EMORA

Unleash Your Story. Immersive AI character conversations with memory, growth, and creativity.

Product

  • Explore
  • Market
  • Community
  • GEM Store
  • Pricing

Creators

  • Create Character
  • Creator Dashboard

Legal

  • Terms of Service
  • Privacy Policy
  • Refund Policy
  • GEM Policy
  • Cookie Policy
  • CA Privacy Rights
  • Community Guidelines
  • Specified Commercial Transactions
  • Report Abuse
  • Help Center

Business Information

  • Company: Toast Corporation
  • Representative: Ha Dong-ho
  • Reg. No.: 815-87-02930
  • Address: 24, Chungseon-ro 203beon-gil, Bupyeong-gu, Incheon, Republic of Korea, 3F Room 305-1
  • Contact: administrator@tryemora.com
  • Phone: +82-10-5170-5136
  • Industry: Information & Communications, Wholesale & Retail Trade
  • Business Lines: E-commerce retail, SNS market, computer system integration consulting & deployment, computer programming services, application software development & supply, system software development & supply

All characters are fictional AI. Content is purely imaginative and for entertainment purposes.

🔒Payments securely processed by Toss Payments Co., Ltd.
© 2026 EMORA AI. All rights reserved.

The English version of all legal documents on this site is legally binding. Translations are provided for convenience only.

Compliant with UK Online Safety Act 2025, EU DSA & AI Act Art. 50, Korea e-Commerce Law, Japan Tokushoho, Australia Online Safety Act. All AI-generated content is labelled per EU AI Act Article 50.

Home
Explore
Chat
My Page
GEM
EMORA
ExploreCommunityMarketCreateChatGroup Chat
Sign InGet Started
←Home

For legal inquiries: administrator@tryemora.com

Back

Privacy Policy

Last updated: May 2026

1. Introduction & Data Controller

EMORA AI operates this platform and acts as the data controller for all personal data processed through this service.

Contact: administrator@tryemora.com | DPO: administrator@tryemora.com Phone: +82-10-5170-5136.

By using EMORA AI, you acknowledge this Privacy Policy governs how we collect, use, and protect your information.

2. Data We Collect

  • Account: email address, username, hashed password, registration date
  • Profile: display name, avatar, bio, language preference
  • Usage: chat logs, characters interacted with, session activity, mission progress
  • Payment: billing details processed via Toss Payments Co., Ltd. (payment processing including cards, transfers, and mobile pay; card/account data held exclusively by Toss Payments — we do not store raw card data)
  • Technical: IP address, browser/device type, cookies, log data
  • Date of birth: collected to comply with COPPA (under-13) and GDPR-K (under-16 EEA) parental consent requirements (flag only, no document stored)
  • Communications: support emails, feedback submissions

3. Legal Basis for Processing (GDPR Art. 6)

  • Contract performance (Art. 6(1)(b)): operating your account, delivering services
  • Legitimate interests (Art. 6(1)(f)): fraud prevention, security, analytics, improving services
  • Legal obligation (Art. 6(1)(c)): tax records, law enforcement requests, safety obligations
  • Consent (Art. 6(1)(a)): optional features such as marketing communications

4. How We Use Your Data

  • Providing and maintaining the platform and its features
  • Processing payments and managing GEM balances
  • Personalising your experience (language, character recommendations)
  • Detecting fraud, abuse, and illegal content
  • Complying with legal and regulatory obligations
  • Communicating service updates, security notices, and support responses

5. Data Sharing & Disclosure

We do NOT sell, rent, or trade your personal data.

  • Toss Payments Co., Ltd.: payment processing (cards, transfers, mobile pay) and fraud prevention. Payment identifiers only (card/account data held exclusively by Toss Payments). Retention: 5 years per e-commerce law.
  • xAI / Grok: AI text and image generation (api.x.ai)
  • Vercel: hosting and edge delivery (United States)
  • Supabase / AWS Tokyo (ap-northeast-1): database and file storage
  • Law enforcement: when required by valid legal process
  • NCMEC / IWF: mandatory reporting of child sexual abuse material if detected

6. International Data Transfers

  • South Korea: primary development and operations
  • Japan / AWS Tokyo (ap-northeast-1): database and storage
  • United States / Vercel: hosting infrastructure
  • Transfers to countries outside the EEA are covered by Standard Contractual Clauses (SCCs) pursuant to GDPR Chapter V.

7. Data Retention

  • Account data: retained for the life of the account + 90-day grace period after deletion
  • Chat logs: 12 months from creation
  • Payment records: 7 years (tax and legal obligation)
  • Safety / moderation logs: 3 years
  • Encrypted backups: purged within 30 days of the original data deletion

8. Your Rights Under GDPR

EEA/UK residents may exercise the following rights. We respond within 30 days.

  • Access: request a copy of your personal data
  • Rectification: correct inaccurate or incomplete data
  • Erasure ('right to be forgotten'): request deletion where no overriding legal basis exists
  • Restriction: limit processing while a dispute is resolved
  • Portability: receive your data in a structured, machine-readable format
  • Object: oppose processing based on legitimate interests
  • Automated decisions: request human review of automated decisions that affect you
  • Lodge a complaint: contact your local Data Protection Authority
  • Email administrator@tryemora.com or administrator@tryemora.com to exercise your rights.

9. CCPA Rights (California Residents)

  • Know: request disclosure of the categories and specific pieces of data we collect
  • Opt-out of sale: N/A — we do not sell personal information
  • Deletion: request erasure of your personal information
  • Correction: request correction of inaccurate personal information
  • Non-discrimination: exercising your rights will not affect your access to services
  • Submit requests to: administrator@tryemora.com — we respond within 45 days

10. Korean Personal Information Protection Act (PIPA / 개인정보보호법)

  • Data controller (처리자): EMORA AI
  • Purpose of collection (수집 목적): account management, service delivery, legal compliance
  • Retention period (보유 기간): 90-day grace period following account closure, unless otherwise required by law
  • Users in South Korea may exercise rights under PIPA by contacting administrator@tryemora.com

10-A. Identity Verification via NICE (Korean Users)

To comply with the Korean Youth Protection Act (청소년보호법), users accessing mature content from the Republic of Korea are required to complete mobile identity and age verification through NICE평가정보(주) (NICE Information Service Co., Ltd.) CheckPlus service. The following personal data is processed solely for this purpose:

  • Data collected: Connection Information (CI / 연계정보), Duplicate Registration Information (DI / 중복가입확인정보), full name, date of birth, gender, nationality (domestic/foreign), mobile carrier — provided by NICE평가정보(주).
  • Purpose: Age verification under the Youth Protection Act (confirmation of age 19 or older), identity verification, and duplicate account prevention.
  • Third-party entrustment: Data processor — NICE평가정보(주) (NICE Information Service Co., Ltd.) | Processing task — mobile phone identity verification (CheckPlus). NICE평가정보(주) may not use the entrusted personal data beyond the scope of the entrusted task.
  • Retention: Until account deletion. Data required to be retained under applicable law (e.g., E-Commerce Consumer Protection Act) is retained for the period specified by such law.
  • Security: CI is stored as a SHA-256 hash; DI and other verification data are encrypted with AES-256. Access controls, access logs, and other security measures are maintained.
  • Verification data is never used for marketing, advertising, or sale to third parties.
  • For inquiries regarding identity verification data: administrator@tryemora.com

11. Cookies

  • Essential cookies: required for authentication and session management — cannot be disabled
  • Functional cookies: language preference, theme settings — optional
  • We do NOT use tracking cookies or third-party advertising cookies

12. Children's Privacy (COPPA / GDPR-K)

EMORA does not knowingly collect personal data from children under 13 years of age (or under 16 in the European Economic Area). If you are under 13 (or under 16 in the EEA), please do not use our service without verifiable parental consent. If we discover that we have collected personal data from a child below the applicable age threshold without parental consent, we will delete that data promptly. Parents or guardians may contact us at administrator@tryemora.com.

13. Security

  • Data in transit: TLS 1.2+ encryption
  • Data at rest: AES-256 encryption
  • Passwords: bcrypt hashing (never stored in plaintext)
  • Regular security reviews and penetration testing
  • Data breach notification: affected users and relevant authorities notified within 72 hours per GDPR Art. 33

14. Contact Us

  • General: administrator@tryemora.com
  • Privacy / GDPR: administrator@tryemora.com
  • Data Protection Officer: administrator@tryemora.com
  • Legal: administrator@tryemora.com
  • Safety / CSAM: administrator@tryemora.com
  • CCPA requests: administrator@tryemora.com

Last updated: May 2026. This Privacy Policy supersedes all prior versions.