AI Recommendation Disclosure
Effective: 2026-04-29 (v0.2) · Legal basis: Korean Personal Information Protection Act (PIPA) §37-2(4) (in force since 2025-10-02)
Pursuant to PIPA §37-2(4), Semore publishes the criteria, procedure, and personal-data processing method of its chat recommendation system (hereinafter "AI recommendation") so that data subjects can readily verify them.
This page satisfies both the PIPA §37-2(4) automated-decision disclosure obligation and the EU AI Act Art.50(1) disclosure obligation.
Korea AI Framework Act Article 31(1) prior notice (in force 2026-01-22) — The chat, recommendation, and payment-mandate flows offered by Semore are operated by generative AI (Anthropic Claude). We notify you in advance via three layered surfaces (this page, an in-chat ⓘ How this works link, and a per-response AI generated badge). Automated responses may contain errors or hallucinations — please confirm important decisions with a human agent ([email protected]). Art.31(2) (synthetic-output labeling) is satisfied by the per-response AI generated badge; Art.31(3) (notice for outputs indistinguishable from reality) is satisfied by C2PA metadata on generative media.
1. Overview of the AI Recommendation System
Semore's chat recommendation runs on Anthropic Claude LLM (Opus 4.7 for internal classification and routing; Haiku 4.5 for response generation), the Anthropic Model Context Protocol (MCP) 5-tool stack (search_product / get_product / create_cart / quote_checkout / submit_intent), and a catalog-matching algorithm built on Cloudflare Workers AI embeddings (@cf/baai/bge-m3). It accepts free-form user input in any of 6 supported languages and returns up to the top 3 K-bundle SKUs from our catalog.
Technical details
- LLM: Anthropic Claude — system prompt confines the model to K-bundle recommendations
- Tools: Anthropic MCP 5-tool standard; only
search_productandget_productare callable during recommendation - Embeddings: Cloudflare Workers AI
@cf/baai/bge-m31024-dim vectors - Catalog matching: cosine-similarity nearest-neighbor search with top-K=3
- Output: JSON-schema validation plus a final
get_product(sku_id)existence check before delivery
2. Recommendation Criteria
- Your free-form input is screened by a multilingual safety classifier stack (Llama Guard 3 8B + OpenAI omni-moderation) for legality and safety.
- Your input is encoded as a 1024-dim Cloudflare bge-m3 embedding and compared with each catalog SKU embedding via cosine similarity.
- Only SKUs with cosine similarity ≥ 0.65 are eligible (off-topic queries are blocked).
- Up to the top 3 eligible SKUs are injected as grounded context for the LLM response.
- SKUs requiring age verification (alcohol, tobacco, adult media) are never surfaced to unverified users.
3. Recommendation Procedure (6-Layer Guardrail)
- (Step 1) Input vetting — Cloudflare WAF and Workers Bindings block abnormal traffic (spam, DDoS, prompt-injection attempts).
- (Step 2) Safety classification — Llama Guard 3 8B classifies each input on a 4-tier scale (allow / caution / refuse / block). Refused or blocked inputs are stopped immediately and the user receives a 6-locale notice.
- (Step 3) System prompt — Semore's system prompt confines the LLM's behavior to K-bundle recommendations and forbids the model from hallucinating SKUs outside the catalog.
- (Step 4) Tool execution — The LLM may only call MCP
search_productandget_product; responses are grounded against live catalog data. - (Step 5) Output validation — JSON-schema validation plus a final
get_productlookup against the actual catalog guarantees a 0% hallucinated-SKU rate. - (Step 6) Architectural isolation — Payment and personal-data processing run on separate domains and privilege boundaries, isolated from the chat surface.
4. How Recommendations Are Produced
Once your input passes the 6-Layer guardrail, Semore's LLM receives the catalog embedding search results (the actual price, stock, options, and images of up to the top 3 SKUs) as grounded context and produces a natural-language response. The LLM itself cannot fabricate SKUs outside the catalog (enforced by the system prompt and JSON schema), and every response is verified by a final get_product(sku_id) lookup before delivery.
Semore does not use chat input for LLM training (Anthropic Zero Data Retention addendum executed). Chat traces are auto-deleted after 30 days, and card PAN/CVV never traverses our systems (PCI tokenization).
5. Channels for Exercising Data-Subject Rights
You may exercise the following rights:
- Right to refuse (PIPA §37-2(1)) — toggle "Disable AI auto-recommendation" in chat settings to opt out instantly. While disabled, the experience switches to category browsing and no recommendation algorithm is applied.
- Right to explanation (PIPA §37-2(2)) — to learn why a particular SKU was recommended, open the chat
?menu → "Request explanation for this recommendation" or email [email protected]. We typically reply within 7 days; the statutory upper bound is 14 days. - Right to human re-review (PIPA §37-2(3)) — to challenge an automated recommendation, you may request human review. We typically reply within 7 days; the statutory upper bound is 14 days.
- Contact — [email protected] · chat
?menu · [Privacy Policy](/legal/privacy) §10 (Data Protection Officer)
---
Last updated: 2026-04-29 (v0.2) · Legal basis: PIPA §37-2 (in force since 2025-10-02)