Privacy Policy

SleepFit Privacy Policy

This Privacy Policy explains the purposes, items, retention period, and security measures for processing personal data in relation to the SleepFit mobile application (the “Service”).

Effective Date: December ○, 2025 · Version: v1.0

1. Purpose of Personal Data Collection and Use

The Company collects the minimum necessary personal data for the following purposes:

  1. User registration and identity verification (email or social login)
  2. Service provision: sleep session recording, analysis, and report generation
  3. Notification services (bedtime reminders, etc.)
  4. Account and device security management
  5. Service quality improvement and error analysis

2. Personal Data Collected

① Required Information

  1. User information (TB_USERS): USER_ID, PROVIDER, USER_NAME, USER_EMAIL
  2. Device information (TB_USER_DEVICE): DEVICE_ID, OS info, app version, FCM token
  3. Authentication data (TB_USER_TOKENS): refresh token JTI, expiration, revocation status

② Data Generated During Service Use

  1. Sleep session summaries (tb_sleep_session)
  2. Epoch-based summaries (tb_sleep_epoch)
  3. Sleep events (tb_sleep_event)

③ Data Not Collected

  1. No raw audio recordings stored
  2. No video or camera data
  3. No precise location (GPS) data

3. Retention and Processing Period

  1. User and device data: deleted immediately upon account deletion
  2. Token data: deleted immediately upon account deletion
  3. Sleep data: retained only while service is active; deleted upon account deletion

4. Provision to Third Parties

Personal data is not provided to third parties except:

  1. With prior user consent
  2. When required by law

5. Outsourcing of Data Processing

The Company may outsource certain operations while ensuring lawful and secure processing.

6. User Rights

  1. Access, correction, and deletion requests
  2. Suspension of processing requests
  3. Immediate deletion via account withdrawal

7. Security Measures

  1. Password hashing (bcrypt/argon2)
  2. HTTPS encrypted transmission
  3. Strict access control and monitoring
  4. No raw audio storage

8. Data Destruction

  1. Immediate destruction upon purpose fulfillment
  2. Permanent deletion or anonymization
  3. Immediate deletion upon account withdrawal

9. Cookies and Analytics

Anonymous usage patterns may be collected for service improvement.

10. Privacy Officer

Chief Privacy Officer: Joonghee Choi
Contact: developer@haebitlabs.com

Supplementary Provision

This policy is effective from December 1, 2025.

This document is the official Privacy Policy of SleepFit and may be updated according to operational policies.