Privacy Policy

LiveHer Privacy Policy

Last Updated: May 28, 2026 Operator: lnnex, Corp. (a Delaware corporation)

Article 1 (Purposes of Processing Personal Information)

lnnex, Corp. ("Company", "we", "us") processes personal information for the following purposes. Personal information processed shall not be used for purposes other than those listed below, and if the purpose of use is changed, the Company shall take necessary measures, including obtaining separate consent under applicable privacy laws.

1. Account Registration and General Use

  • User identification and account management
  • Customer support, inquiry handling, user protection services, dispute and complaint handling, incident investigation, and record retention
  • Statistics, risk management, and improvement of customer service quality
  • Restriction of use for violations of these Terms, prevention of account theft and fraudulent use, and verification of service-use records
  • Delivery of notices, such as amendments to the Terms
  • Provision of event information and participation opportunities, and provision of promotional information
  • Provision of the AI character chat service and improvement of conversation algorithms

2. New Service Development and Marketing/Advertising

  • Development and specialization of new services (products)
  • Provision of services and advertising based on demographic characteristics
  • Analysis of access frequency and service usage performance
  • Analysis of service-use statistics
  • Delivery of promotional information, including events
  • Announcement of new services and products

3. Exceptions to Sharing of Personal Information

In principle, the Company uses Members' personal information only for the purpose of collection and use, and does not provide it to other persons, companies, or institutions. The following are exceptions:

  • When the data subject has given separate consent
  • When there is a special provision of law or it is necessary to comply with a legal obligation
  • When necessary to protect the life, body, or property of the data subject or a third party, where the data subject is unable to give consent
  • When provided in a form that does not identify a specific individual, for purposes such as statistics or academic research
  • When necessary for criminal investigation, prosecution, or maintenance of prosecution
  • For information used for business contact (name, address, phone number, etc.)

Article 2 (Retention and Use Period of Personal Information)

  1. The Company processes and retains personal information within the retention and use period required by law or agreed to by the data subject.
  2. The retention periods for each item are as follows (or as required by US/state law where applicable):
    • Records of contracts or withdrawal of subscription: 5 years
    • Records of payment and supply of goods: 5 years
    • Records of consumer complaints or dispute handling: 3 years
    • Tax books and supporting documents: 5 years
    • Records of electronic financial transactions: 5 years
    • Service-use login records: 3 months

Article 3 (Items of Personal Information Processed)

1. Account Registration and General Use

  • Email address
  • Message information (time of transmission, contents, etc.), user feedback information

2. Items Automatically Collected During Service Use

  • Device information, carrier, IP address, cookies, MAC address
  • Service-use records, visit records, fraudulent-use records

3. Payment Information

  • Token purchase records, payment provider transaction IDs (full card numbers are NOT stored — processing is handled by PCI-DSS compliant payment processors)

Article 4 (Provision of Personal Information to Third Parties)

The Company does not provide personal information to third parties except with the consent of the user or as required by law. Where service integration is necessary, personal information may be provided within the scope necessary for the provision of the Service.

Article 5 (Entrustment of Personal Information Processing)

The Company entrusts certain duties to external service providers to provide the Service, and strictly manages and supervises such providers to ensure compliance with applicable laws. Categories of entrusted providers include:

  • Cloud hosting providers (e.g., AWS)
  • Payment processors (e.g., CCBill, NOWPayments)
  • Email delivery service providers
  • AI model and infrastructure providers

Article 6 (Destruction of Personal Information)

  1. The Company shall promptly destroy personal information when the retention period has expired, the purpose of processing has been achieved, or the information has otherwise become unnecessary.
  2. However, if continued retention is required by law, the information shall be separately stored.
  3. The procedures and methods for destruction of personal information are as follows:
    • Procedure: Information subject to destruction is identified and destroyed under the approval of the personal information protection officer.
    • Method: Electronic files are deleted in a manner that cannot be recovered, and paper documents are shredded or incinerated.

Article 7 (Measures to Ensure the Security of Personal Information)

[Administrative Measures]

  • Prompt response to changes in law
  • Company-wide training and establishment of privacy protection policies
  • Minimization of access rights to personal information

[Technical Measures]

  • Encryption in transit: All data transmitted between users and LiveHer servers is encrypted using TLS 1.2 or higher (HTTPS).
  • Encryption at rest: Personal data stored in our databases is encrypted using AES-256 or equivalent industry-standard encryption. Passwords are stored using one-way (irreversible) cryptographic hashing.
  • Operation of access control systems (minimization of account privileges, log records)
  • Installation of antivirus software and intrusion detection systems with 24-hour monitoring
  • Continuous adoption of the latest security technologies

Article 8 (Cookies)

[What Are Cookies?]

Cookies are small information files that a website server stores in a user's browser.

[Purposes of Use]

  • Maintaining user environment for convenient service provision
  • Provision of personalized information based on areas of interest
  • Service improvement and targeted marketing

[How to Refuse Cookies]

  • Chrome: Settings > Privacy and security > Site settings > Cookies
  • Safari: Preferences > Privacy
  • MS Edge: Settings > Privacy, search, and services > Tracking prevention

※ Refusing cookies may restrict the use of some services.

Article 9 (Behavioral Information Management)

1. Items Collected

  • Visit records, search/click history, advertising identifiers, etc.

2. Method of Collection

  • Automatic collection during use of the Service

3. Purpose of Use

  • Provision of personalized advertising, statistics, and service improvement

4. Retention and Use Period

  • 3 years from the date of collection
  • After this, used in de-identified form for statistical purposes

5. Method of Control

Tracking may be restricted through browser or smartphone settings:

  • Android: Settings > Privacy > Ads > Delete advertising ID
  • iOS: Settings > Privacy > Advertising > Limit Ad Tracking

Article 10 (Your Rights and Choices)

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Right to access: You may request access to the personal information we hold about you.
  • Right to rectification: You may request correction of inaccurate or incomplete information.
  • Right to deletion: You may request deletion of your personal information (subject to legal retention requirements).
  • Right to object/restrict: You may object to or request restriction of processing.
  • Right to portability: You may request a copy of your data in a portable format.
  • Right to withdraw consent: You may withdraw consent at any time where processing is based on consent.

To exercise these rights, please contact us at the address below.

For users in California, the California Consumer Privacy Act (CCPA) provides additional rights, including the right to know what personal information is collected and the right to opt out of the sale of personal information. We do not sell personal information.

For users in the European Economic Area, the United Kingdom, or Switzerland, the General Data Protection Regulation (GDPR) and equivalent laws provide additional rights.

Article 11 (Children's Privacy and 18+ Self-attestation Model)

The Service is intended exclusively for users aged 18 or older. We do not knowingly collect personal information from anyone under the age of 18.

Age Verification Model

LiveHer uses a self-attestation model for age verification. At sign-up, each user must affirmatively confirm they are 18 years of age or older by checking the required consent item ("I am 18 years of age or older") on the agreement page. The Company does not operate a third-party identity verification system, including but not limited to:

  • Korean PASS / NICE / KCB identity verification
  • Government-issued ID document upload (driver's license, passport, etc.)
  • Biometric verification (face scan, fingerprint)
  • Phone-based identity verification linked to a national identity number
  • Credit card-based age verification

Personal Information We Do NOT Collect (as a Result)

Because we rely on self-attestation, we do not collect or process the following categories of personal information that would otherwise be required for third-party age verification:

  • National identification numbers (e.g., Korean 주민등록번호, US SSN)
  • Government-issued ID documents or their copies
  • Biometric data (facial recognition, fingerprints)
  • Phone-based identity verification results
  • Credit history or financial verification data tied to age

Response to Confirmed Underage Use

If we learn — through user report, content moderation, or any other means — that a user is under 18, we will:

  1. Immediately suspend the account upon credible report
  2. Permanently delete all personal data associated with the account within thirty (30) days of confirmation
  3. Refund any unused token balance to a verified legal guardian upon request
  4. Report the incident to applicable authorities where required by law

The Company reserves the right to suspend or terminate any account, and to restrict access to the Service, when there is reasonable suspicion of age misrepresentation. Consistent with our self-attestation model, the Company does not request government-issued identification documents for age verification.

Article 12 (International Data Transfers)

The Company is established in the United States, and personal information may be processed and stored in the United States, Japan (AWS Tokyo region), or other countries where our service providers are located. Where required by law, we implement appropriate safeguards for international data transfers.

Article 13 (Remedies for Infringement of Rights)

For inquiries or complaints regarding personal information, you may contact us at:

  • Email: help@liveher.ai
  • Mail: lnnex, Corp., Delaware, United States

You may also lodge a complaint with the data protection authority in your jurisdiction.

Article 14 (Third-Party Authentication)

When you sign in to LiveHer using a third-party identity provider (Google, Kakao), we receive limited information from that provider for the purpose of creating, identifying, and authenticating your account.

1. Information We Receive

From Google (via OAuth scopes openid, email, profile — all non-sensitive):

  • openid (standard OpenID Connect): Google account identifier (sub claim) used to link your Google identity with your LiveHer account.
  • email (https://www.googleapis.com/auth/userinfo.email): Your primary Google email address and its verification status (email_verified flag).
  • profile (https://www.googleapis.com/auth/userinfo.profile): Your full name and profile picture URL (only information you have made publicly available on your Google account).

We do not request any additional Google OAuth scopes beyond the three above. We do not request any sensitive or restricted scopes.

From Kakao: nickname, email address (with separate consent), profile picture URL (if provided), Kakao account ID.

2. How We Use This Information

  • To create your LiveHer account
  • To identify and authenticate you on subsequent sign-ins
  • To pre-fill your initial nickname and profile picture (which you may change at any time)

3. What We Do NOT Do

  • We do not store your Google or Kakao password
  • We do not access any other data from your Google or Kakao account (such as Google Drive, Gmail, Contacts, Calendar, Photos, Kakao Friends, Kakao Messages, or Kakao Calendar)
  • We do not share, sell, or transfer your Google or Kakao account data to third parties, except as required by law or with your explicit consent
  • We do not use information received from Google APIs to develop, improve, or train generalized or non-personalized AI/ML models

4. Limited Use Disclosure (Google API Services User Data Policy)

LiveHer's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  1. User-facing use only. We use Google user data solely to provide or improve user-facing features that are prominent in the LiveHer user interface — specifically, account authentication and the prefilling of your initial profile (nickname and profile picture).

  2. No unauthorized transfer. We do not transfer Google user data to third parties, except (a) as necessary to provide or improve the user-facing features described above, (b) to comply with applicable law, or (c) as part of a merger, acquisition, or sale of assets with prior notice to users.

  3. No advertising use. We do not use Google user data for serving advertisements, including retargeting, personalized advertising, or interest-based advertising.

  4. No unauthorized human access. We do not allow humans to read Google user data unless (a) we have obtained the user's affirmative agreement for specific messages, (b) it is necessary for security purposes (such as investigating abuse), (c) it is necessary to comply with applicable law, or (d) the data has been aggregated and is used for internal operations in accordance with applicable privacy laws.

5. Your Control

  • You may revoke LiveHer's access to your Google account at any time at https://myaccount.google.com/permissions
  • You may revoke LiveHer's access to your Kakao account at any time through your Kakao account settings
  • Disconnecting a third-party identity provider does not automatically delete your LiveHer account or your personal data held by LiveHer.

To delete your LiveHer account:

  1. Sign in to LiveHer
  2. Navigate to My Page → Settings → Delete Account
  3. Confirm the deletion request

Alternative method: Send an email to help@liveher.ai with the subject line "Account Deletion Request" from the email address associated with your LiveHer account.

All personal data associated with your account will be permanently deleted within thirty (30) days of confirmation, except for records that the Company is required to retain by law (see Article 2 for retention periods).

6. Account Linking

LiveHer does not link accounts across different sign-in methods. If you have signed up with Email + Code using an email address that is also associated with a Google or Kakao account, those accounts are treated as separate LiveHer accounts.

Article 15 (Changes to This Privacy Policy)

The Company may amend this Privacy Policy from time to time. Material changes will be notified through the Service or by email at least seven (7) days before the effective date (or thirty (30) days for changes unfavorable to users).

Article 16 (Contact Information)

For questions about this Privacy Policy, requests to exercise your rights described in Article 10, or any privacy-related concerns, please contact us:

  • Email: help@liveher.ai
  • Mailing address: lnnex, Corp., Delaware, United States
  • Response time: We aim to respond to all privacy inquiries within seven (7) business days.

For data deletion requests, please use the subject line "Account Deletion Request" or "Data Deletion Request" to expedite processing. See Article 14 §5 for the in-app deletion procedure.

lnnex, Corp.