SENIORVIBE Inc. · Afternoon Health
Privacy Policy
Effective date: July 14, 2026
SENIORVIBE Inc. (the “Company”) operates the Afternoon Health mobile app and the senior-vibe.com website. We take the privacy of our users seriously.
This Policy explains what personal data we process, why we process it, how long we retain it, where it is transferred, and how users can exercise their rights.
1. Controller and scope
The controller is SENIORVIBE Inc. (CEO: Sumin Kim; Korean Business Registration No. 441-86-03541). This Policy applies to the Afternoon Health app, our official website, partnership and support inquiries, and account-deletion requests.
Afternoon Health provides health and wellness information and lifestyle support. It is not a substitute for medical examination, diagnosis, or treatment.
2. Data we process and why
We process sensitive data such as health information and optional data only when necessary for the selected feature and where separate consent or another lawful basis applies. Refusing optional data does not prevent basic service use, but the relevant personalized feature may be unavailable.
| Category | Data | Purpose |
|---|---|---|
| LINE Login | Provider-scoped LINE user ID, display name, profile image URL, login state, and email only when the user consents and LINE permission has been approved | Identification, account creation and login, fraud prevention, and support |
| Member profile | Name or nickname, email, phone number if entered, birth year/date, gender, language, and terms/consent history | Account management, age-appropriate features, personalization, and consent records |
| Health and wellness | Measurements, risk and condition records, survey answers and free text, health background, supplement assessments and recommendations, health questions, conversations, and feedback | Reports and personalized information, service operation, safety and quality improvement, and de-identified research/statistics |
| Service activity | Facility and QR visits, membership and missions, point transactions, coupons and redemptions, ad views and rewards, favorites, and feature interactions | Service delivery, benefit settlement, duplicate/fraud prevention, and dispute handling |
| Website and inquiries | Organization, contact name and role, email, phone, inquiry, attachment, request time, and security connection data | Partnership and support responses, security, and abuse prevention |
| Automatically generated data | App and session IDs, device and advertising IDs, approximate location, app interactions, performance and diagnostics, and IP-derived security data | Session continuity, security, troubleshooting, statistics, and ads/measurement subject to consent and settings |
3. How we collect data
- Information entered by users during registration, profile setup, surveys, health features, inquiries, and deletion requests
- Information supplied by LINE when a user authorizes LINE Login
- Information generated while the app, website, server, and security systems are used
- Records created while processing selected services such as points, coupons, and facility visits
4. Retention
We delete personal data without undue delay when its purpose is fulfilled or an account is deleted. The minimum records needed for law, settlement, disputes, fraud prevention, or proof of consent may be separated and pseudonymized for the periods below.
| Record | Retention period |
|---|---|
| Account, LINE link, profile, health, survey, conversation, recommendation, visit, and membership data | Until account deletion; erased immediately when in-app deletion completes |
| Login sessions | Until logout, withdrawal, expiry, or up to 30 days after the last issuance |
| One-time LINE Login challenge | Expires after 10 minutes; only a hash is stored and expired rows are cleaned within one additional day |
| Minimum settlement records for points, coupons, ad rewards, terms, and audits | Five years after account deletion |
| Partnership/support inquiries and attachments | Three years after closure |
| Contact details and LINE display name in a deletion request | Erased when completed or rejected; de-identified workflow history kept for three years |
| Application and security logs | Up to three months |
| Web application firewall logs | Up to one month |
| Encrypted database backups | Rotated for up to 35 days; deletion records are reapplied before restored data can serve traffic |
6. Processors and international transfers
We use the providers below to operate the service. We restrict secondary use through contracts and security settings and review their safeguards.
| Provider | Country and transfer | Data and purpose | Retention |
|---|---|---|---|
| Amazon Web Services, Inc. and affiliates | Japan (ap-northeast-1) and contracted regions; encrypted transfer during use | Service data, encrypted backups, and limited operational/security logs for hosting, database, backup, security, and health-information processing support | Membership period and the backup/log periods in Section 4 |
| LY Corporation (LINE) | Japan; encrypted transfer during LINE Login | LINE ID token, one-time nonce, channel ID, and connection data for login verification and deauthorization | For verification and as described in LINE's policies |
| Google LLC and affiliates (Google Mobile Ads and UMP) | United States and countries hosting Google data centers; encrypted transfer during ad requests and display | Device/advertising ID, approximate location, app interactions, ad, performance, and diagnostics for consent, ads, measurement, and fraud prevention | Under Google policies and the user's advertising/consent settings |
| Stibee Inc. | South Korea; submitted directly by the user on the external newsletter page | Email and subscription settings for newsletter delivery and management | Until unsubscribe or as described in Stibee's policy |
Users may refuse an optional feature or advertising consent to avoid the related transfer. LINE Login and the contracted cloud infrastructure are necessary for the account service; users who do not want those transfers may choose not to register or may delete their account.
7. Deletion and account closure
When in-app account deletion completes, LINE identity, sessions, profile, health, survey, conversation, recommendation, and activity data are erased and old tokens stop working. A later login with the same LINE account creates a new account.
Minimum settlement, dispute, fraud-prevention, and consent records are stripped of LINE IDs, email, health content, barcodes, and reusable tokens. Electronic files are securely deleted, and encrypted backups are overwritten after their rotation period of up to 35 days.
If the app is unavailable, email support@senior-vibe.com to request deletion. After independent identity verification, we normally complete a valid request within 30 days. Never email a password, LINE ID token, or the text of a health answer.
8. Your rights
Contact support@senior-vibe.com. We verify the requester and respond within the period required by applicable law. Data that must be retained by law may remain restricted until that period ends.
- Request access, correction, deletion, restriction, consent withdrawal, or account closure
- Review or revoke Afternoon Health authorization in LINE settings
- Reset or limit advertising identifiers and change related consent in device and app privacy settings
- Exercise rights through a lawful representative, subject to verification of authority
9. Security
- Encryption in transit, encryption at rest, and separation of secrets
- Least-privilege access, administrative audit trails, and periodic access review
- Restrictions on logging raw LINE tokens, nonces, health answers, and other sensitive content
- Web application firewall, rate limits, security updates, backups, and controlled recovery
- Privacy duties for personnel and processors and an incident-response process
10. Automatic data, advertising, and AI
The website may process basic connection data to deliver and secure pages. The app stores sessions securely on the device. Google Mobile Ads and UMP may process advertising identifiers, approximate location, ad interactions, and diagnostics according to consent and settings. Users can manage them in device and in-app privacy settings.
The health assistant uses a user's question and selected health context to generate wellness information. It does not make a decision with legal or medical effect and does not replace professional diagnosis or treatment.
11. Children under 14
Afternoon Health is not directed to children under 14, and we do not knowingly collect their personal data without consent from a legal guardian. If we learn that such data was collected, we verify and delete it without undue delay.
12. Privacy contact
| Item | Details |
|---|---|
| Privacy Officer | Sumin Kim, CEO |
| support@senior-vibe.com | |
| Address | 3F, Building 2, Pangyo Startup Campus, 20 Pangyo-ro 289beon-gil, Bundang-gu, Seongnam-si, Gyeonggi-do, Republic of Korea |
13. Changes to this Policy
This Policy takes effect on July 14, 2026. We normally announce changes through the website or app at least seven days in advance, or 30 days in advance for a material change affecting user rights. Previous versions are available on request.