Privacy Policy

LunaRabbit ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our services, including:

Collectively referred to as the "Services."

Geographic scope. The Services are intended for users in South Korea, the United States, and other supported regions. They are not directed to, or intended for, residents of the European Economic Area (EEA) or the United Kingdom, our mobile apps are not distributed there, and we do not target, market to, or monitor individuals in those regions. This Policy is framed around the laws that apply to our supported markets (primarily Korea's PIPA and US privacy law).

1. Information We Collect

Account Information

When you create an account, we collect:

Usage Data

We automatically collect:

Chat Data (LunaRabbit Chat)

When you use LunaRabbit Chat, we collect:

Account Required (LunaRabbit Chat)

A LunaRabbit account is required to use LunaRabbit Chat. We do not offer anonymous (non-logged-in) access to the chat service, and we do not process chat messages from users who are not signed in.

Document Data

We access your active document content to provide context for AI responses. Specifically:

We also support Microsoft Word™, Microsoft PowerPoint™, and a standalone web editor. Similar data access policies apply to all platforms. Additional platforms (Google Docs™, Google Slides™) may be added in the future.

We do not access data from other files, closed documents, or documents you are not actively working with. During a conversation, the AI may read additional content from your active document as needed to complete your request.

Document content sent for AI processing is used to generate a response. Image-upload caches and transient processing artifacts are deleted within 24 hours; custom function result caches are retained for up to 30 days as described in Section 6.

Conversation History (Cloud Storage)

Effective May 11, 2026: chat conversations are stored on LunaRabbit servers (cloud-only) until you delete them; we do not delete them automatically on a time schedule. This change replaces the previous "session-memory only" model and was made so you can resume conversations across devices and recover history if you switch browsers.

Anonymized Pattern Use — LunaRabbit Chat (Opt-in, Per-Product)

By default — and regardless of your consent setting — we do not currently collect, retain, or use any of your conversations to train or improve AI models. The Model improvement feature is not yet active. Turning on Model improvement (via the consent modal or in-app Settings — off by default) does not begin any collection now; it is advance authorization that takes effect only if and when we activate this feature. At that point, and only for users who have opted in, we may retain a de-identified snapshot of your conversation turns for the following planned purposes:

De-identification uses industry-standard techniques: named-entity recognition for personal names and organizations (Latin and CJK scripts), regex matching for emails, phone numbers, IP addresses, payment-card numbers, and government-issued identifiers. The retained data is associated only with an HMAC-derived session hash (never your user ID) and is intended to qualify as anonymized/de-identified information under applicable data protection law. We acknowledge no de-identification process is perfect and continuously improve our techniques.

Per-product consent: this opt-in applies to LunaRabbit Chat conversation data only. Other LunaRabbit products (Office document editing, coding) request their own separate consent within those products — your Chat consent never extends to documents, spreadsheets, or code processed elsewhere. Both Free and Paid plans: opt-in is independent of your subscription tier. Default is off — opt-in is required (we collect nothing for AI improvement until you affirmatively enable it). You can withdraw consent at any time via Settings. Note that already-incorporated patterns in our fewshot database or fine-tuned models cannot be retroactively removed, but no new patterns will be extracted from your conversations after withdrawal.

Legal basis (all users): explicit opt-in consent via the Model improvement item in the consent modal or in-app Settings, which you may withdraw at any time. The consent is stored on your account. Your conversations are not used for model improvement unless this opt-in is present. This satisfies the Korean PIPA Art. 22 별도 동의 (separate consent) requirement and the consent basis recognized under the US CCPA. We do not rely on processing-without-consent provisions (such as PIPA Art. 28-2) for this purpose — model-improvement use is consent-based.

When de-identified data is retained under this opt-in, it is associated only with an HMAC-derived session hash (never your user ID); no re-identification is attempted or permitted, and any downstream recipients are contractually prohibited from re-identification (consistent with the US CCPA definition of de-identified information). We maintain internal pseudonymization review procedures in accordance with PIPC guidelines (가명처리 적정성 검토). Retained data is kept for up to 3 years or until the model-improvement purpose is fulfilled, whichever is earlier, then securely destroyed.

Custom Function Inputs

When you use our custom AI functions (such as =LR.AI(), =LR.TRANSLATE(), =LR.WEB()), the prompt text and parameters you supply are stored as part of your usage history for analytics, billing accuracy, and abuse prevention. This information is associated with your account and is distinct from conversation content. You may export or delete this data at any time using the rights described in Section 8.

2. How We Use Your Information

We use your information to:

3. Third-Party Sub-Processors

To deliver our Services we share data with sub-processors under their commercial API or DPA terms. They fall into three categories:

The complete current list — including each sub-processor's purpose, region, and DPA URL — is published at lunarabbit.ai/subprocessors. We give at least 30 days' advance notice on that page before adding any new sub-processor that materially changes the categories of data we share.

Default behavior on commercial API tiers is no training on customer data — this is contractually guaranteed and not subject to opt-in toggles. If you opt in to anonymized pattern use (Section 1), de-identified snapshots may additionally be sent to AI model providers for engineering analysis and future fine-tuning of LunaRabbit's own models.

Engineering Analysis (Internal). Authorized LunaRabbit personnel may review individual conversations for the limited purpose of debugging regressions, improving prompt quality, or investigating user-submitted error reports. This is human review of stored data — it does not send data to AI model providers and does not update any model's weights. Access is SSO + IP-allowlist gated and logged for audit. The same policy applies to "Improvement / Error Report" attachments you opt-in to submit.

4. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence. The table below summarizes the principal cross-border transfers:

Your primary account data (profile, conversations, usage history) is stored on AWS Seoul (ap-northeast-2). However, it may be transferred to or accessed from the United States and other countries through the infrastructure operator (Amazon Web Services, Inc.) and the sub-processors listed above. We apply safeguards required by applicable law to any personal data so transferred.

For overseas transfers we rely on your consent (collected at account registration) and on data processing agreements with each sub-processor, together with other lawful transfer safeguards, to ensure adequate protection. These jurisdictions may have different data protection laws than your country of residence. For the complete list of sub-processors, see lunarabbit.ai/subprocessors.

5. Data Security

We implement industry-standard security measures:

6. Data Retention

7. Cookies and Local Storage

Our Services use browser local storage and session storage to maintain your authentication state and preferences. We do not use third-party tracking cookies. Essential storage is required for the Services to function and cannot be disabled.

For full details on what we store and how to manage it, see our Cookie Policy.

LunaRabbit Chat specific storage:

8. Your Rights

Depending on your location, you may have the right to:

To exercise any of these rights, contact us at [email protected]. For data export, you can also use the self-service "Download My Data" option in your account Settings, which provides a JSON file containing your profile, transaction history, and usage records.

California Residents (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to request deletion, and the right to opt out of the sale of personal information. We do not sell your personal information.

Our Services do not respond to "Do Not Track" (DNT) browser signals because there is no industry-accepted standard for DNT. However, we do not engage in cross-site tracking.

South Korea Residents (PIPA)

If you are located in South Korea, the following provisions under the Personal Information Protection Act (개인정보 보호법) apply:

9. Google API Services User Data Policy

LunaRabbit's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

10. Children's Privacy

Our Services are intended for adults and are not directed to anyone under the age of 18 (or the minimum age required by applicable law in your jurisdiction). We do not knowingly collect personal information from anyone under 18. By creating an account, you represent that you are at least 18 years old. If we learn that we have collected personal information from someone under the applicable minimum age, we will promptly delete that information. In all cases, we apply the heightened protections required by Korean law for children under 14, including legal-guardian consent.

11. Data Breach Notification

In the event of a data breach that affects your personal information, we will notify affected users via email within 72 hours of becoming aware of the breach, as required by applicable law.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on our website or sending an email to your registered address. Your continued use of the Services after such changes constitutes acceptance of the updated policy.

13. Data Retention After Account Deletion

Upon account deletion, your personal identifiers (email, name, IP address) are removed immediately. Anonymized, aggregated usage data (such as feature usage counts, response time metrics) that was previously de-identified during your use of the Service is retained indefinitely for service improvement, consistent with Section 6. This data cannot be used to identify you.

14. AI-Generated Content Transparency

As a matter of transparency and responsible-AI practice, all content generated by our AI services is proactively labeled as AI-generated within the user interface. When our AI agents produce text, formulas, code, or other outputs, a visible indicator is displayed alongside the response. This ensures you can always distinguish AI-generated content from human-authored content.

AI-generated outputs should be reviewed before use. We do not guarantee the accuracy, completeness, or fitness of AI-generated content for any particular purpose.

15. Payment Processing (Merchant of Record)

Payments for paid plans are processed through Paddle.com Market Limited, a third-party payment processor that acts as our Merchant of Record (MoR). Paddle is identified at checkout. Under this arrangement:

16. Contact Us

If you have questions about this Privacy Policy, contact us at: