1. Privacy Policy Overview
This Privacy Policy explains how My Aqive (referred to as "we," "our company," or "this application") collects, uses, stores, and protects your personal information when you use our mobile application services. This policy applies to all services provided through the My Aqive application.
My Aqive is a mobile application focused on mind-body wellness, providing personalized Qi cultivation experiences, health tracking, and data analysis services. We strictly comply with personal data protection laws, EU GDPR, US CCPA, and relevant privacy regulations in various regions.
Core Commitments
• We never sell your personal data
• We only collect information necessary to provide services
• You have complete control over your data
• We use industry-leading security standards to protect your data
2. Apple iOS Platform Compliance
As an Apple App Store application, we fully comply with Apple's privacy and security guidelines:
- Transparent Collection: Clearly disclose what data we collect and its purpose
- Minimal Collection: Only collect data necessary to provide functionality
- User Control: Provide clear privacy settings and data management options
- Secure Storage: Use Apple-recommended security technologies to protect data
- Child Protection: Strictly follow COPPA child privacy protection standards
Apple Health Data Special Notice
If you choose to integrate with Apple Health, we will follow Apple HealthKit's strict privacy requirements, and your health data will receive the highest level of protection.
2.1 App Store Privacy Label Compliance
- Data types collected: Clearly marked in App Store privacy labels
- Data usage description: Each data collection has a clear purpose statement
- Third-party sharing: Clearly indicate whether data is shared with third parties
- Tracking transparency: Comply with iOS 14.5+ App Tracking Transparency (ATT) requirements
2.2 Child Privacy Protection (COPPA Compliance)
- Application age limit: 13 years and above
- Do not actively collect personal information from children under 13
- If child data is mistakenly collected, it will be deleted immediately
2.3 Google Play Health App Compliance
As a Google Play Store Health & Fitness category application, we fully comply with Google Play health app policies:
2.3.1 Health App Declaration Compliance
- Prominent disclosure requirements: Clearly disclose the purpose and scope of health data collection within the app
- Minimum permission principle: Only request permissions necessary for core functionality
- User consent mechanism: Obtain explicit user consent before collecting health data
- Data security protection: Use industry-leading standards to protect sensitive health data
2.3.2 Special Permission Usage Description
This app may request the following health-related sensitive permissions:
- Body Sensors (BODY_SENSORS): "This app collects heart rate data to provide personalized Qi cultivation experiences and health analysis"
- Activity Recognition (ACTIVITY_RECOGNITION): "This app collects activity data to track your daily health status"
- Location Information (ACCESS_FINE_LOCATION): "This app collects location data to provide timezone-based Qi cultivation reminder services"
2.3.3 Health Data Processing Restrictions
- Health data is only used to provide personalized health services
- Health data will not be used for advertising or marketing purposes
- Health data will not be sold to third parties
- Users can withdraw consent for health data collection at any time
3. Third-Party Login Service Compliance
We provide multiple third-party login options, including Facebook, Google, Apple Sign-In, and LINE, strictly following each platform's privacy policies:
3.1 Facebook Login Compliance
We fully comply with Facebook Platform Policy v18.0:
- Data Minimization: Only request basic personal data (name, email)
- Purpose Transparency: Clearly explain the purpose of using Facebook data
- No Sharing: Will not share your Facebook data with other third parties
- Independent Account: You can disconnect from Facebook at any time
- Follow Facebook Policy: Fully comply with Facebook Platform Policy and Developer Terms
3.2 Apple Sign-In Compliance
- Privacy First: Support Apple's "Hide My Email" feature
- Minimal Data: Only obtain necessary authentication information
- User Control: Users can choose whether to share their real email address
3.3 Other Third-Party Logins
- Google OAuth: Comply with Google API Services User Data Policy
- LINE Login: Comply with LINE Developer Policy, meeting Asian regional privacy regulations
Third-Party Login Data Usage
Data obtained through third-party login is only used for: ① Creating your My Aqive account ② Providing customer support services ③ Sending important service notifications. We will never use this data for advertising or sell it to other companies.
4. Types of Information We Collect
To provide personalized health services, we may collect the following types of information:
Basic Personal Information
Email address, display name, age (optional), gender (optional), and other basic identity information
Health-Related Information
Qi cultivation experience records, mood state ratings, focus state, usage frequency statistics
Device and Usage Information
Device type, operating system version, app usage time and frequency
Analytics and Preference Information
Usage patterns, preference settings, interaction behavior and feedback information (anonymized)
4.1 Required Data vs Optional Data
Required Data:
- Email address (for account creation and authentication)
- Device identifier (for security protection and technical support)
Optional Data:
- Display name (for personalized experience)
- Location information (only for timezone adjustment, completely optional)
- Health data (for providing personalized services, user has complete control)
5. Purposes of Information Use
We collect your information primarily for the following purposes:
5.1 Core Service Provision
- Provide personalized Qi cultivation experiences and health recommendations
- Track and analyze your health status change trends
- User account management and authentication
- Provide customer support and technical assistance
5.2 Service Improvement
- Improve and optimize our service features
- Conduct anonymized research analysis to improve products
- Send important service notifications and updates
5.3 Security and Compliance
- Ensure service security and prevent fraudulent activities
- Fulfill legal obligations and regulatory requirements
- Dispute resolution and customer support
We Will Never Use For
• Selling data to third parties
• Unauthorized advertising placement
• Political or religious purposes
• Discriminatory analysis
6. Information Sharing and Disclosure
We are committed to protecting your privacy and will not share your personal information with third parties except in the following circumstances:
6.1 Sharing with Your Consent
With your explicit consent, we may share relevant information with medical professionals or health consultants you designate.
6.2 Service Providers
We may share necessary information with trusted third-party service providers to assist in providing services (such as cloud storage, data analysis). These partners are all bound by strict confidentiality agreements.
6.3 Legal Requirements
We may need to disclose your information when required by law or legitimate government requests.
Never Commercialize Commitment
We will never sell your personal health information to advertisers, insurance companies, or other commercial organizations for profit.
7. Data Security Measures
We employ multi-layered security measures to protect your personal information:
7.1 Technical Security Measures
- End-to-end encryption for transmission and storage (AES-256 standard)
- Secure transmission protocols (TLS 1.3)
- Regular security audits and vulnerability scanning
- Strict access control and authentication
- Multi-factor authentication system
7.2 Organizational Security Measures
- Employee privacy protection training and confidentiality agreements
- Principle of least privilege and data access logging
- 24-hour security incident response mechanism
- Annual privacy compliance review
7.3 Infrastructure Security
- Data centers complying with international security standards
- Regular backups and disaster recovery plans
- 24/7 security monitoring system
- ISO 27001 certified data centers
8. Your Privacy Rights
Under relevant laws and regulations, you enjoy the following privacy rights:
Right to Access
You have the right to access the personal information we hold about you
Right to Rectification
You have the right to request correction of inaccurate or incomplete personal information
Right to Erasure
You have the right to request deletion of your personal information (right to be forgotten)
Right to Portability
You have the right to obtain your personal information in a structured format
Right to Object
You have the right to object to our processing of your personal information
Right to Restriction
You have the right to request restriction of our processing of your personal information
8.1 How to Exercise Your Rights
To exercise the above rights, please contact us through the following methods:
- Email: contact@aqive.app
- LINE Customer Service: @aqivetw
We will respond to your request within 30 days of receiving it.
8.2 Regional Privacy Rights
For EU Users (GDPR): You enjoy all rights under the General Data Protection Regulation.
For California Residents (CCPA): You have the right to know, delete, opt-out of sale, and non-discrimination.
For Taiwan Users: You have rights under the Personal Data Protection Act including access, correction, and deletion.
9. Data Retention Period
The length of time we retain your personal information depends on various factors, such as whether we need this information to maintain your account, provide services, comply with legal obligations, resolve disputes, or enforce other applicable contracts and policies.
- Basic Account Information: During your account's active period
- Health and Qi Cultivation Data: During your service usage period and 3 years thereafter
- Usage Records: Maximum of 2 years
- Customer Service Records: Maximum of 1 year
- Device Logs: Automatically deleted after 90 days
When the retention period expires or you request deletion, we will securely delete or anonymize your personal information.
10. International Data Transfers
Please note that we may transfer, store, and process your personal information outside your country/region of residence. Your personal information is also processed by employees, third-party service providers, and partners in these countries/regions.
10.1 Transfer Protection Mechanisms
- EU Standard Contractual Clauses (SCC) for EU data transfers
- Transfers to countries with adequacy decisions
- US-EU Privacy Shield successor mechanisms
- Other equivalent protection measures
10.2 Data Storage Locations
Our primary servers are located in the United States, European Union, and Asia-Pacific regions, with multi-region encrypted backups. Sensitive health data is preferentially stored locally on devices.
10.3 Regional Compliance
For EU Users: We comply with GDPR requirements for international transfers.
For US Users: We comply with CCPA, VCDPA, CPA, and CTDPA requirements.
For Asia-Pacific Users: We comply with local data protection laws in each jurisdiction.
11. Cookies and Tracking Technologies
We use cookies and similar technologies to provide a better user experience:
11.1 Cookie Types
- Functional Cookies: Basic functionality operation (necessary)
- Preference Cookies: Remember user preference settings (optional)
- Analytics Cookies: Anonymous usage statistics analysis (optional)
- Advertising Cookies: We do not use advertising cookies
11.2 Tracking Transparency
We comply with iOS App Tracking Transparency (ATT) requirements and will seek your explicit consent before conducting any cross-app tracking.
12. Children's Privacy Protection
We take children's privacy protection very seriously and strictly comply with COPPA and other child privacy regulations:
12.1 Age Restrictions
- This application is suitable for users aged 13 and above
- Users aged 13-16 require parental consent in applicable regions
- We do not actively collect personal information from children under 13
12.2 Special Protection Measures
- Children's data receives additional encryption protection
- Parents can manage and monitor children's accounts
- Provide age-appropriate privacy education content
13. Complaint Handling Mechanism
If you are dissatisfied with how we handle your personal information, please contact us using the contact information provided below.
13.1 Internal Complaint Handling
- We will respond to your complaint within 7 business days
- Assign dedicated personnel to handle privacy-related complaints
- Provide complaint handling progress tracking
13.2 External Appeal Bodies
If you are not satisfied with our response, you can appeal to the following organizations:
- Taiwan: National Development Council Personal Data Protection Zone
- EU: Data Protection Authorities of member states
- US: Federal Trade Commission (FTC)
14. Privacy Policy Updates
We may update this Privacy Policy from time to time, including reflecting changes in our practices or for other operational, legal, or regulatory reasons.
14.1 Update Notification Methods
- Major changes: 30-day advance notice via app and email
- Technical updates: In-app notifications
- Regulatory updates: Immediate notification
- Official website announcements
14.2 User Choices
After policy updates, you can choose to:
- Continue using the service (indicating acceptance of the new policy)
- Stop using the service (if you do not accept the new policy)
- Request data processing under the old policy until the transition period ends
We recommend that you regularly review this policy to understand how we protect your information.
15. Contact Us
If you have any questions about this Privacy Policy or need to exercise your privacy rights, please contact us through the following methods:
15.1 Response Time
We will respond to your requests within 30 days of receiving them.
For the purposes of applicable data protection laws, My Aqive is the data controller of your personal information. This Privacy Policy has been reviewed for legal compliance and fully meets Apple iOS App Store listing requirements, Facebook Login Policy, GDPR, CCPA, and relevant regulatory requirements.