LegAI Assistant, Inc.

Privacy Policy

Last updated: 26 October 2025

This Privacy Policy explains how LegAI Assistant, Inc. (“LegAI”, “Company”, “we”, or “us”) collects, uses, and protects personal information in connection with the LegAI Assistant service (“Service”). We process personal information in accordance with the Personal Information Protection Act of the Republic of Korea and other applicable laws.

1. Information We Collect

  • Account information such as email address, name, organisation, profile photo, authentication tokens, and contact preferences.
  • Workspace content you upload or generate inside the service, including documents, evidence, comments, chat history, and associated metadata.
  • Usage information including device identifiers, IP address, browser type, operating system, access timestamps, pages viewed, feature usage, diagnostic logs, and cookies or similar technologies.
  • Billing details such as invoicing contact, company name, tax ID, and payment method. Payment cards are processed by our provider and not stored in full by LegAI.

2. How We Use Information

  • Operate, maintain, and improve the LegAI Assistant, including authentication, storage, collaboration, and AI-driven features.
  • Analyse aggregated or anonymised usage patterns to enhance product performance and security.
  • Communicate with you about updates, service announcements, and customer support.
  • Enforce our Terms of Service, prevent misuse, comply with legal obligations, and protect the rights and safety of users and third parties.
  • Authorised personnel at LegAI Assistant, Inc. may access personal information strictly on a need-to-know basis to operate the service, troubleshoot incidents, and provide support. Access is restricted by role-based permissions and protected by multi‑factor authentication and audit logging.

3. Lawful Bases for Processing

  • Performance of our contract with you when providing the service.
  • Your consent where required, which you may withdraw at any time without affecting prior processing.
  • Compliance with legal obligations.
  • Legitimate interests, such as securing and improving the service. We balance these interests against your rights.

4. Sharing and Disclosure

  • Service providers (including Google Cloud Firebase, AI infrastructure, analytics, customer support, and payment vendors) bound by confidentiality agreements and data processing terms.
  • Regulators, courts, or law enforcement if legally required or to protect the rights, property, or safety of LegAI, our users, or others.
  • Successors in the event of a merger, acquisition, or asset sale, subject to confidentiality safeguards.
  • We do not sell personal information.

5. International Transfers

  • Data may be stored or processed in the Republic of Korea, the European Union, the United States, or other jurisdictions (e.g., Google Cloud region: nam5).
  • When transferring personal information internationally we rely on safeguards such as standard contractual clauses and require recipients to maintain adequate protections.

6. Retention

  • Personal information is kept for as long as necessary to provide the service and fulfil the purposes described in this policy.
  • When an account is closed we delete or anonymise workspace content within 90 days unless retention is required for legal, accounting, or dispute-resolution purposes.

7. Your Rights

  • Subject to applicable law you may request access, correction, deletion, restriction, or portability of your personal information, or object to certain processing.
  • Submit requests to privacy@leg-ai.com or +82-10-2178-9598. We may verify your identity and will respond within the timelines required by law.

8. Security Measures

  • LegAI applies administrative, technical, and physical safeguards including encryption at rest and in transit, role-based access controls, security monitoring, and regular audits.
  • Administrative access is logged via cloud audit logs and reviewed periodically. Data access by personnel is limited to authorised purposes and recorded for accountability.
  • No security programme is infallible, so please review information before sharing it with collaborators.

9. Children's Privacy

  • The service is not intended for individuals under the age of 18, and we do not knowingly collect personal data from children.
  • If you believe a child has provided personal information, contact us so we can delete it promptly.

10. Updates to This Policy

  • We may revise this policy from time to time. Material changes will be communicated via email or in-product notice at least 14 days before they take effect.
  • Continued use of the service after the effective date constitutes acceptance of the revised policy.

11. Contact Information

  • Privacy Officer, LegAI Assistant, Inc.
  • Email: privacy@leg-ai.com
  • Phone: +82-10-2178-9598
  • Address: 올림픽로 4길 15, Seoul, Republic of Korea
  • You may also contact the Personal Information Infringement Report Center (privacy.kisa.or.kr / 118) or other supervisory authorities if you believe your rights have been infringed.
    LegAI Assistant, Inc. Privacy Policy | LegAI