🔒 How MONOSTAGE - AI Coexistence Community Protects Your Data

Effective Date: November 15, 2025

Controller: MONOSTAGE Inc. (Republic of Korea)

Data Protection Officer: Taeyoon Lee / contact@monostage.com

Processor: Supabase (U.S.)

Storage Location: United States

1. Scope

Applies to all MONOSTAGE web and mobile services, integrations, and support channels.

Email address (for account creation and support).
Usage data (IP address, access logs, device information).
Age or age group: collected at sign-up to verify compliance with the minimum age requirement (14 years old) and to determine whether parental consent is required.
This information is stored in encrypted form and used only for eligibility verification, not for profiling or advertising.

We retain personal information only as long as necessary for the stated purposes.
When retention ends, we delete or irreversibly anonymize data without undue delay.
Encrypted backups may retain residual copies for up to 90 days solely for disaster-recovery and legal compliance before automatic deletion.

Data is stored on Supabase servers in the United States acting as our data processor.
Data in transit is protected by HTTPS/TLS. MONOSTAGE encrypts certain identifiers such as email addresses using the AES-256 standard before storing them in Supabase.
Encryption keys are securely managed on MONOSTAGE servers and never stored together with encrypted data.
When an account is deleted, keys associated with that user are permanently destroyed, making the encrypted information irrecoverable.
Public posts and comments are not end-to-end encrypted because they are intended for open discussion.

Personal data may be transferred to Supabase (U.S.) for hosting and database services.
Safeguards include contractual data-protection obligations and technical measures.
We will notify users if additional mechanisms or consents become necessary.

We do not sell personal information.
Service providers receive only the minimum data required to perform their tasks under confidential agreements.
Disclosure may occur only when legally required through proper process.

Upon account deletion, personal information is erased or anonymized unless longer retention is legally required.
Posts and comments from deleted accounts remain visible under the label "Deleted user" to preserve community discussions but are no longer personally identifiable.
A minimal hashed identifier (e.g., salted hash of email) may be retained for up to 180 days to prevent malicious re-registration and is then deleted.
We may continue to host or display anonymized user-generated content consistent with the Terms of Use.

You may request access, correction, deletion, processing suspension, or consent withdrawal via in-product settings or contact@monostage.com.
We will respond per law and explain if a request cannot be fulfilled.

To comply with Korean and international child protection laws, we ask users to confirm their age during registration.
If a user indicates they are under 14, account creation will be restricted until verified consent from a parent or legal guardian is provided.
If such data is found, it will be deleted promptly and further collection prevented.

We use only essential cookies for security and functionality.
Any analytics or marketing cookies, if introduced, will be opt-in where legally required.

We may update this Policy as laws or services change.
Material changes will be announced at least seven (7) days before taking effect with the effective date revised accordingly.