SENIORVIBE Inc. · Afternoon Health

Privacy Policy

Effective date: July 14, 2026

SENIORVIBE Inc. (the “Company”) operates the Afternoon Health mobile app and the senior-vibe.com website. We take the privacy of our users seriously.

This Policy explains what personal data we process, why we process it, how long we retain it, where it is transferred, and how users can exercise their rights.

1. Controller and scope

The controller is SENIORVIBE Inc. (CEO: Sumin Kim; Korean Business Registration No. 441-86-03541). This Policy applies to the Afternoon Health app, our official website, partnership and support inquiries, and account-deletion requests.

Afternoon Health provides health and wellness information and lifestyle support. It is not a substitute for medical examination, diagnosis, or treatment.

2. Data we process and why

We process sensitive data such as health information and optional data only when necessary for the selected feature and where separate consent or another lawful basis applies. Refusing optional data does not prevent basic service use, but the relevant personalized feature may be unavailable.

CategoryDataPurpose
LINE LoginProvider-scoped LINE user ID, display name, profile image URL, login state, and email only when the user consents and LINE permission has been approvedIdentification, account creation and login, fraud prevention, and support
Member profileName or nickname, email, phone number if entered, birth year/date, gender, language, and terms/consent historyAccount management, age-appropriate features, personalization, and consent records
Health and wellnessMeasurements, risk and condition records, survey answers and free text, health background, supplement assessments and recommendations, health questions, conversations, and feedbackReports and personalized information, service operation, safety and quality improvement, and de-identified research/statistics
Service activityFacility and QR visits, membership and missions, point transactions, coupons and redemptions, ad views and rewards, favorites, and feature interactionsService delivery, benefit settlement, duplicate/fraud prevention, and dispute handling
Website and inquiriesOrganization, contact name and role, email, phone, inquiry, attachment, request time, and security connection dataPartnership and support responses, security, and abuse prevention
Automatically generated dataApp and session IDs, device and advertising IDs, approximate location, app interactions, performance and diagnostics, and IP-derived security dataSession continuity, security, troubleshooting, statistics, and ads/measurement subject to consent and settings

3. How we collect data

  • Information entered by users during registration, profile setup, surveys, health features, inquiries, and deletion requests
  • Information supplied by LINE when a user authorizes LINE Login
  • Information generated while the app, website, server, and security systems are used
  • Records created while processing selected services such as points, coupons, and facility visits

4. Retention

We delete personal data without undue delay when its purpose is fulfilled or an account is deleted. The minimum records needed for law, settlement, disputes, fraud prevention, or proof of consent may be separated and pseudonymized for the periods below.

RecordRetention period
Account, LINE link, profile, health, survey, conversation, recommendation, visit, and membership dataUntil account deletion; erased immediately when in-app deletion completes
Login sessionsUntil logout, withdrawal, expiry, or up to 30 days after the last issuance
One-time LINE Login challengeExpires after 10 minutes; only a hash is stored and expired rows are cleaned within one additional day
Minimum settlement records for points, coupons, ad rewards, terms, and auditsFive years after account deletion
Partnership/support inquiries and attachmentsThree years after closure
Contact details and LINE display name in a deletion requestErased when completed or rejected; de-identified workflow history kept for three years
Application and security logsUp to three months
Web application firewall logsUp to one month
Encrypted database backupsRotated for up to 35 days; deletion records are reapplied before restored data can serve traffic

5. Sharing with third parties

We do not sell personal data. If a facility check or benefit requires disclosure to another business, we identify the recipient, purpose, fields, and retention period on screen and obtain separate consent before sharing the minimum necessary data.

We may disclose data without consent where specifically required or permitted by law, including urgent protection of life or physical safety.

6. Processors and international transfers

We use the providers below to operate the service. We restrict secondary use through contracts and security settings and review their safeguards.

ProviderCountry and transferData and purposeRetention
Amazon Web Services, Inc. and affiliatesJapan (ap-northeast-1) and contracted regions; encrypted transfer during useService data, encrypted backups, and limited operational/security logs for hosting, database, backup, security, and health-information processing supportMembership period and the backup/log periods in Section 4
LY Corporation (LINE)Japan; encrypted transfer during LINE LoginLINE ID token, one-time nonce, channel ID, and connection data for login verification and deauthorizationFor verification and as described in LINE's policies
Google LLC and affiliates (Google Mobile Ads and UMP)United States and countries hosting Google data centers; encrypted transfer during ad requests and displayDevice/advertising ID, approximate location, app interactions, ad, performance, and diagnostics for consent, ads, measurement, and fraud preventionUnder Google policies and the user's advertising/consent settings
Stibee Inc.South Korea; submitted directly by the user on the external newsletter pageEmail and subscription settings for newsletter delivery and managementUntil unsubscribe or as described in Stibee's policy

Users may refuse an optional feature or advertising consent to avoid the related transfer. LINE Login and the contracted cloud infrastructure are necessary for the account service; users who do not want those transfers may choose not to register or may delete their account.

7. Deletion and account closure

When in-app account deletion completes, LINE identity, sessions, profile, health, survey, conversation, recommendation, and activity data are erased and old tokens stop working. A later login with the same LINE account creates a new account.

Minimum settlement, dispute, fraud-prevention, and consent records are stripped of LINE IDs, email, health content, barcodes, and reusable tokens. Electronic files are securely deleted, and encrypted backups are overwritten after their rotation period of up to 35 days.

If the app is unavailable, email support@senior-vibe.com to request deletion. After independent identity verification, we normally complete a valid request within 30 days. Never email a password, LINE ID token, or the text of a health answer.

8. Your rights

Contact support@senior-vibe.com. We verify the requester and respond within the period required by applicable law. Data that must be retained by law may remain restricted until that period ends.

  • Request access, correction, deletion, restriction, consent withdrawal, or account closure
  • Review or revoke Afternoon Health authorization in LINE settings
  • Reset or limit advertising identifiers and change related consent in device and app privacy settings
  • Exercise rights through a lawful representative, subject to verification of authority

9. Security

  • Encryption in transit, encryption at rest, and separation of secrets
  • Least-privilege access, administrative audit trails, and periodic access review
  • Restrictions on logging raw LINE tokens, nonces, health answers, and other sensitive content
  • Web application firewall, rate limits, security updates, backups, and controlled recovery
  • Privacy duties for personnel and processors and an incident-response process

10. Automatic data, advertising, and AI

The website may process basic connection data to deliver and secure pages. The app stores sessions securely on the device. Google Mobile Ads and UMP may process advertising identifiers, approximate location, ad interactions, and diagnostics according to consent and settings. Users can manage them in device and in-app privacy settings.

The health assistant uses a user's question and selected health context to generate wellness information. It does not make a decision with legal or medical effect and does not replace professional diagnosis or treatment.

11. Children under 14

Afternoon Health is not directed to children under 14, and we do not knowingly collect their personal data without consent from a legal guardian. If we learn that such data was collected, we verify and delete it without undue delay.

12. Privacy contact

ItemDetails
Privacy OfficerSumin Kim, CEO
Emailsupport@senior-vibe.com
Address3F, Building 2, Pangyo Startup Campus, 20 Pangyo-ro 289beon-gil, Bundang-gu, Seongnam-si, Gyeonggi-do, Republic of Korea

13. Changes to this Policy

This Policy takes effect on July 14, 2026. We normally announce changes through the website or app at least seven days in advance, or 30 days in advance for a material change affecting user rights. Previous versions are available on request.