, we implement appropriate safeguards, such as: • Standard contractual clauses approved by the European Commission • Ensuring the recipient country has adequate data protection laws • Obtaining your explicit consent • Implementing technical measures such as encryption

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to read the privacy policies of any third-party websites you visit.

We may update this Privacy Policy from time to time. We will notify you of any changes by: • Posting the new Privacy Policy on this page • Updating the "Last Updated" date • Sending you an email notification (for material changes) We encourage you to review this Privacy Policy periodically for any changes.

If you have any questions about this Privacy Policy or our data practices, please contact us: COALSLAW Email: privacy@coalslaw.ai Data Protection Officer: Name: Wonki Choi Title: Founder Email: agewell.es@gmail.com Website: https://coalslaw.ai For EU residents: You have the right to lodge a complaint with your local data protection authority if you believe we have not complied with applicable data protection laws.