From 523b03375528bb212a138a876c6fec0968a083e6 Mon Sep 17 00:00:00 2001
From: Ari Archer <ari@ari.lt>
Date: Thu, 28 Nov 2024 23:23:47 +0200
Subject: [PATCH] Update legal framework language, make policies clearer.

Signed-off-by: Ari Archer <ari@ari.lt>
---
 src/static/legal.sig   | Bin 566 -> 566 bytes
 src/static/legal.txt   |  50 ++++++++++++++---------------
 src/templates/legal.j2 |  70 +++++++++++++++++++++--------------------
 3 files changed, 61 insertions(+), 59 deletions(-)

diff --git a/src/static/legal.sig b/src/static/legal.sig
index 2b658e0888c6bdf3a95695a34159cfad0573fe40..2d22e7b266b9878b5ea8f575e6e101fa9097f9e5 100644
GIT binary patch
delta 541
zcmV+&0^<F)1hxc_B!Ayo0162Zr43t4S(^Bwo4gPIZp3@VaghfzR=o2E)N$W8!k@j6
z$cb)KVZ;7Eh(N}ruATD<M)dDzASsVVo%Y%g^_&uv0+lC2u$P4l<-LCFKqO-razJvJ
z^x2=Q7$@N6sI(qAsB{A8Kxz2c1Ts%?LbJkBl83Fu3P=U;vVXp5fL?vtS=hcbvL@>B
zT`~Q$#;~XT?JkoLWs;gnbe)M8T)@o+=z@`LW-7@Q#%!=M*S8#IH49cQr82#fq{e(p
z>6JQ^IU0JWS%}%w2k9JG>@Lh6Myh@(8s7P+i&TpCeQXO(HmgtFO>9VQqQvLH73<9Z
zoPC7llB%X{q<^|i+dg1_${6fx3d@RkWKoWcR9kx4L5O;d_pUYV?IOrd<|q19uZJww
zbxV1rnuby-j{{ZU1SOvi1m8M`UehQdk6Z7sM-=FT;mMJWEGrYKHGs9CUI=Tc@<$FE
zT4SWW`TOD9v29)hz%z+uE#xXE;@@#AHg=V>T70AQm48##{iKARR3#6vdpv|Hm$Vn3
zTE5C9fv$qvAK@hr{O|uPlIReI>dbSc>}C<K{(&l=N8(9keBqm$wdB=zKfA37z^hw>
zY|S6Zj~k<RUUJp4&lyp%fx7JxdI}T$`(-%Y6r2Rum|AQUZ_uv|1BIZjw1vP+nZ`jg
fKb?$5y%wRe+E01Qd{XJ;)C6phTTgqqj~WWXIN1>K

delta 541
zcmV+&0^<F)1hxc_B!Akw0162Zr43t4S(^BwCa4eqfDYT6VT3-A#BCoUHd!`yaO<2V
z%(tB2tL`<tL4m-c)*&`!OWVoS3Y&|Jd54p{E2Y{FLe&?b+oK0CZe1EL&srRxDFi~!
zQtsFqtiQC&r!CB^Ab97^f)N*?vZilE&&}i;nGjX|_2s}24}YaViUlgZ2!Ab{ZS!T>
z>fN)%mwNhG3vtsYPmDUldECu<c#&FhlQ*|$8x*npYP4mH49$!f01=(6G%bh{L-Sw`
z7G|h-9!l6O0_sBv&6_Tsw+{9E@L~#eqx2S}c?wL9q%w!38q4A~EMIP&!@f7#%jxgg
z-VRN^QHc)$ynkQ4ZN0xMUXZ#drJzY5xv^oll!KHvdCR*MhwFjO+KZ0UZL;(Qk2q&u
zxo2b!8}q^=O#2+gh<Z1sT8sk->Psk(&(><N&S~PB8Zx|AuMFN&@xb>8aWT3Xjx_3i
zn2AKTA5b80bA3F~mrq9W0Me=Ht_eq#ue$eX*6tNRYkwmxvD*4$FJMRDwoin2+Ttd5
zgN&jpm5pR+@^xlpZui->>)VQ$7sTv(MaRG26oLie`Y7(~&)hP9H!*rsKqFK_+?j9n
zmi+avc(XdcYo0cBZ1tdoVp%>G%+XIYInx~1K*0%$G{MZpkoRHp!=5|2+bx~Yn=Qs}
f8{Z(w?G^&a;)3tQc9<xiULI-XP^4_Su5a9x@!1cH

diff --git a/src/static/legal.txt b/src/static/legal.txt
index e8c92a7..3f292d4 100644
--- a/src/static/legal.txt
+++ b/src/static/legal.txt
@@ -1,10 +1,10 @@
-Legal information of Ari-web
+Legal framework of Ari-web
 
-This is the legal information of ari-web which covers topics such as logging policy, privacy policy, data control, data control compliance, as well as other legal aspects when it comes to using ari-web services. By using or requesting to use any ari-web services you agree to the legal framework outlined in this document, and agree to keep yourself updated with or without notice.
+This is the legal framework of Ari-web which covers topics such as logging policy, privacy policy, data control, data control compliance, as well as other legal aspects when it comes to using Ari-web services. By using or requesting to use any Ari-web services you agree to the legal framework outlined in this document, and agree to keep yourself updated with or without notice.
 
 This document serves as an agreement between you and Ari-web parties, regarding the use and management of Ari-web's services. It outlines the expectations, responsibilities, and limitations for both parties.
 
-    Visitor: 1625736
+    Visitor: 1625761
     Created at: 2024-11-25 (YYYY-MM-DD)
     Last updated: 2024-11-28 (YYYY-MM-DD)
     OpenPGP signature of this document by the Authoritative party's OpenPGP key: legal.sig (Note: Only the text content found in legal.txt was signed. Use that text-only static copy of this document to verify the signature.)
@@ -22,7 +22,7 @@ Full list of the parties involved:
         Fediverse: @ari@ak.ari.lt
         Contact form: https://ari.lt/#gb
         OpenPGP key ID: 4FAD63E936B305906A6C4894A50D5B4B599AF8A2
-    Ari-web Members
+    Ari-web Members , coppa
         Zayd (administrates and moderates Akkoma)
             IRC: zayd on libera.chat
             Session (not checked often): 05d790add6647a049f58ce81c80aacc476859880af911cad105cf34fb8757b8872
@@ -67,16 +67,16 @@ Full list of the parties involved:
             Email: jlajsek@gmail.com
             Website: https://cubiq.dev/
 
-Collectively, we are called Ari-web. You are an outside party using our free (libre and gratis) and open source services.
+Collectively, we are called Ari-web. You are an outside party using our free (Libre and Gratis) and open source services. Although, responsibility for Ari-web goes to the Authoritative party.
 
 # Liability Disclaimer
 
 Ari-web disclaims all liability for any damages, data loss, dissatisfaction, or any other legal liability. You, as an individual user, are solely responsible for your actions, their consequences, and protecting yourself as well as your privacy and security.
 
-In no event shall ari-web be liable for any indirect, special, incidental, or consequential damages related to your use of its services.
+In no event shall Ari-web be liable for any indirect, special, incidental, or consequential damages related to your use of its services.
 # Privacy and Data Protection
 
-Ari-web will make reasonable efforts to protect your privacy unless circumstances call for access termination, transfer, or limitation with or without notice, such as in cases of legal compliance or suspected misuse of services. Ari-web reserves the right to manage your access at its discretion.
+Ari-web will make reasonable efforts to protect your privacy unless circumstances call for access termination, transfer, or limitation with or without notice, such as in cases of legal compliance or suspected misuse of services. Ari-web reserves the right to manage your access at its discretion. We will report any violations of the law to the required authorities if needed with the information you have consented to be logged for genuine interest.
 # Modifications and Exceptions
 
 Ari-web reserves the right to modify these terms at any time without prior notice. Exceptions to these terms may be granted by the Authoritative party in writing with a digital signature, at their discretion.
@@ -96,11 +96,11 @@ Ari-web reserves the right to modify these terms at any time without prior notic
             ISP: HostHatch
             Hardware: 1 vCPU core, 1024 MB of RAM, 1000 GB of HDD storage + 20 GB NVMe storage, 2500 GB of network bandwidth.
             Purpose: Storing data
-            Access: Cut off from the rest of the internet except rate limited and strongly autheticated port 22 traffic for SSH.
+            Access: Cut off from the rest of the internet except rate limited and strongly authenticated port 22 traffic for SSH.
 
 # Transparency
 
-Ari-web is committed to providing the utmost transparency in its operations and services wherever possible. This commitment includes, but is not limited to, clear communication regarding the use of data, service functionality, and any changes to terms or policies. While Ari-web strives to maintain this level of transparency, it acknowledges that certain circumstances may limit the extent of disclosure. Users are encouraged to reach out with any questions or concerns regarding transparency in the services provided. Ari-web will do their best to notify of changes of ToS, but it is your responsibility to keep up with the changes.
+Ari-web is committed to providing the utmost transparency in its operations and services wherever possible. This commitment includes, but is not limited to, clear communication regarding the use of data, service functionality, and any changes to terms or policies. While Ari-web strives to maintain this level of transparency, it acknowledges that certain circumstances may limit the extent of disclosure. Users are encouraged to reach out with any questions or concerns regarding transparency in the services provided. Ari-web will do their best to notify of changes of the legal framework, but it is your responsibility to keep up with the changes.
 # Services
 
 This table lists all self-hosted software (semi-)open for the public that people are welcome to use.
@@ -139,13 +139,13 @@ Forgejo instance for kappach.at   Git forge instance of KappaChat - An extensibl
 
 Ari-web is committed to complying with the General Data Protection Regulation (GDPR) (as well as COPPA (Children's Online Privacy Protection Rule) if you live in the U.S.) and the Digital Millennium Copyright Act (DMCA).
 
-It adheres to the principles outlined in the GDPR, ensuring that all personal data is processed lawfully, fairly, and transparently. We collect and process personal data and logs only for specified, legitimate purposes and ensure that such data is accurate, up-to-date, and retained only as long as necessary for those purposes. Users have rights regarding their personal data, including access, rectification, and erasure, which we honor in accordance with GDPR requirements even for non-EU citizens. We believe that such freedom is an essential basic human right.
+It adheres to the principles outlined in the GDPR, ensuring that all personal data is processed lawfully, fairly, and transparently. We collect and process personal data and logs only for specified, legitimate purposes and ensure that such data is accurate, up-to-date, and retained only as long as necessary for those purposes. Users have rights regarding their personal data, including access, rectification, and erasure, which we honor in accordance with GDPR requirements even for non-EU citizens. We believe that such freedom is a basic human right.
 
 It also respects intellectual property rights and complies with the provisions of the DMCA. We have implemented procedures to address any claims of copyright infringement and provide a mechanism for copyright holders to report alleged infringements through contact by email. We take such claims seriously and will respond promptly to any notices of claimed infringement.
 
-If you notice any resource or action violating the law, GDPR, COPPA, or DMCA, contact the Authoritative party with all information and full paths and URLs/URIs of the violating content. Without sufficient information, the Authoritative party cannot do anything about the violations, so you may be requested for more information to be able to process your request.
+If you notice any resource or action violating the law, GDPR, COPPA, or DMCA, contact Ari-web with all information and full paths and URLs/URIs of the violating content. Without sufficient information, we cannot do anything about the violations, so you may be requested for more information to be able to process your request.
 
-By using our services, you acknowledge our commitment to these regulations and understand that we will take all necessary steps to ensure compliance with the law, GDPR, COPPA, and DMCA. Furthermore, you acknowledge that you are the age of digital consent to allow your data to be processed, or that your legal guardians have consented to your data being processed for non-commential uses, for instance, instant messaging or serving of posts to provide functionality to our provided services.
+By using our services, you acknowledge our commitment to these regulations and understand that we will take all necessary steps to ensure compliance with the law, GDPR, COPPA, and DMCA. Furthermore, you acknowledge that you are the age of digital consent and allow your data to be processed, or that your legal guardians have consented to your data being processed for non-commercial uses, for instance, instant messaging or serving of user-generated content to provide functionality to our provided services.
 
 Contact us for any violations, questions, or various other things by either Authoritative party's contacts or by:
 
@@ -157,29 +157,29 @@ Contact us for any violations, questions, or various other things by either Auth
 
 By using our services, you agree that any data you send to Ari-web servers to be processed, stored, logged, and served. We reserve to change these policies at any point for genuine interest which includes service functionality, moderation, administration, or allowing extra features with or without prior notice.
 
-You reserve the right to request mass data deletion of any data logged or stored, even if GDPR does not apply in your jurisdiction by simply sending a request to gdpr@ari.lt. Logs are mainly collected for moderation and service stability ensurance.
+You reserve the right to request mass data deletion of any data logged or stored by simply sending a request to bye@ari.lt. Logs are mainly collected for moderation and service stability insurance.
 Service   Logged information  Stored information  Notes
-All   Your IP address (logs are rotated every 64 days), access URI, authentication attempts, timestamp, response code, and parameters   Your IP address (temporarily for up to a week in-memory), all data you sent to be processed and expect it to be stored (such as comments, messages, files, ...), cookies  You are responsible for your own privacy by using client-side encryption. Data on Ari-web is mninimally processed, and even though we strive for best privacy and security, we place the responsibility of true privacy so only you see your data by using client-side encryption on you. (See OpenPGP). Your IP may be stored indefinitely if we notice large amount of potentially abusive traffic from you to block your IP address. Most logs are rotated every 64 days.
+All   Your IP address (logs are rotated every 64 days), access URI, authentication attempts, timestamp, response code, and parameters   Your IP address (temporarily for up to a week in-memory), all data you sent to be processed and expect it to be stored (such as comments, messages, files, ...), cookies  You are responsible for your own privacy by using client-side encryption. Data on Ari-web is minimally processed, and even though we strive for best privacy and security, we place the responsibility of true privacy so only you see your data by using client-side encryption on you. (See OpenPGP). Your IP may be stored indefinitely if we notice large amount of potentially abusive traffic from you to block your IP address. Most logs are rotated every 64 days.
 Computing (access to the server's compute resources)  Everything you do on the system is logged, including file access, login attempts, and resource usage as well as the normal logs as described above ("All").   Stored information is all information you may put on the server, which includes (but is not limited to) files, logs, software, and code. These assets will not be served unless you choose to serve them yourself, in which case, you should request the Authoritative party to allow you to use certain ports and for them to be open to the open internet. You are responsible for ensuring your own privacy and not compromising the security of the compute resources, although, it will and is monitored to ensure best practices are being followed.  You are responsible for managing your own resource usage without abusing them as well as adhering to Ari-web policies and initiating your own. You may not distribute or even read data or configuration that is not meant for you.
-Matrix (matrix.ari.lt)  Error reporting information with nonidenfiable or minimally idenfiable information.   All Matrix rooms and events as well as files to be stored, federated or not. Federates the aforementioned events to other servers out of our control due to the nature of the mash nature of the Matrix protocol.
+Matrix (matrix.ari.lt)  Error reporting information with nonindefinable or minimally identifiable information.  All Matrix rooms and events as well as files to be stored, federated or not. Federates the aforementioned events to other servers out of our control due to the nature of the mash nature of the Matrix protocol.
 XMPP/Jabber (ari.lt ports 5222, 5269, 5223, 5270, and 5281)   Client/server events (federated or not), including (but not limited to) connections and error reporting information.  All XMPP events and multi-user chats as well as files to be stored, federated or not.   XMPP has a unique way of storing various events, therefore, you are strongly encouraged to use private-only MUCs (multi-user chats) on muc.ari.lt with encryption with OMEMO or OpenPGP.
-Git forge (Forgejo at git.ari.lt)   Any events or actions taken by You on git Forge, including authenticating, creating repositories, organisations, using runners (actions), deleting repositories, commits, etc.  All repositories (private and public) and their data as well as metadata, user profile data, authentication data, prefrences, blocked users, avatars, descriptions, emails, organizations, etc.   Git forge is meant to store data like a versioned file store of sort (i.e. Git VCS), therefore, all you send there will be served, to public or not (depending on your prefrences).
-Email mailboxes of Ari-web email using Mailcow (mail.ari.lt)  All actions performed on email are agressively logged. This includes: Email subject, email headers, rSpamD scan result, ClamAV antivirus results, access and authentication of both email and web UI, sent and received mail, IP address spam statistics, mailbox spam statistics, email (and its body) spam statistics (fuzzy hashes and scores mainly). This ensures full stability and deliverability of the email server.   All data related to your email is stored. This includes: IP address, email body, attachments, headers, spam scores and metadata, email threads, WebUI accounts (and their associated data), etc.  Even though we try to ensure best security of emails as well as secure access and storage, you are responsible for ensuring your total privacy. We are NOT allowed to invade your privacy unless circumstances call for it, although, to be safe, we suggest public key encryption to be used. See Termination, Limitation, and Transfer for more details.
-Semi-managed email using custom domains using Mailcow (goes to mail.ari.lt)   All data related to email mailboxes is logged as described above. Although, email hosting with custom domains comes with its own caviates as well, for instance, you may be requested to add DMARC reports support to your domain. All administrator actions will also be logged and stored relating to your custom domain like login attempts, change of settings and rules as well as related events.   Mailbox information is stored as described above. Administrator information is stored similarly to mailbox WebUI accounts, including authentication information and various domain-related information such as logs and private keys (like DKIM).   You, as the domain administrator, are required to ensure best security practices when using Ari-web email and to not violate the described terms in this document. Your violation of these terms will be considered a breach, therefore, your access will be terminated with notice.
+Git forge (Forgejo at git.ari.lt)   Any events or actions taken by You on git Forge, including authenticating, creating repositories, organisations, using runners (actions), deleting repositories, commits, etc.  All repositories (private and public) and their data as well as metadata, user profile data, authentication data, preferences, blocked users, avatars, descriptions, emails, organizations, etc.  Git forge is meant to store data like a versioned file store of sort (i.e. Git VCS), therefore, all you send there will be served, to public or not (depending on your preferences).
+Email mailboxes of Ari-web email using Mailcow (mail.ari.lt)  All actions performed on email are logged. This includes: Email subject, email headers, rSpamD scan result, ClamAV antivirus results, access and authentication of both email and web UI, sent and received mail, IP address spam statistics, mailbox spam statistics, email (and its body) spam statistics (fuzzy hashes and scores mainly). This ensures full stability and deliverability of the email server.   All data related to your email is stored. This includes: IP address, email body, attachments, headers, spam scores and metadata, email threads, WebUI accounts (and their associated data), etc.  Even though we try to ensure best security of emails as well as secure access and storage, you are responsible for ensuring your total privacy. We are NOT allowed to invade your privacy unless circumstances call for it, although, to be safe, we suggest public key encryption to be used. See Termination, Limitation, and Transfer for more details.
+Semi-managed email using custom domains using Mailcow (goes to mail.ari.lt)   All data related to email mailboxes is logged as described above. Although, email hosting with custom domains comes with its own unique logging as well, for instance, you may be requested to add DMARC reports support to your domain. All administrator actions will also be logged and stored relating to your custom domain like login attempts, change of settings and rules as well as related events.   Mailbox information is stored as described above. Administrator information is stored similarly to mailbox WebUI accounts, including authentication information and various domain-related information such as logs and private keys (like DKIM).   You, as the domain administrator, are required to ensure best security practices when using Ari-web email and to not violate the described terms in this document. Your violation of these terms will be considered a breach, therefore, your access will be terminated with notice.
 PrivateBin (pb.ari.lt)  Logs your paste ID, although, does not log the private key used for encrypting the paste.   Encrypted paste information is stored on the paste as sent by the client.   When reporting a paste for violating content, please provide us with as much information as possible about the paste, including its ID and private key (all in the URL, which you can just supply to us).
-RoundCube webmail (rc.ari.lt)   Logs error information.   Stores your sessions as well as your password in an encrypted format as well as user prefrences, identities, and other related webmail data.
+RoundCube webmail (rc.ari.lt)   Logs error information.   Stores your sessions as well as your password in an encrypted format as well as user preferences, identities, and other related webmail data.
 Matrix clients (schildi.ari.lt and cinny.ari.lt)      All data and processing happens client-side.
-Akkoma/fediverse instance (ak.ari.lt)   All actions taken by administrators are logged as well as errors / warnings / faults related to various parts of the applications.  Stores all data sent to the server, federated or not, such as user-generated content (posts, dms), descriptions, content warnings, avatars, alt texts, interractions, tags, avatars, uploads, etc. and federates them to other servers out of our control due to the nature of the mash nature of the ActivityPub protocol.
+Akkoma/fediverse instance (ak.ari.lt)   All actions taken by administrators are logged as well as errors / warnings / faults related to various parts of the applications.  Stores all data sent to the server, federated or not, such as user-generated content (posts, DMs), descriptions, content warnings, avatars, alt texts, interactions, tags, avatars, uploads, etc. and federates them to other servers out of our control due to the nature of the mesh nature of the ActivityPub protocol.
 # Service availability
 
-Ari-web tries to provide the best uptime, although, there is zero guarantee on any sort of service availability in percentage. You get what you get essentially. Although, expect minor downtime monthly or bimonthly for maintenence tasks such as a maintenence reboot or a configuration change. This assumption is not to be construed as a guarantee.
+Ari-web tries to provide the best uptime, although, there is zero guarantee on any sort of service availability in percentage. You get what you get essentially. Although, expect minor downtime monthly or bimonthly for maintenance tasks such as a maintenance reboot or a configuration change. This assumption is not to be construed as a guarantee.
 
 Ari-web disclaims any liability for service interruptions or downtime, and users acknowledge that they are using the services at their own risk.
 # Termination, Limitation, and Transfer
 
 Ari-web reserves the right to terminate, limit, or transfer services, infrastructure, or general access in certain circumstances, as outlined below:
 
-Termination or Limitation of Services: ari-web may terminate or limit services if Ari-web deems the service too difficult to control or moderate, or if a constant pattern of violations or one extreme and severe violation is detected. For individuals, services may be terminated without notice if they continue to violate the terms of service or engage in behaviour that Ari-web considers unacceptable. Such decisions will be based on the outlines in this document as well as Ari-web interpretation of this document and their own discretion.
+Termination or Limitation of Services: Ari-web may terminate or limit services if Ari-web deems the service too difficult to control or moderate, or if a constant pattern of violations or one extreme and severe violation is detected. For individuals, services may be terminated without notice if they continue to violate the terms of service or engage in behaviour that Ari-web considers unacceptable. Such decisions will be based on the outlines in this document as well as Ari-web interpretation of this document and their own discretion.
 
 Transfer of Services: Ari-web will only transfer access to services in two scenarios:
 
@@ -191,7 +191,7 @@ In both cases, the Authoritative party reserves the right to make the final dete
 Users acknowledge and agree that the Authoritative party's decisions regarding service termination, limitation, and transfer are final and not subject to appeal or legal action.
 # Governing law
 
-Ari-web and its services are subject to international laws as well as the laws of the United States of America, Lithuania, and Sweden. Users acknowledge that these jurisdictions govern the use of ari-web services and any disputes that may arise in connection with them. This statement is intended to clarify the legal framework applicable to the services offered by ari-web and does not create any binding obligations beyond this acknowledgment.
+Ari-web and its services are subject to international laws as well as the laws of the United States of America, Lithuania, and Sweden. Users acknowledge that these jurisdictions govern the use of Ari-web services and any disputes that may arise in connection with them. This statement is intended to clarify the legal framework applicable to the services offered by Ari-web and does not create any binding obligations beyond this acknowledgment.
 
 We are also subject to the terms of HostHatch which you can read at:
 
@@ -201,7 +201,7 @@ We are also subject to the terms of HostHatch which you can read at:
 
 # Affiliations
 
-Any member (volunteer) considered an Ari-web member (volunteer) is affiliated with Ari-web in a way where they are related and working on making Ari-web a better place for everyone at their own discretion. Furthermore, Ari-web as a non-legally-formed organization of individuals, cannot be affiliated with any legal entities. Affiliations are handled by the Authoritative party inidividually, and all benifits from that affiliation will be used at the Authoritative party's discretion whether it be by using it to support Ari-web, other projects, or for personal use.
+Any member (volunteer) considered an Ari-web member (volunteer) is affiliated with Ari-web in a way where they are related and working on making Ari-web a better place for everyone at their own discretion. Furthermore, Ari-web as a non-legally-formed organization of individuals, cannot be affiliated with any legal entities. Affiliations are handled by the Authoritative party individually, and all benefits from that affiliation will be used at the Authoritative party's discretion whether it be by using it to support Ari-web, other projects, or for personal use.
 
 All affiliate content on Ari-web share a part of the Ari-web license set, which usually includes copyright to the Authoritative party provided by licenses such as MIT, GPL, AGPL, BSD, or CC-BY-SA, or no copyright at all as provided by public domain licenses such as Unlicense, CC0, or WTFPL. Ari-web shalt never produce proprietary assets licensed under a proprietary license with greatly restricts others' ability to copy, modify, publish, use, compile, or distribute parts or full of it in source code form.
 # Data scraping
@@ -223,7 +223,7 @@ Ari-web is fully funded by the Authoritative party and volunteer donations by Cr
 
 Nobody shall ever, unless a change of status in Ari-web, be forced to pay for a publicly available service to use it unless it is by their own discretion through direct (monetary, which are logged in a public donation log) or indirect (code and help) donations.
 
-Ari-web, as a project almost exclussively out of the Authoritative party's pocket, costs as follows:
+Ari-web, as a project almost exclusively out of the Authoritative party's pocket, costs as follows:
 Purpose   Payment model   Annual cost
 Processing server 0 (mail.ari.lt)   Quarterly ($45/qr)  $180
 Storage server 0 (cdn.ari.lt)   Quarterly ($15/qr)  $60
diff --git a/src/templates/legal.j2 b/src/templates/legal.j2
index b860dfb..6e58e04 100644
--- a/src/templates/legal.j2
+++ b/src/templates/legal.j2
@@ -2,9 +2,9 @@
 
 {% block title %}Legal{% endblock %}
 
-{% block description %}Legal information of ari-web.{% endblock %}
+{% block description %}Legal framework of Ari-web.{% endblock %}
 
-{% block keywords %}ari::web, services, foss services, homepage, portfolio, resume, matrix, says, https, email, guestbook, legal, privacy policy, privacy, logging, gdpr, dmca, anti-ai policies{% endblock %}
+{% block keywords %}ari::web, services, foss services, homepage, portfolio, resume, matrix, says, https, email, guestbook, legal, privacy policy, privacy, logging, gdpr, dmca, anti-ai policies, coppa{% endblock %}
 
 {% block head %}
 <link rel="stylesheet" href="{{ url_for("static", filename="fonts/Hack.css") }}" type="text/css" referrerpolicy="no-referrer" />
@@ -42,14 +42,14 @@
 {% endblock %}
 
 {% block header %}
-<h1>Legal information of Ari-web</h1>
+<h1>Legal framework of Ari-web</h1>
 {% endblock %}
 
 {% block main %}
 <p>
-    This is the legal information of ari-web which covers topics such as logging policy,
+    This is the legal framework of Ari-web which covers topics such as logging policy,
     privacy policy, data control, data control compliance, as well as other legal aspects
-    when it comes to using ari-web services. By using or requesting to use any ari-web services
+    when it comes to using Ari-web services. By using or requesting to use any Ari-web services
     you agree to the legal framework outlined in this document, and agree to keep yourself updated
     with or without notice.
 </p>
@@ -99,7 +99,7 @@
     </li>
 
     <li>
-        Ari-web Members
+        Ari-web Members                                                                                                                                                                                , coppa
 
         <ul>
             <li>
@@ -196,7 +196,8 @@
 </ul>
 
 <p>
-    Collectively, we are called <b>Ari-web</b>. You are an outside party using our free (libre and gratis) and open source services.
+    Collectively, we are called <b>Ari-web</b>. You are an outside party using our free (Libre and Gratis) and open source services.
+    Although, responsibility for Ari-web goes to the Authoritative party.
 <p>
 
 <h2 id="liability"><a href="#liability">#</a> Liability Disclaimer</h2>
@@ -208,7 +209,7 @@
 </p>
 
 <p>
-    In no event shall ari-web be liable for any indirect, special, incidental, or consequential damages related to your
+    In no event shall Ari-web be liable for any indirect, special, incidental, or consequential damages related to your
     use of its services.
 </p>
 
@@ -217,7 +218,8 @@
 <p>
     Ari-web will make reasonable efforts to protect your privacy unless circumstances call for access termination,
     transfer, or limitation with or without notice, such as in cases of legal compliance or suspected misuse of services.
-    Ari-web reserves the right to manage your access at its discretion.
+    Ari-web reserves the right to manage your access at its discretion. We will report any violations of the law to the
+    required authorities if needed with the information you have consented to be logged for genuine interest.
 </p>
 
 <h2 id="modification"><a href="#privacy">#</a> Modifications and Exceptions</h2>
@@ -258,7 +260,7 @@
                 <li>ISP: HostHatch</li>
                 <li>Hardware: 1 vCPU core, 1024 MB of RAM, 1000 GB of HDD storage + 20 GB NVMe storage, 2500 GB of network bandwidth.</li>
                 <li>Purpose: Storing data</li>
-                <li>Access: Cut off from the rest of the internet except rate limited and strongly autheticated port 22 traffic for SSH.</li>
+                <li>Access: Cut off from the rest of the internet except rate limited and strongly authenticated port 22 traffic for SSH.</li>
             </ul>
         </ul>
     </li>
@@ -272,7 +274,7 @@
     any changes to terms or policies. While Ari-web strives to maintain this level of transparency,
     it acknowledges that certain circumstances may limit the extent of disclosure. Users are encouraged to reach out with any
     questions or concerns regarding transparency in the services provided. Ari-web will do their best to notify of changes
-    of ToS, but it is your responsibility to keep up with the changes.
+    of the legal framework, but it is your responsibility to keep up with the changes.
 </p>
 
 <h2 id="services"><a href="#services">#</a> Services</h2>
@@ -378,7 +380,7 @@
     We collect and process personal data and logs only for specified, legitimate purposes and ensure that such data is accurate, up-to-date, and
     retained only as long as necessary for those purposes. Users have rights regarding their personal data, including access,
     rectification, and erasure, which we honor in accordance with GDPR requirements even for non-EU citizens. We believe that such freedom
-    is an essential basic human right.
+    is a basic human right.
 </p>
 
 <p>
@@ -388,15 +390,16 @@
 </p>
 
 <p>
-    If you notice any resource or action violating the law, GDPR, COPPA, or DMCA, contact the Authoritative party with all information and
-    full paths and URLs/URIs of the violating content. Without sufficient information, the Authoritative party cannot do anything about
+    If you notice any resource or action violating the law, GDPR, COPPA, or DMCA, contact Ari-web with all information and
+    full paths and URLs/URIs of the violating content. Without sufficient information, we cannot do anything about
     the violations, so you may be requested for more information to be able to process your request.
 </p>
 
 <p>
-    By using our services, you acknowledge our commitment to these regulations and understand that we will take all necessary steps to ensure compliance with the law, GDPR, COPPA, and DMCA.
-    Furthermore, you acknowledge that you are the age of digital consent to allow your data to be processed, or that your legal guardians have consented to your data being processed
-    for non-commential uses, for instance, instant messaging or serving of posts to provide functionality to our provided services.
+    By using our services, you acknowledge our commitment to these regulations and understand that we will take all necessary steps to ensure
+    compliance with the law, GDPR, COPPA, and DMCA. Furthermore, you acknowledge that you are the age of digital consent and allow your data to be processed,
+    or that your legal guardians have consented to your data being processed for non-commercial uses, for instance, instant messaging or serving of
+    user-generated content to provide functionality to our provided services.
 </p>
 
 <p>
@@ -418,9 +421,8 @@
 </p>
 
 <p>
-    You reserve the right to request mass data deletion of any data logged or stored, even if GDPR does not apply in your
-    jurisdiction by simply sending a request to <a href="mailto:gdpr@ari.lt">gdpr@ari.lt</a>.
-    Logs are mainly collected for moderation and service stability ensurance.
+    You reserve the right to request mass data deletion of any data logged or stored by simply sending a request to
+    <a href="mailto:bye@ari.lt">bye@ari.lt</a>. Logs are mainly collected for moderation and service stability insurance.
 </p>
 
 <div class="table">
@@ -436,7 +438,7 @@
             <td>All</td>
             <td>Your IP address (logs are rotated every 64 days), access URI, authentication attempts, timestamp, response code, and parameters</td>
             <td>Your IP address (temporarily for up to a week in-memory), all data you sent to be processed and expect it to be stored (such as comments, messages, files, ...), cookies</td>
-            <td>You are responsible for your own privacy by using client-side encryption. Data on Ari-web is mninimally processed, and even though we strive for best privacy and security, we place the responsibility of true privacy so only you see your data by using client-side encryption on you. (See <a href="https://www.openpgp.org/">OpenPGP</a>). Your IP may be stored indefinitely if we notice large amount of potentially abusive traffic from you to block your IP address. Most logs are rotated every 64 days.</td>
+            <td>You are responsible for your own privacy by using client-side encryption. Data on Ari-web is minimally processed, and even though we strive for best privacy and security, we place the responsibility of true privacy so only you see your data by using client-side encryption on you. (See <a href="https://www.openpgp.org/">OpenPGP</a>). Your IP may be stored indefinitely if we notice large amount of potentially abusive traffic from you to block your IP address. Most logs are rotated every 64 days.</td>
         </tr>
 
         <tr>
@@ -448,7 +450,7 @@
 
         <tr>
             <td>Matrix (matrix.ari.lt)</td>
-            <td>Error reporting information with nonidenfiable or minimally idenfiable information.</td>
+            <td>Error reporting information with nonindefinable or minimally identifiable information.</td>
             <td>All <a href="https://matrix.org/docs/matrix-concepts/rooms_and_events/">Matrix rooms and events</a> as well as files to be stored, federated or not. Federates the aforementioned events to other servers out of our control due to the nature of the mash nature of the Matrix protocol.</td>
             <td></td>
         </tr>
@@ -463,20 +465,20 @@
         <tr>
             <td>Git forge (Forgejo at git.ari.lt)</td>
             <td>Any events or actions taken by You on git Forge, including authenticating, creating repositories, organisations, using runners (actions), deleting repositories, commits, etc.</td>
-            <td>All repositories (private and public) and their data as well as metadata, user profile data, authentication data, prefrences, blocked users, avatars, descriptions, emails, organizations, etc.</td>
-            <td>Git forge is meant to store data like a versioned file store of sort (i.e. <a href="https://git-scm.com/">Git VCS</a>), therefore, all you send there will be served, to public or not (depending on your prefrences).</td>
+            <td>All repositories (private and public) and their data as well as metadata, user profile data, authentication data, preferences, blocked users, avatars, descriptions, emails, organizations, etc.</td>
+            <td>Git forge is meant to store data like a versioned file store of sort (i.e. <a href="https://git-scm.com/">Git VCS</a>), therefore, all you send there will be served, to public or not (depending on your preferences).</td>
         </tr>
 
         <tr>
             <td>Email mailboxes of Ari-web email using <a href="https://mailcow.email/">Mailcow</a> (mail.ari.lt)</td>
-            <td>All actions performed on email are agressively logged. This includes: Email subject, email headers, rSpamD scan result, ClamAV antivirus results, access and authentication of both email and web UI, sent and received mail, IP address spam statistics, mailbox spam statistics, email (and its body) spam statistics (fuzzy hashes and scores mainly). This ensures full stability and deliverability of the email server.</td>
+            <td>All actions performed on email are logged. This includes: Email subject, email headers, rSpamD scan result, ClamAV antivirus results, access and authentication of both email and web UI, sent and received mail, IP address spam statistics, mailbox spam statistics, email (and its body) spam statistics (fuzzy hashes and scores mainly). This ensures full stability and deliverability of the email server.</td>
             <td>All data related to your email is stored. This includes: IP address, email body, attachments, headers, spam scores and metadata, email threads, WebUI accounts (and their associated data), etc.</td>
             <td>Even though we try to ensure best security of emails as well as secure access and storage, you are responsible for ensuring your total privacy. We are <b>NOT</b> allowed to invade your privacy unless circumstances call for it, although, to be safe, we suggest public key encryption to be used. See <a href="#termination">Termination, Limitation, and Transfer</a> for more details.</td>
         </tr>
 
         <tr>
             <td>Semi-managed email using custom domains using <a href="https://mailcow.email/">Mailcow</a> (goes to mail.ari.lt)</td>
-            <td>All data related to email mailboxes is logged as described above. Although, email hosting with custom domains comes with its own caviates as well, for instance, you may be requested to add DMARC reports support to your domain. All administrator actions will also be logged and stored relating to your custom domain like login attempts, change of settings and rules as well as related events.</td>
+            <td>All data related to email mailboxes is logged as described above. Although, email hosting with custom domains comes with its own unique logging as well, for instance, you may be requested to add DMARC reports support to your domain. All administrator actions will also be logged and stored relating to your custom domain like login attempts, change of settings and rules as well as related events.</td>
             <td>Mailbox information is stored as described above. Administrator information is stored similarly to mailbox WebUI accounts, including authentication information and various domain-related information such as logs and private keys (like DKIM).</td>
             <td>You, as the domain administrator, are required to ensure best security practices when using Ari-web email and to not violate the described terms in this document. Your violation of these terms will be considered a breach, therefore, your access will be terminated with notice.</td>
         </tr>
@@ -491,7 +493,7 @@
         <tr>
             <td>RoundCube webmail (rc.ari.lt)</td>
             <td>Logs error information.</td>
-            <td>Stores your sessions as well as your password in an encrypted format as well as user prefrences, identities, and other related webmail data.</td>
+            <td>Stores your sessions as well as your password in an encrypted format as well as user preferences, identities, and other related webmail data.</td>
             <td></td>
         </tr>
 
@@ -505,7 +507,7 @@
         <tr>
             <td>Akkoma/fediverse instance (ak.ari.lt)</td>
             <td>All actions taken by administrators are logged as well as errors / warnings / faults related to various parts of the applications.</td>
-            <td>Stores all data sent to the server, federated or not, such as user-generated content (posts, dms), descriptions, content warnings, avatars, alt texts, interractions, tags, avatars, uploads, etc. and federates them to other servers out of our control due to the nature of the mash nature of the ActivityPub protocol.</td>
+            <td>Stores all data sent to the server, federated or not, such as user-generated content (posts, DMs), descriptions, content warnings, avatars, alt texts, interactions, tags, avatars, uploads, etc. and federates them to other servers out of our control due to the nature of the mesh nature of the ActivityPub protocol.</td>
             <td></td>
         </tr>
     </table>
@@ -516,7 +518,7 @@
 <p>
     Ari-web tries to provide the best uptime, although, there is zero guarantee on any sort of
     service availability in percentage. You get what you get essentially. Although, expect minor
-    downtime monthly or bimonthly for maintenence tasks such as a maintenence reboot or a configuration
+    downtime monthly or bimonthly for maintenance tasks such as a maintenance reboot or a configuration
     change. This assumption is not to be construed as a guarantee.
 </p>
 
@@ -532,7 +534,7 @@
 </p>
 
 <p>
-    Termination or Limitation of Services: ari-web may terminate or limit services if Ari-web deems the service too difficult to control or moderate,
+    Termination or Limitation of Services: Ari-web may terminate or limit services if Ari-web deems the service too difficult to control or moderate,
     or if a constant pattern of violations or one extreme and severe violation is detected. For individuals, services may be terminated without notice if they continue
     to violate the terms of service or engage in behaviour that Ari-web considers unacceptable. Such decisions will be based on the outlines in this document
     as well as Ari-web interpretation of this document and their own discretion.
@@ -561,8 +563,8 @@
 
 <p>
     Ari-web and its services are subject to international laws as well as the laws of the United States of America, Lithuania, and Sweden.
-    Users acknowledge that these jurisdictions govern the use of ari-web services and any disputes that may arise in connection with them.
-    This statement is intended to clarify the legal framework applicable to the services offered by ari-web and does not create any
+    Users acknowledge that these jurisdictions govern the use of Ari-web services and any disputes that may arise in connection with them.
+    This statement is intended to clarify the legal framework applicable to the services offered by Ari-web and does not create any
     binding obligations beyond this acknowledgment.
 </p>
 
@@ -582,7 +584,7 @@
     Any member (volunteer) considered an Ari-web member (volunteer) is affiliated with Ari-web in a way where they are related
     and working on making Ari-web a better place for everyone at their own discretion. Furthermore, Ari-web as a non-legally-formed
     organization of individuals, cannot be affiliated with any legal entities. Affiliations are handled by the Authoritative party
-    inidividually, and all benifits from that affiliation will be used at the Authoritative party's discretion whether it be by
+    individually, and all benefits from that affiliation will be used at the Authoritative party's discretion whether it be by
     using it to support Ari-web, other projects, or for personal use.
 </p>
 
@@ -644,7 +646,7 @@
 </p>
 
 <p>
-    Ari-web, as a project almost exclussively out of the Authoritative party's pocket, costs as follows:
+    Ari-web, as a project almost exclusively out of the Authoritative party's pocket, costs as follows:
 </p>
 
 <div class="table">