Privacy Policy

madang (madang.im, the "Company") complies with Korea's Personal Information Protection Act (PIPA), the Act on Promotion of Information and Communications Network Utilization and Information Protection (the "ICN Act"), and related regulations. This Privacy Policy explains how we process personal information related to our digital Sand Tray Therapy service. The Korean version above is authoritative in case of any conflict.

Article 1 — Purposes of Processing

1. Account registration and management: identification, age verification (14+), abuse prevention, account maintenance, notifications.
2. Service provision: creating, saving, retrieving, and deleting sand tray sessions; autosave; consultant–client session sharing when assigned by an administrator.
3. Customer support: identifying inquirers, investigating issues, communicating results.
4. Service improvement and statistics: feature development, quality improvement, pseudonymized or de-identified analytics.
5. Legal compliance: meeting obligations under applicable law.

Article 2 — Categories of Personal Information

1. Collected at signup

• [Required] From OAuth provider (Google, Naver, etc.): email address, provider-assigned identifier (sub/id), authentication tokens.
• [Required] Provided by user: username (handle).
• [Optional] From OAuth provider: display name (when provided by the provider).
• [Optional] Entered by the user in Profile: age, gender, nationality — used, only if provided, solely to personalize AI outputs (the world image and the analysis); editable or removable anytime in Profile.

2. Automatically collected during use

• Access IP, timestamps, access logs, browser/OS info, screen resolution.
• Cookies and localStorage (auth tokens, language preference, autosave drafts).
• Usage records, error logs.
• Subscription and Reflection-Session usage records: your Subscription Plan, billing cycle, remaining session balances, the ledger of session consumption/grant transactions, and any operational note an admin attaches to your account. Paid billing is processed by Paddle.com Market Limited as Merchant of Record; the Company does not collect or store your card/payment-account details (Paddle does, under Paddle's own privacy policy). The Company receives and keeps only limited transaction/subscription metadata from Paddle (order/transaction id, plan, amount, payment status, billing country) for entitlement and reconciliation.

3. Generated by the user during use

• Sand tray session content (height field, figure placement, name, timestamps).
• Generated only when the user explicitly invokes [Generate]:
  • Composed sand-tray PNG (tray height + figure placements rendered into one image), temporarily uploaded to our storage so an external AI provider can fetch it; deleted immediately after the call completes.
  • AI-generated "world" image (PNG) returned by the external AI provider, stored alongside the user's session.
  • AI processing timestamp and content-type metadata.
• These items are treated as sensitive information under Articles 10 and 10-2 below.

4. Collected when you use Contact (inquiries)

• Email address and name (prefilled from your account, editable by you), inquiry content, timestamps, and the Company's replies.

Article 3 — Retention Period

• Account information: until account deletion.
• Session content: until account deletion or user deletion of the specific session. (Your Subscription Plan may limit how much older content you can view in-service, but this is a viewing-access limit only and does not affect the retention period — content you cannot currently view is still retained, not deleted, under this clause.)
• Profile demographics (age, gender, nationality): until account deletion or removal by the user in Profile.
• Contact inquiries: until account deletion or user deletion of the inquiry.
• Subscription and session usage records: identifying data (plan, balances) is deleted on account withdrawal. The session transaction ledger (audit log) may be retained for reconciliation and abuse-prevention after anonymization — the member identifier is replaced with an irreversible anonymous value, so the retained records can no longer identify an individual.
• Paid billing / transaction records: paid billing is processed by Paddle (Merchant of Record); the Company does not store payment-method data. The Company and Paddle retain the following under the Act on Consumer Protection in Electronic Commerce for the statutory periods — records on contracts and withdrawal of subscription: 5 years; records on payment and supply of goods: 5 years; records on consumer complaints or dispute handling: 3 years.
• Access logs: up to 3 months (per Korea's Protection of Communications Secrets Act).
• Abuse records: 1 year.

On account deletion, all personal information and user-generated content is permanently erased within 5 business days, subject to legally required retention exceptions. The session transaction ledger (audit log) is anonymized — the member identifier is replaced with an irreversible anonymous value — and, being no longer personal information, is excluded from this erasure.

Article 4 — Third-Party Sharing

We do not share personal information with third parties, except: (a) as required by law, (b) with the user's prior explicit consent, or (c) for assigned consultants viewing their clients' sessions (read-only, only after admin assignment).

Article 5 — Processors

Per PIPA Article 26, our agreements (or, for global processors, their published DPAs / standard terms) prohibit use beyond the entrusted purpose, require technical and managerial safeguards, restrict re-delegation, and provide for monitoring.

Article 6 — International Transfer

Under PIPA Articles 17(3) and 28-8, you have the right to refuse international transfer; refusal may limit your ability to use the corresponding feature.

A user's tray shape and figure placement may reflect emotional or psychological state and is therefore sensitive information under Article 10. Accordingly, both the Alibaba Cloud transfer (Generate Your World) and the OpenAI transfer of a user's analysis data (Generate Analysis) require the user's separate explicit consent under PIPA Article 28-8(1)(i). This consent is obtained in-app the first time the user clicks [Generate] or [Generate Analysis]; without it, no sand-tray content or scene data leaves the Company's infrastructure.

Article 7 — Your Rights

• Right to access, correct, delete, or pause processing of your personal information.
• Right to withdraw consent — Account menu → Delete account.
• Requests via the contact below.

Article 8 — Destruction

Electronic data is destroyed via DeleteItem on DynamoDB and AdminDeleteUser on Cognito; backups expire automatically per their retention cycle.

Article 9 — Security Measures

• TLS 1.2+ for all client–server traffic.
• At-rest encryption via AWS-managed keys (AES-256).
• IAM least-privilege access control.
• No passwords stored locally; delegated to OAuth providers / Cognito.
• JWT verification, token rotation, rate limiting.

Article 10 — Sensitive Information (PIPA Article 23)

1. Sand tray session content, the composed PNG derived from it, and the AI-generated world image may reflect emotional or psychological state and are therefore treated as sensitive information under PIPA Article 23 and Enforcement Decree Article 18.
2. We apply the following safeguards:
   • Separate explicit consent (a checkbox) is obtained at signup.
   • Access is limited to the user and any admin-assigned consultant. Consultant Members are bound by these Terms and an additional duty of confidentiality.
   • Permanently erased on account deletion or session deletion (subject to backup expiration cycles).
   • Never used for marketing, advertising, or statistics (unless pseudonymized/anonymized).
   • Never disclosed to third parties beyond the entrustment and international-transfer scopes set out in this Policy.
   • Not transmitted to any external AI service unless the user explicitly invokes [Generate] (Generate Your World) or [Generate Analysis].
3. You have the right to refuse this processing; refusal may limit registration or feature use.

Article 10-2 — AI-Driven Features: Separate Consent for AI Processing

1. The transfer of a user's sensitive information to external AI services per Articles 5 and 6 — whether the composed sand-tray image (Generate Your World) or the sand-tray scene data, generated world image, and any demographics provided (Generate Analysis) — is performed only after obtaining the user's separate explicit consent under PIPA Articles 23(1) and 28-8(1).
2. AI feature details:

   (a) Generate Your World

   • Purpose: Transform a finished sand tray into a photorealistic landscape image for the user.
   • Items processed: The user's composed sand-tray PNG (height + figures), and the Company's predefined text prompt.
   • Processor / country: Alibaba Cloud (Singapore) Pte. Ltd. — Singapore and global processing nodes.
   • Method: Composed PNG staged to the Company's S3 → public URL passed to the processor → processor downloads and processes → result image returned to the Company → Company immediately deletes the staged PNG → result image is stored under the user's session (images/worlds/).
   • When: Only when the user directly clicks [Generate].
   • Limits: 5 generations per user per day.
   • Withdrawal: Stop clicking [Generate], delete the generated image, or delete the session.

   (b) Figure-library generation (admin-only)

   • Purpose: The Company's administrator adds new figures to the shared library.
   • Items processed: Only the administrator's short text prompt; no user content or identifiers.
   • Processor / country: OpenAI, L.L.C. — United States and global processing nodes.
   • When: On administrator invocation.

   (c) Generate Analysis

   • Purpose: Provide a symbolic, reflective (non-clinical) interpretation of a finished sand tray session.
   • Items processed: The user's sand-tray scene data (figure names/positions/sizes, etc.), the generated world image (if one exists), any demographics the user entered in Profile (age/gender/nationality), and the Company's predefined text prompt.
   • Processor / country: OpenAI, L.L.C. — United States and global processing nodes.
   • Method: On the user's explicit invocation, the above is sent to the OpenAI API (TLS 1.2+) → analysis text returned → stored under the user's session. Only the demographics the user actually provided are included; omitted fields are not sent.
   • When: Only when the user directly clicks [Generate Analysis].
   • Withdrawal: Don't click [Generate Analysis], or delete the analysis or the session; removing demographics in Profile excludes them from future requests.
3. We disclose the following effects of external AI processors that we cannot control:
   • External processors may review and refuse inputs per their own content-moderation policies.
   • External processors may, under their own policies and applicable law, retain or log inputs/outputs for periods such as abuse prevention and model safety review. The Company applies data minimization within its own control.
   • External AI outputs are non-deterministic; the same input may produce different results.
4. This separate consent is obtained in-app the first time the user clicks [Generate] (Generate Your World) or [Generate Analysis]. After consenting, the user may halt further processing at any time by simply not invoking the feature.

Article 11 — Children Under 14

This service is not intended for children under 14. Registration by minors under 14 is prohibited; on discovery, the account and all associated data is deleted immediately.

Article 12 — Cookies and Local Storage

We use cookies and browser localStorage to maintain login state, language preferences, and autosave drafts. Users may disable storage via browser settings; doing so may impair functionality such as session restoration.

Article 13 — Behavioral Information

We do not currently collect or share behavioral information for advertising. Any future use will be subject to separate consent and a policy update.

Article 14 — Additional Use and Provision

Per PIPA Articles 15-2 and 17-2, we may additionally use or provide personal information without separate consent only where: relevance to the original purpose, predictability, no significant risk to user interests, and adequate safeguards are met.

Article 15 — Pseudonymized Data

We may process pseudonymized data for statistics, scientific research, or public-interest record-keeping under PIPA Articles 28-2 to 28-7, with appropriate safeguards.

Article 16 — Data Protection Officer

Data Protection Officer: madang Operations · contact@madang.im
Privacy Department: madang Operations · contact@madang.im

Article 17 — Remedies

You may contact the following authorities in Korea regarding privacy violations:

• Personal Information Dispute Mediation Committee: 1833-6972 · www.kopico.go.kr
• Korea Internet & Security Agency (KISA): 118 · privacy.kisa.or.kr
• Supreme Prosecutors' Office, Cybercrime: 1301 · www.spo.go.kr
• Korean National Police Cyber Bureau: 182 · ecrm.police.go.kr

Article 18 — Changes

Material changes will be announced at least 7 days in advance (30 days for changes affecting fundamental user rights).

Effective: June 12, 2026. (Previous versions: June 10, 2026; June 8, 2026; May 28, 2026; May 16, 2026.)
Change effective June 12, 2026: introduces Paddle.com Market Limited (Merchant of Record) as the payment processor for paid billing. (i) The processed-items section now states that payment is handled by Paddle and the Company does not collect/store card data, receiving only limited transaction/subscription metadata; (ii) Paddle is added to Article 5 (Processors) and Article 6 (International Transfer); (iii) Article 3 (Retention) now reflects statutory retention periods for transaction/payment/dispute records under the Act on Consumer Protection in Electronic Commerce. Refund/withdrawal terms are set out in the separate Refund Policy.
Change effective June 10, 2026: clarifies the relationship between the Free plan's older-content viewing limit and the retention period — older Sand Tray content beyond the Free-plan window may be hidden from view but is not deleted and remains retained under Article 3.
Change effective June 8, 2026: subscription and Reflection-Session usage records (plan, billing cycle, session balances and transaction ledger, admin operational notes) added to the processed-items and retention sections. No payment or card data is collected as of this effective date.
Contact: contact@madang.im · https://madang.im

Terms of Service

These Terms of Service ("Terms") govern the relationship between madang (madang.im, the "Company") and registered users ("Members") regarding the Company's Sand Tray Therapy-inspired digital service ("Service"). By accepting these Terms, you agree to be bound by them. The Korean version above is authoritative in case of any conflict.

Chapter 1 — General Provisions

Article 1 — Purpose

These Terms govern the conditions and procedures for using the Service, the rights, obligations, and responsibilities between the Company and Members, and other necessary matters.

Article 2 — Definitions

1. "Service" means all digital tools provided by the Company via madang.im and related subdomains, inspired by Sand Tray Therapy.
2. "Member" means a person who agrees to these Terms and registers per the Company's procedures.
3. "Client" means a Member who creates and manages their own sand tray sessions.
4. "Consultant" means a Member granted permission by an administrator to view sessions of assigned Clients. The "consultant" label is an operational role only and does not certify qualifications under Korea's Medical Act or Mental Health Act.
5. "Admin" means a person designated by the Company with operational authority.
6. "Session Content" means the sand tray data (height field, figure placement, metadata) created by a Member.
7. "Third-party Auth" means OAuth/OIDC providers (Google, Naver, etc.) used for sign-in.
8. "AI Service" means the image-generation and text-analysis features the Company makes available by entrustment to external AI providers (Alibaba Cloud's DashScope / wan2.7-image, OpenAI's gpt-image-1 and gpt-4o family, etc.).
9. "World" means the landscape image returned by the AI Service when a Member directly invokes [Generate] on their session.
10. "Analysis" means the symbolic, reflective (non-clinical) interpretation text returned by the AI Service when a Member directly invokes [Generate Analysis] on their session data. Analysis is not a medical or psychological diagnosis or treatment and does not replace consultation with a qualified professional.
11. "AI Output" means any output of the AI Service, including the World image, the Analysis text, and figure-library images.
12. "Reflection Session" means an in-service allowance for using certain AI features (World generation, Analysis generation). One session is consumed the first time a Member generates any AI output (image or analysis) for a given Madang; for that same Madang, the Analysis and one World-image regeneration are then included at no additional charge (a second image regeneration is not permitted). Sessions are held in included (monthly), purchased, and bonus categories, have no cash value, and are non-refundable (the Company may restore sessions where a feature failed due to the Company's fault). Details of sessions and subscriptions are set out in Article 13-5.
13. "Subscription Plan" means a tier (Free / Standard / Pro / Complimentary) that grants a Member a set number of included sessions and related features each billing cycle.
14. "Session Pack" means a one-time purchasable bundle of sessions a Member may hold in addition to included sessions.

Article 3 — Posting and amendments

The Company will post these Terms within the Service. The Company may amend these Terms within the limits of applicable laws including the Act on the Regulation of Terms and Conditions, the ICN Act, and PIPA. Material amendments will be announced at least 7 days in advance (30 days for changes unfavorable to Members). Failure to object within the notice period is deemed consent.

Article 4 — Interpretation

Matters not specified herein are governed by applicable laws, the Company's operational policies, and general business practice.

Chapter 2 — Registration and Account Management

Article 5 — Formation of contract

A use contract is formed when an applicant agrees to these Terms and the Privacy Policy, applies per the Company's procedures, and the Company accepts the application. Registration may be refused or revoked for applicants under 14, those using stolen identities or false information, or those who have engaged in prohibited conduct.

Article 6 — Member information and username (handle)

The handle is selected once at signup and is generally non-changeable. Handles must be 3-30 characters; lowercase letters, digits, hyphen, underscore only; not reserved; not infringing others' rights; not contrary to public order. Members are responsible for the security of their accounts and authentication credentials.

Article 7 — Withdrawal and account loss

Members may withdraw at any time via Account menu → Delete Account. All Session Content, drafts, handles, and account info will be permanently erased per these Terms and the Privacy Policy. The Company may restrict, suspend, or terminate accounts (with prior notice except in urgent cases) for false registration, prohibited conduct, abuse of other Members, or violation of these Terms or applicable laws.

Chapter 3 — Use of the Service

Article 8 — Provision of the Service

The Company provides sand tray session creation/editing/saving, figure placement, autosave/recovery, consultant-client viewing when admin-assigned, and — only when directly invoked by the Member — the AI Service (World generation) per Chapter 4-2 below. The Service is intended to operate 24/7 but may be temporarily suspended for maintenance, force majeure, third-party outages (AWS, Alibaba Cloud, OpenAI, OAuth providers), or other reasonable cause. The Service is currently provided free of charge; any future paid features will require separate consent.

Article 9 — Changes and termination

The Company may modify or discontinue the Service. If discontinued, the Company will provide at least 30 days' advance notice via in-app announcement or registered email, and reasonable means to export Session Content.

Article 10 — Notices

The Company may notify Members via in-app announcements, email, or other registered contact. Notice to all Members may be given by posting in the Service for at least 7 days.

Chapter 4 — Medical Disclaimer (Critical)

Article 11 — Nature of the Service

1. The Service is an expressive, educational, and self-exploration digital tool inspired by Sand Tray Therapy. It does not constitute medical practice, clinical diagnosis, psychotherapy, counseling, psychiatric evaluation, or any medical or therapeutic act, and does not substitute for any of them.
2. Session Content is not clinical material and cannot be used as a basis for diagnosis, prognosis, or treatment planning.
3. The "consultant" label within the Service is an operational role only. It does not certify or confer qualifications as a medical practitioner, mental health professional, or any other licensed role under Korean law. No doctor-patient or consultant-client legal relationship is formed between Members and "consultants" within the Service.

Article 12 — Medical disclaimer and use precautions

1. Members acknowledge and agree that the Service does not warrant any medical or therapeutic effect.
2. If you have any mental health concerns, you must consult a qualified medical professional (physician, clinical psychologist, mental health professional, etc.). Use of the Service must not delay or replace such professional help.
3. The Company is not liable for any mental or physical harm arising from or alleged to arise from the use of the Service, except where Company gross negligence or willful misconduct is established under Article 750 of the Korean Civil Act.

Article 13 — Crisis resources

If you are experiencing thoughts of self-harm or suicide, or a psychological emergency, please contact the following resources immediately before using this Service. This Service is not a crisis intervention tool.

• Korea Suicide Prevention Counseling: 1393 (24h)
• Mental Health Crisis Counseling: 1577-0199 (24h)
• Youth Cyber Counseling: 1388
• Women's Emergency Line: 1366
• Emergency: 119

Chapter 4-2 — AI-Driven Features

Article 13-2 — Nature and intrinsic limitations of the AI Service

1. The AI Service consists of:
   • World generation: combines a Member's finished session with a Company-defined text prompt and submits the result to an external AI provider, which returns a landscape image.
   • Analysis generation: combines a Member's finished session data (figure names/positions, etc.), the generated world image (if any), and any demographics the Member entered in Profile (age/gender/nationality, only if provided) with a Company-defined prompt and submits them to an external AI provider, which returns a symbolic, reflective (non-clinical) interpretation text.
   • Figure-library image generation (admin-only).
2. AI Outputs are model outputs of external AI providers and have the following intrinsic characteristics, which are outside the Company's control:
   • Non-deterministic — the same input may produce different results.
   • Content moderation — external providers may review and refuse inputs per their own policies. The Company's only responsibility on refusal is to surface the error to the Member.
   • No warranty of quality or intent-match — the Company does not warrant accuracy, aesthetic quality, fitness for any particular purpose, or that the output matches the Member's intent.
   • Dependence on external provider policies — external providers may retain or log inputs/outputs per their own policies and applicable law.
3. Consistent with Article 11, AI Outputs have no medical or therapeutic effect and cannot be used as clinical material.
4. The interpretations, symbolic observations, and feedback contained in AI Outputs (particularly the Analysis text) are intended solely as supportive aids for the Member's self-understanding and reflection.
   • They are not medical diagnoses, psychological evaluations, legal judgments, predictions of the future, or statements of objective fact.
   • The meaning of any symbol may vary with the Member's personal experience, emotional state, cultural background, relationships, and life context; the Service does not assign any symbol a single or definitive meaning.
   • The Member is free to accept, re-interpret, or set aside an AI Output based on their own judgment and circumstances. The Company is not liable for any decision the Member makes in reliance on an AI Output.

Article 13-3 — Rights to and use of AI Outputs

1. For AI Outputs generated by a Member's [Generate] or [Generate Analysis] invocation on their own session (i.e., the World image and the Analysis text), the Company grants the Member a non-exclusive, non-transferable, royalty-free license to:
   • Use the AI Output for personal, non-commercial purposes;
   • View, download, and locally store the AI Output within and outside their session.
2. Under current Korean copyright law, images generated automatically by AI without human creative contribution may not qualify as copyrightable works under Article 2(1) of the Copyright Act. The Company makes no representation as to copyright ownership in AI Outputs, whether by the Company or the Member. Any third-party sharing, posting, or commercial use of an AI Output by the Member is the Member's sole responsibility, including compliance with the external AI provider's terms, the Copyright Act, the Unfair Competition Prevention and Trade Secret Protection Act, and other applicable laws.
3. The Member acknowledges that AI Outputs may incidentally resemble third parties (public or otherwise), trademarks, or copyrighted works due to the training data of the external AI model. The Company is not liable for disputes arising from such incidental resemblance.
4. If the Member deletes the AI Output from their session, deletes the session, or withdraws their account, the Company immediately and permanently erases the AI Output and loses all rights to use it.
5. The Company may retain pseudonymized/anonymized copies or summary metadata of AI Outputs (e.g., generation timestamp, Member identifier, AI-provider identifier) for operational, statistical, or service-improvement purposes, but will not use identifiable Member content for marketing, advertising, or external publication.

Article 13-4 — Limits on AI feature use and prohibited conduct

1. The Company may restrict, suspend, or terminate any or all AI features at any time without prior notice for reasons including but not limited to external AI provider API limits, cost, policy changes, or operational/technical necessity. World generation and Analysis generation may be limited by the Reflection-Session mechanism defined in Article 2. These may be revised within reasonable bounds with prior notice.
2. The Member must not attempt to generate, via the AI feature, content that:
   • Is sexual, violent, hateful, discriminatory, depicts child sexual abuse, or is similarly objectionable;
   • Defames a specific individual or invades their privacy;
   • Infringes any third party's copyright, trademark, image rights, publicity rights, or other intellectual or personal rights;
   • Violates the external AI provider's terms or content policies;
   • Violates any applicable law or public order.
3. If an external AI provider restricts or suspends the Company's or its Members' API usage, the Company cannot modify that decision and is not liable for resulting losses. If a Member's violation of paragraph 2 above triggers such a restriction, the Member bears the responsibility and the Company may restrict the Member's use of the Service.
4. The Company is not liable for any dispute, claim, or loss arising from a Member's distribution or use of an AI Output outside the Service. If a violation of paragraph 2 above causes loss to the Company or to a third party, the Member is liable per Article 19-2 (Member Indemnification).

Article 13-5 — Subscriptions and Reflection Sessions

1. Consumption. One Reflection Session is consumed the first time a Member generates any AI Output (World image or Analysis) for a given Madang. For that same Madang, the Analysis and one World-image regeneration are then included at no additional charge; a second image regeneration for that Madang is not permitted (admin accounts excepted). No session is consumed if generation fails.
2. Session categories:
   • Included (monthly): granted each billing cycle according to the Member's Subscription Plan. On cycle renewal, unused included sessions are forfeited and replenished to the plan amount; they do not roll over.
   • Purchased: sessions held via a Session Pack or similar, which remain available until used.
   • Bonus: granted via promotions, beta testing, compensation, or administrative action, and may carry an expiry set by the Company.
3. Consumption order. Sessions are consumed in the order Included (monthly) → Bonus → Purchased. The Company may change this order within reasonable bounds with prior notice.
4. Subscription Plans. The Company offers plans including Free, Standard, Pro, and Complimentary. Each plan's monthly included-session count and features are posted on the in-service "Plans" page. The Complimentary plan is not available for direct purchase and is granted at the Company's discretion.
5. Free plan limits. The Free plan provides a limited number of included sessions per cycle (one per month as of the effective date) and lets the Member view only finished Madang created within approximately the most recent one month. Older finished-Madang content beyond that window is retained (not deleted) and becomes viewable again if the Member moves to a paid plan (this is a viewing-access limit only and does not affect the retention period under Article 3 of the Privacy Policy). Current per-plan amounts and limits are posted on the in-service "Plans" page.
6. Billing cycle and renewal. Subscriptions run on a billing cycle of approximately 30 days; included sessions are replenished to the plan amount at the start of each cycle.
7. Plan changes and cancellation. An upgrade may take effect immediately; a downgrade or cancellation takes effect at the end of the current billing cycle. The Member keeps their current plan and remaining included sessions until that cycle ends.
8. Paid billing and Merchant of Record. Payment for paid plans and Session Packs is processed by Paddle.com Market Limited ("Paddle") as Merchant of Record. As Merchant of Record for the transaction, Paddle handles payment-method processing, billing/invoicing, the calculation, collection and remittance of taxes (VAT/sales tax), fraud prevention, and refund processing. Payment-method details you enter at checkout are processed by Paddle; the Company does not collect or store your card/payment-account details. Paddle's Buyer Terms may also apply to your purchase.
9. Pricing. Prices are shown in US dollars (USD) and, as of the effective date, are: Free $0; Standard $9.99/month; Pro $24.99/month; Session Packs: 5 sessions $9.99 / 15 sessions $24.99 / 40 sessions $59.99. The Complimentary plan is not available for direct purchase. The actual amount charged, currency, and taxes may vary by your region at Paddle checkout; current prices are posted on the in-service "Plans" page. The Company may change prices; changes unfavorable to existing Members are notified in advance and apply from the next billing cycle.
10. Automatic renewal and cancellation. Subscriptions renew and are charged automatically each billing cycle through Paddle until you cancel. You may cancel at any time; on cancellation you keep access until the end of the current billing cycle and are not charged thereafter. You are responsible for keeping your payment method and account secure (including to prevent purchases by minors).
11. Refunds and withdrawal. Refunds and withdrawal are governed by the Refund Policy, which forms part of these Terms. As a general rule all purchases are final; refunds are provided only for non-delivery of the service due to the Company's or Paddle's fault, duplicate charges, fraudulent/unauthorized charges, and where required by mandatory consumer-protection law. Refunds are processed by Paddle to the original payment method. See the Refund Policy for details.
12. Nature of sessions. Reflection Sessions are an in-service allowance with no cash value and are non-refundable, except as required by law or where a feature was not provided due to the Company's fault; specific refund criteria follow the Refund Policy.

Chapter 5 — Member Obligations

Article 14 — Company obligations

The Company will not engage in prohibited or improper conduct, will provide the Service stably, will maintain security systems for personal information protection, and will respond promptly to legitimate complaints.

Article 15 — Member obligations and prohibited conduct

Members must comply with these Terms, applicable laws, and operational policies, and must not interfere with Company operations. Prohibited acts include: false registration; identity/credential theft; unauthorized modification of Company information; transmission of malicious content; infringing IP rights; defaming the Company or third parties; obscene or violent content; commercial use without consent; reverse engineering, automated scraping, abnormal traffic; any unlawful or immoral act. Violators are liable for resulting damages.

Chapter 6 — Member Content and Intellectual Property

Article 16 — Member-created content

1. Members retain copyright and all IP rights in their Session Content.
2. Members grant the Company a free, non-exclusive, limited license to use Session Content solely as needed to:
   • Provide the Service (cloud storage, browser delivery);
   • Display content to admin-assigned consultants;
   • Use for statistics or research after pseudonymization or anonymization, with the Member's explicit consent only;
   • Entrust processing to an external AI provider, only when the Member directly invokes [Generate] or [Generate Analysis], per Article 13-2 and Article 10-2 of the Privacy Policy.
3. The Company will not use Session Content for marketing, advertising, public disclosure, or transfer to third parties beyond the entrustment and international-transfer scopes set out in the Privacy Policy.
4. Consultant Members are bound by a duty of confidentiality regarding any Session Content (and any AI Outputs derived from it) that they may view. Consultants must not disclose such information to third parties or use it beyond the scope of their assignment. Violation will result in immediate revocation of consultant permissions and may give rise to direct liability of the Member.
5. On account deletion or session deletion, the Company immediately and permanently erases the Session Content and any derived AI Outputs and loses all rights to use them.

Article 17 — Rights to the Service

All software, code, design, text, graphics, logos, trademarks, icons, interfaces, database structures, and other content in the Service ("Service Content") are owned by the Company or its licensors. Members may not copy, modify, redistribute, reverse engineer, or commercially exploit Service Content without the Company's prior written consent.

Chapter 7 — Disclaimer and Limitation of Liability

Article 18 — Disclaimers

The Company is not liable for: force majeure (natural disasters, war, terrorism, power/network outages); failures, policy changes, or service termination by external cloud providers (AWS, Alibaba Cloud, OpenAI) or Auth providers; Member fault; the accuracy or reliability of Member content; disputes between Members or with third parties; or free-tier usage (except where required by law). Statements or actions of "consultants" within the Service represent that individual's views, not the Company's. The Company is not liable for any decision by an external AI provider (content-moderation refusal, account/key suspension, accuracy/aesthetic/intent-match of outputs); these are outside the Company's control. The Company is not liable for any IP or defamation dispute arising from incidental resemblance between an AI Output and a third party (public or otherwise), trademark, or copyrighted work; Members must independently review such risk before using an AI Output outside the Service.

Article 19 — Limitation of liability

Except for damages caused by the Company's gross negligence or willful misconduct, the Company is not liable for special, indirect, consequential, or lost-profit damages. The Service is currently free; Members assume the risk of free use. For damages arising during the free-of-charge period due to the Company's gross negligence or willful misconduct, the Company's liability is limited to ordinary damages directly suffered by the Member, to the extent permitted by mandatory provisions of applicable law (including the Framework Act on Consumers and the Act on the Regulation of Terms and Conditions). Liability for any future paid features will be set out in a separate agreement.

Article 19-2 — Member indemnification

1. The Member is liable to the Company for damages (including reasonable attorneys' fees, mediation costs, and litigation costs) arising from:
   • The Member's violation of these Terms (particularly Articles 13-4 and 15) or applicable law;
   • An external AI provider's restriction, claim, or suspension against the Company resulting from the Member attempting to generate, via the AI feature, content described in Article 13-4(2);
   • Third-party claims against the Company arising from the Member's distribution or use of an AI Output or Session Content outside the Service;
   • The Member's negligent management of their account or credentials.
2. The Member's liability under this Article is proportionate to the Member's fault and is subject to comparative-fault offset under Article 396 of the Korean Civil Act.

Article 20 — Dispute resolution and governing law

Disputes will first be resolved through good-faith negotiation. Members may request mediation from the Personal Information Dispute Mediation Committee (1833-6972) or the Korea Consumer Agency. These Terms are governed by the laws of the Republic of Korea. Lawsuits between the Company and Members will be filed in the court of competent jurisdiction under Korean Civil Procedure; if the Member's address is unclear or the Member resides abroad, the Seoul Central District Court will have first-instance jurisdiction.

Article 20-2 — Severability

If any provision of these Terms is held invalid or unenforceable by a court of competent jurisdiction or competent administrative authority, the remaining provisions remain in full force and effect. The invalid provision shall be deemed replaced by a valid provision that most closely reflects the original intent.

Article 20-3 — Entire agreement

These Terms together with the Privacy Policy constitute the entire agreement between the Company and the Member regarding use of the Service and supersede all prior or contemporaneous express or implied agreements, oral undertakings, and writings between the Company and the Member. Policies separately notified by the Company (e.g., Privacy Policy, operational policies) form part of these Terms.

Supplementary Provisions

These Terms take effect on June 12, 2026. (Previous versions: June 10, 2026; June 8, 2026; June 3, 2026; May 28, 2026; May 16, 2026.)

Summary of changes effective June 12, 2026: paid billing goes live with Paddle.com Market Limited (Merchant of Record) as the payment processor. Article 13-5 (Subscriptions and Reflection Sessions) now adds (i) that payment is processed by Paddle and the Company does not store payment-method data; (ii) pricing (USD: Standard $9.99/mo, Pro $24.99/mo, Session Packs $9.99/$24.99/$59.99); (iii) automatic renewal and cancellation (access through the end of the current cycle, no charge thereafter); and (iv) that refunds/withdrawal are governed by the separate Refund Policy. A Refund Policy page is added and incorporated into these Terms.

Summary of changes effective June 10, 2026: adds a Free-plan limits clause to Article 13-5 (Subscriptions and Reflection Sessions). The Free plan provides a limited number of included sessions per cycle (one per month as of the effective date) and lets a Member view only finished Madang from approximately the most recent one month; older finished-Madang content beyond that window is retained (not deleted) and becomes viewable again on a paid plan — a viewing-access limit only that does not affect the retention period under Article 3 of the Privacy Policy.

Summary of changes effective June 8, 2026: reflects the Subscription Plan and Reflection-Session model. (i) Article 2 (Definitions) adds "Subscription Plan" and "Session Pack" and updates the Reflection Session definition (one free World-image regeneration per Madang included; a second is not permitted); (ii) new Article 13-5 (Subscriptions and Reflection Sessions) sets out the session categories (included / purchased / bonus), consumption order (included → bonus → purchased), Subscription Plans and billing cycle, plan changes and cancellation (downgrades/cancellations take effect at the end of the current cycle), and that paid checkout is forthcoming with separate payment terms and refund principles.

Summary of changes effective June 3, 2026: new paragraph (4) added to Article 13-2 (Nature and intrinsic limitations of the AI Service) clarifying the interpretive scope of AI Outputs (particularly the Analysis text). Specifically: (i) such interpretations, symbolic observations, and feedback are intended solely as supportive aids for self-understanding and reflection and are not medical, psychological, legal, predictive, or objective-fact statements; (ii) symbols may carry different meanings depending on the Member's personal experience, emotional state, culture, relationships, and life context, and the Service does not assign any symbol a single or definitive meaning; (iii) the Member retains full freedom to re-interpret or set aside any AI Output, and the Company is not liable for decisions made in reliance on AI Output.

Summary of changes effective May 16, 2026: new Chapter 4-2 on AI-driven features (Articles 13-2, 13-3, 13-4); new definitions in Article 2 (AI Service, World, AI Output); explicit AI-feature scope in Article 8; expanded license scope and consultant confidentiality in Article 16; expanded disclaimers in Article 18 covering external AI provider decisions and incidental resemblance; damages cap clarified in Article 19; new Article 19-2 (Member indemnification); new Article 20-2 (severability); new Article 20-3 (entire agreement).

Contact: contact@madang.im
Service Operator: madang (madang.im)
Data Protection Officer: madang Operations

Refund Policy

This Refund Policy governs refunds, cancellations, and withdrawal for paid Subscription Plans and Session Packs offered by madang (madang.im, the "Company"). It forms part of the Terms of Service, and terms defined there have the same meaning here. Paid billing is processed by Paddle.com Market Limited ("Paddle") as Merchant of Record.

Article 1 — Scope and Merchant of Record

1. This Policy applies to paid digital products the Company offers — paid Subscription Plans (Standard, Pro) and Session Packs. It does not apply to the Free plan or to sessions granted by an administrator at no charge.
2. Your purchase is handled by Paddle as Merchant of Record; billing/receipts, taxes, and payment and refund processing are carried out through Paddle. Paddle's Buyer Terms may also apply to your purchase.

Article 2 — Cancelling a subscription

1. Subscriptions renew and are charged automatically each billing cycle until you cancel.
2. You may cancel at any time. On cancellation you keep access to your plan until the end of the billing cycle you have already paid for, and you are not charged thereafter. Pro-rated refunds for an elapsed or in-progress cycle are not provided unless one of the exceptions in Article 3 applies.
3. You can cancel from the in-service "Plans" page, the subscription-management link in the receipt Paddle emails you, or by writing to contact@madang.im.

Article 3 — Refund principle

1. Purchases are final and non-refundable as a general rule. Refunds are, however, provided in the following cases:
   • the purchased service was not delivered, or was materially defective, due to the Company's or Paddle's fault;
   • a clear billing error such as a duplicate charge;
   • a fraudulent or unauthorized charge made without your consent;
   • where a non-waivable right of withdrawal or refund is granted to you by mandatory law (e.g., the Act on Consumer Protection in Electronic Commerce and other applicable consumer-protection law).
2. Nothing in this Policy limits any mandatory statutory rights you have under applicable law.

Article 4 — Digital content and Reflection Sessions

1. Reflection Sessions and AI Outputs (the World image, the Analysis) are digital content delivered and consumed immediately. Where you have begun using such content after purchase (e.g., a Reflection Session was consumed by generating the first AI Output for a given Madang), the right of withdrawal may be limited for the portion used, consistent with the Act on Consumer Protection in Electronic Commerce.
2. For divisible content such as a Session Pack, unused sessions may be refundable where an Article 3 ground applies; sessions already used (consumed) are non-refundable.
3. The Company discloses these withdrawal limitations before purchase, and your purchase constitutes agreement to them.

Article 5 — How to request a refund

1. Request a refund via the link in the receipt Paddle emails you, or by writing to contact@madang.im with your order/transaction id and the reason.
2. After reviewing your request, the Company will process a refund through Paddle where a ground for refund under this Policy or applicable law applies.

Article 6 — Processing and timing

1. Refunds are made through Paddle to your original payment method.
2. Once the Company approves a refund, Paddle's processing typically takes several business days; depending on your card issuer or payment provider, it may take additional time to appear on your statement.

Article 7 — Pricing, currency, and taxes

Prices are shown in US dollars (USD). The actual currency and amount charged, and any VAT/sales tax, may be determined and shown by Paddle at checkout based on your region. Refunds are processed on the same payment-method and currency basis.

Article 8 — Purchases by minors

If a minor made a purchase without the consent of a legal guardian, the Member or guardian may request cancellation of that purchase as provided by applicable law. You are responsible for keeping your payment method and account secure to prevent purchases by minors.

Article 9 — Contact

For refund questions or anything about this Policy, contact contact@madang.im or use Contact within the Service.

This Refund Policy is effective June 12, 2026.
Merchant of Record: Paddle.com Market Limited (seller details appear on your payment receipt)
Service Operator: madang (madang.im) · Contact: contact@madang.im