The Maum app service (hereinafter, the “Service”) operated (hereinafter, the “Company”) has established the following Privacy Policy to describe how we collect, use, and protect the personal information of our users. This Policy is compliant with the Act on Promotion of Information and Communications Network Utilization and Information Protection, Etc. (the “Communications Network Act”) and other applicable data protection laws, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). We are committed to safeguarding users’ personal information, rights, and interests, and to maintaining transparency about our privacy practices. This Privacy Policy is provided in English and applies to all users of the Service worldwide. It explains what information we collect, how we use it, how you can control it, and your rights regarding your information.
1.
Minimum Necessary Information: The Company collects the minimum amount of personal information necessary to provide the Service. The purpose of collection, the items collected, and the retention period vary depending on the features of the Service you use, as described below.
2.
Membership Registration and Account Management
Purpose of collection: To create and manage your account, verify your email, facilitate user matching based on preferences, and provide customer management services.
Required information: Email, gender, date of birth, approximate location data (e.g., GEO IP), device information (device model, OS version, unique device identification number), and mobile carrier information. Gender and date of birth are collected as mandatory information to enable matching preferences and provide an optimized service experience.
Optional information: Nickname and profile picture (these are provided at your discretion to enhance your profile).
Use and retention period: Information is used for account setup and management and retained until you delete your account (withdraw membership).
3.
Service Use
Purpose of collection: To enable and facilitate your use of core Service features such as managing your profile, participating in voice or text calls, social matching with other users, using search algorithms, and setting profile images.
Required information: Call details (voice call metadata such as duration, timestamps, and possibly quality metrics) and other data automatically collected during Service use (see Processing of Personal Information below for details on automatic collection).
Use and retention period: This information is used to provide the requested Service features and is retained until you withdraw your membership (delete your account).
4.
Service Quality Improvement
Purpose of collection: To analyze usage data and statistics in order to improve the quality of the Service, develop new features, and optimize the user experience. (Any analytics data is used in aggregate form without identifying individual users.)
Required information: Device identifier (such as a device ID or installation ID), call history, and other Service usage logs.
Use and retention period: Data is used for internal analysis and service improvement. It is retained only until the analytical purpose is achieved, after which any personally identifying elements (if any) are removed or the data is deleted.
5.
Prevention of Misuse and Fraud
Purpose of collection: To monitor for and prevent wrongful use of the Service, such as users who violate our policies, and to prevent banned users from re-registering under new accounts. This helps maintain a safe and trustworthy environment.
Required information: Account nickname, internal unique identification ID, call and usage history, other Service use details (e.g. interactions or messages), and purchase history (if applicable, for users who made in-app purchases or transactions), as well as call details.
Use and retention period: If a user is permanently banned for violating our policies, certain personal information of that user may be retained permanently (in a secure manner) to prevent re-registration and protect other users, in accordance with our Service Use Policy. For other users, this information is retained until membership withdrawal, unless a longer retention period is required by law.
6.
Customer Inquiries
Purpose of collection: To provide customer support and respond to service-related inquiries or issues you raise.
Required information: Your user identifier (such as your account ID or nickname) and the content of your inquiry (which may include additional contact information you provide and details of the issue).
Use and retention period: Used to respond to and resolve your inquiry. Retained until your account is deleted, unless we are required by law or you request earlier deletion.
7.
Event Participation (Optional)
Purpose of collection: To facilitate your participation in optional events, contests, or promotions, to verify eligibility, and to deliver prizes or gifts.
Required information: User identifier (such as account ID or nickname) and mobile phone number (for contacting winners or delivering rewards).
Use and retention period: Used for event administration. Retained until you withdraw your membership or for any separate period to which you have consented for that specific event.
Note: If you participated in promotions or events, those participation records (e.g. winner announcements or content you submitted) may not be automatically deleted upon account deletion, to the extent they are part of Service-related content or required to be retained for record-keeping.
8.
Consent to Receive Promotional Information (Optional)
Purpose of collection: If you opt in, to send you advertising or promotional communications about Service benefits, news, or events via text message, email, or push notification.
Required information: Nickname, Email, and mobile phone number (these are used as contact points for sending promotional materials).
Use and retention period: Used to send you marketing communications until you withdraw your consent or delete your account, whichever comes first.
Opt-Out: You may opt out of receiving advertisements or marketing communications at any time. To withdraw your consent, you can use the unsubscribe link provided in promotional emails, disable push notifications in the app settings, or contact us at help@lifeoasis.com with your request. Once you opt out, the Company will cease sending you promotional messages or advertisements.
9.
Processing of Personal Information
No Children Under 14: Our Service is not offered to children under 14 years of age, and the Company does not knowingly collect personal information from anyone under the age of 14. If we learn that we have inadvertently collected information from a child under 14, we will delete that information as soon as possible.
Call Matching Data: For certain features like call matching, additional usage information may be processed as described in our internal Operation Policy.
Collection Methods: We collect personal information in one of two ways: (1) information that you directly provide to us (for example, information you enter when registering, creating a profile, or contacting support), and (2) information that is automatically collected as you use the Service (for example, visit records, access logs, IP address, device type and OS version, network type, and other usage records of activities within the app).
User Consent: Where required by law, the Company will obtain your prior consent before collecting your personal information. You will typically provide consent by agreeing to this Privacy Policy and relevant terms when signing up, and you may be asked for consent again when providing optional information or if we introduce a new use of your data that requires consent.
10.
Face Authentication
Purpose of collection: To verify user identity during registration, prevent fraudulent or inappropriate use of the Service, and restrict re-registration of permanently suspended accounts.
Items collected: Facial image data and facial recognition vectors generated through the ARGOS authentication process. This information is classified as biometric data and may be considered sensitive personal information under applicable laws.
Processing and storage: Facial data is securely stored on Amazon Web Services, Inc. (USA) using encryption and restricted access controls. It is not used for any other purpose beyond identity verification and fraud prevention.
Retention period: Facial data is retained for up to six (6) months from the date of collection and automatically deleted thereafter. For accounts permanently suspended due to policy violations, certain facial data may be retained in a secure, segregated form solely to prevent re-registration or repeated abuse.
Consent and service use: Face authentication is conducted only with the user’s explicit consent. Users who choose not to provide facial data may be unable to access or use certain Service features that require identity verification.
1.
Automatically Collected Information: As you use the Service, the Company automatically collects certain technical and usage information to help operate and improve the Service. This includes, for example, records of your visits and activities within the app, your IP address, device and mobile network information, and usage logs of Service features (such as buttons clicked or pages viewed). This data may be used for purposes such as maintaining reliable service, analyzing usage patterns, preventing fraud, or troubleshooting issues.
2.
Cookies and Similar Technologies: The Service may use local storage or similar technologies (analogous to “cookies” in web services) to collect and store information automatically. This helps us remember your preferences, keep you logged in, and gather analytics data. You will be notified if any cookies or tracking technologies are used that require consent under applicable law, and you will have the opportunity to allow or refuse them.
3.
Opting Out or Clearing Collected Data: You have the option to prevent or clear the automatic collection of certain data by adjusting settings on your device:
Android: You can clear the app’s cached data and stored information by going to Settings > Apps > Maum > Storage > Clear Cache and Data. This will remove locally stored data (note that you may need to log in again or reconfigure settings afterward).
iOS: You can remove the app’s stored data by going to Settings > General > iPhone Storage > Maum, then choosing an option to Offload App or Delete App. Offloading the app frees up storage used by the app but keeps your documents and data; deleting the app will remove the app and all of its data from your device. If you want to clear all local data, you may choose to delete the app and reinstall it. Please note: Clearing or deleting the app’s data on your device will remove information stored on the device, but it will not automatically delete the personal information that is stored on our servers. To exercise rights like data deletion from our servers, you must follow the procedures outlined in Article 7 (User Rights) or Article 10 (GDPR rights) or Article 11 (CCPA rights), as applicable.
1.
General Retention Policy: The Company retains personal information only for as long as necessary to fulfill the purposes for which it was collected or as required by applicable laws. Once the purpose of processing is achieved or the retention period expires, the information is securely deleted so that it cannot be recovered or reconstructed.
2.
Retention Period for Member Information:
Upon Account Deletion: When a user deletes their account or withdraws membership, the Company retains personal information for a period of one (1) year to prevent service misuse, after which the data is deleted or anonymized. Information of permanently suspended users may be retained for fraud prevention purposes in accordance with this Policy.
Facial Authentication Data: Facial image data collected for identity verification is stored securely and retained for up to six (6) months from the date of collection. The data is automatically deleted after this period through secure technical measures. For users who are permanently suspended for policy violations, certain facial data may be retained in a segregated and protected form solely to prevent re-registration or repeated misuse.
Legal Requirements: Where retention is required by applicable laws (e.g., payment records, transaction logs), such data is stored only for the legally mandated period and used solely for that purpose.
3.
Destruction Procedure: When the retention period expires or the processing purpose is achieved, personal information is destroyed without delay. Electronic data is permanently deleted using technical measures to prevent recovery, and physical records are shredded or incinerated. The Company maintains internal records verifying that data destruction has been completed in accordance with this Policy.
1. Use of Trusted Service Providers
The Company may delegate the processing of personal information to third-party companies (hereinafter, “Service Providers”) to facilitate certain services on our behalf. These Service Providers have access to personal data only to perform their tasks as instructed by the Company and are prohibited from using it for any other purpose. The Company ensures that all data processing is carried out in compliance with applicable laws and under appropriate contractual safeguards.
2. Service Providers and Their Roles
Analytics
The Company uses third-party analytics service providers to monitor and analyze the usage of our Service.
Google Analytics
Purpose: Web and app analytics tracking
Privacy Policy: Google Privacy Policy
Opt-out: Google Analytics Opt-out
Firebase
Purpose: App performance tracking and analytics
Privacy Policy: Google Privacy Policy
Opt-out: Available through mobile device settings
Advertising
The Company uses third-party advertising services to display ads in the app and support the operation of our Service.
AdMob by Google
Privacy Policy: Google Privacy Policy
Opt-out: Google Ads Settings
AppLovin
Privacy Policy: AppLovin Privacy Policy
Facebook Audience Network
Privacy Policy: Facebook Privacy Policy
Mintegral
Privacy Policy: Mintegral Privacy Policy
Smaato
Privacy Policy: Smaato Privacy Policy
Liftoff
Privacy Policy: Liftoff Privacy Policy
Pangle
Privacy Policy: Pangle Privacy Policy
Payment Processing
The Company provides in-app purchases through third-party payment processors. The Company does not store or collect your full payment details. Instead, your information is processed securely by the following providers:
Apple App Store
Purpose: In-app payment processing for iOS users
Privacy Policy: Apple Privacy Policy
Google Play Store
Purpose: In-app payment processing for Android users
Privacy Policy: Google Privacy Policy
Cloud Storage & Infrastructure
The Company uses cloud computing and hosting services to operate our platform securely.
Amazon Web Services (AWS)
Purpose: Cloud infrastructure and data storage
Privacy Policy: AWS Privacy Policy
Google Cloud Platform (GCP)
Purpose: Cloud-based data storage and system operations
Privacy Policy: Google Privacy Policy
Customer Support & Communications
The Company uses third-party service providers to manage customer inquiries and facilitate support communications.
Channel
Purpose: Customer support platform
Privacy Policy: Channel Privacy Policy
Behavioral Remarketing
The Company uses remarketing services to display advertisements to users on third-party websites based on their past interactions with our Service. These services utilize cookies and similar tracking technologies to optimize ad delivery and personalize content.
Google Ads (AdWords)
Purpose: Personalized advertising based on user interactions with the Service.
Opt-out: Google Ads Settings | Google Analytics Opt-out Browser Add-on
Privacy Policy: Google Privacy Policy
Facebook Remarketing
Purpose: Interest-based advertising through Facebook's ad network.
Opt-out: Facebook Ad Preferences
Privacy Policy: Facebook Privacy Policy
Apple Search Ads
Purpose: Targeted advertisements on Apple platforms.
Privacy Policy: Apple Search Ads Privacy
Users can manage their preferences and opt out of behavioral advertising through the following methods:
Use industry-wide tools such as the Digital Advertising Alliance (USA), DAA Canada, or European Interactive Digital Advertising Alliance.
Identity Verification and Face Authentication
The Company uses third-party service providers to perform identity verification and face authentication for secure account creation and fraud prevention. Facial data is processed solely for verification purposes and handled under strict contractual and technical safeguards.
ARGOS Identity
Purpose: Face authentication and user verification during registration
Privacy Policy: ARGOS Identity Privacy Policy
3. Changes to Service Providers
If we change or add new service providers, or modify their roles, we will update this Privacy Policy accordingly and notify users if required. Users will be informed of any changes that may affect their rights or the processing of their personal data.
Your personal information is processed at the Company’s operating offices and by service providers listed in Article 4, which may be located in different countries. This means that your data may be transferred to and stored on servers outside your country, where data protection laws may differ from those in your jurisdiction.
By using our Service and providing your personal information, you consent to this transfer. The Company ensures that any international transfers comply with applicable data protection laws, including GDPR safeguards such as Standard Contractual Clauses (SCCs) for transfers from the EU/EEA.
We take all necessary measures to protect your personal data and only transfer it to organizations with adequate security controls. If we need to transfer your data to additional third parties overseas, we will inform you in advance and ensure appropriate protection measures are in place.
The Company takes the security of your personal information seriously and implements a variety of technical, administrative, and physical measures to prevent loss, theft, leakage, alteration, or damage of the information. These security safeguards include, but are not limited to, the following:
Minimization and Training: We limit access to personal information to authorized personnel only. The employees and partners who handle personal data are trained regularly about privacy obligations and are bound by confidentiality.
Internal Management Plan: We have established an internal privacy management plan and conduct periodic reviews to ensure that personal information is handled in accordance with this Privacy Policy and applicable laws.
Access Log Management: We securely maintain records of access to our personal information processing systems (logs of who accessed what data and when) and regularly monitor these records for any unauthorized access or alterations. Access logs are stored securely and protected against tampering, and are retained for at least one (1) year.
Encryption: Your personal information is encrypted where required or prudent. For instance, sensitive data (such as passwords, if collected, or certain identifiers) is stored and transmitted using encryption algorithms. We also use secure communication protocols (SSL/TLS) to encrypt data in transit over the network to protect it from eavesdropping.
Security Software and Updates: We utilize up-to-date security software, firewalls, and intrusion detection systems to guard our systems against hacking, viruses, and other cyber attacks. We periodically apply security patches and updates to our software and infrastructure as part of our technical measures against vulnerabilities.
Access Control: We implement strict access control mechanisms to personal information. Each authorized individual has a unique account, and their access is limited to the data they need to perform their job. We regularly review user privileges and revoke or update access when personnel changes occur.
1.
Rights to Access, Correction, and Deletion: You (as the data subject) have the right to access the personal information we hold about you, to request correction of any errors, and to request deletion of your personal information at any time. These rights can be exercised by contacting the Company and requesting the specific action. We will promptly review and honor your request within the bounds of applicable law. For example, you can request a copy of the personal data we have on file for you, ask us to correct an outdated or inaccurate phone number, or ask us to delete certain information you no longer wish us to retain (provided we do not need to keep it for legal reasons).
2.
How to Exercise Your Rights: You may exercise the above rights by submitting a request to the Company. Requests can be made in writing, via telephone, by email, or by other written communication (such as in-app support channels, where available). For convenience, you can email us at help@lifeoasis.com with your specific request (e.g., "I would like to access my data" or "Please delete my account information"). For security, we may need to verify your identity (for instance, by confirming information associated with your account) before processing your request. The Company will respond to your request without undue delay and within any timeframe required by law.
3.
Restrictions During Correction/Deletion: If you request correction of your personal information or deletion of certain data, during the period we are processing that request we will not use or provide the affected personal information to any third party. For example, if you contest the accuracy of some data and ask us to correct it, we will refrain from using that data until it is corrected. If we decide not to implement your request (e.g., if a law requires us to keep the data or if the data was correct as is), we will inform you of the reason.
4.
User’s Responsibility: We ask that you, as a user, also respect the privacy of others. You should not infringe on the privacy or personal information of any other individual while using our Service. You also should not violate applicable privacy laws or this Privacy Policy in the handling of your own or others’ data. This means, for instance, you should not collect personal information about other users without their consent, and you should not misuse information obtained through the Service. The Company will not be responsible for violations of privacy that occur due to your own actions in contravention of applicable laws or our policies.
1.
Data Protection Management: The Company has appointed a Personal Information Protection Manager to oversee all aspects of personal information processing and to handle user inquiries and complaints related to privacy. This person is responsible for ensuring that the Company complies with relevant data protection laws and that your requests and issues are addressed.
2.
Personal Information Protection Manager:
Name: Soo-Yong Kim
Position: Chief Executive Officer (CEO)
Contact (Email): help@lifeoasis.com
3.
Inquiries and Complaints: If you contact our Personal Information Protection Manager (or reach out to us through any of the provided contact methods) with a privacy-related inquiry or to lodge a complaint, we will respond as soon as possible. We will investigate your issue and provide a reply or resolution without delay, typically within 30 days or the timeframe required by law. We are committed to resolving any problems you may have in a fair and transparent manner. If you are not satisfied with our response, and you are in a jurisdiction that provides additional recourse (such as the right to contact a data protection authority), we will provide you with information on how to do so (see Article 10 for EU users).
The Company may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or operational needs. Any updates will be posted on this page, and we will revise the "Last Updated" date at the bottom of this document.
If the changes are significant (e.g., modifications in how we collect, use, or share personal information), we will notify you in advance via email, in-app notifications, or a banner on our website. If required by law, we will obtain your consent before implementing the changes.
We encourage you to review this Privacy Policy periodically. Changes become effective on the stated effective date, and your continued use of the Service after that date constitutes acceptance of the revised policy.
If you are located in the European Economic Area (EEA) or in a jurisdiction where the General Data Protection Regulation (GDPR) applies, the following provisions apply in addition to this Policy.
1. Legal Bases for Processing
The Company processes personal data on one or more of the following grounds:
Contractual necessity (Art. 6(1)(b)) – to provide and manage your account.
Consent (Art. 6(1)(a)) – for optional features or communications.
Legal obligation (Art. 6(1)(c)) – to comply with statutory duties.
Legitimate interest (Art. 6(1)(f)) – to prevent fraud and ensure service integrity.
2. Processing of Biometric (Sensitive) Data
Facial image data used for identity verification is treated as special category data under Art. 9(1). It is processed only with your explicit consent (Art. 9(2)(a)), which you may withdraw at any time. Upon withdrawal, such data will be deleted unless retention is required for fraud-prevention or legal compliance.
3. International Data Transfers
Your data may be transferred to and stored on servers in countries outside the EEA, including the United States, under lawful safeguards such as Standard Contractual Clauses (SCCs) ensuring adequate protection.
4. Your Rights
You have the right to access, rectify, erase, restrict, or object to the processing of your personal data, and to data portability. You may also withdraw consent at any time. The Company will respond without undue delay and within the period required by law.
5. Complaints
You may file a complaint with your local data protection authority (DPA) if you believe your GDPR rights have been violated. The Company encourages users to contact us first for prompt resolution.
This section applies to California residents and supplements our general Privacy Policy in accordance with the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).
1. Categories of Personal Information Collected
In the past 12 months, the Company may have collected the following categories of personal information:
Identifiers: Account ID, email address, and device identifiers.
Personal characteristics: Gender, date of birth (if provided).
Sensitive information: Facial image data used for identity verification and fraud prevention.
Internet or app activity: Usage logs, call metadata, and device information.
Commercial information: Purchase or transaction records (if applicable).
2. Purpose of Collection and Use
Personal information is used to operate and improve the Service, verify user identity, prevent misuse, and comply with applicable laws.
Sensitive information such as facial image data is used only for verification and security purposes and is not shared for advertising or marketing.
3. Disclosure and Sharing of Personal Information
The Company does not sell personal information for monetary consideration.
Certain data may be disclosed to service providers under contractual restrictions to perform specific functions (e.g., cloud storage, payments, verification).
The Company does not share sensitive personal information for cross-context behavioral advertising without consent.
4. Rights of California Residents
California residents have the right to:
Know what personal information is collected and how it is used.
Request deletion or correction of personal information.
Opt-out of the sale or sharing of personal information.
Limit the use of sensitive personal information to the purposes described in this Policy.
Exercise these rights without discrimination.
Verification may be required before processing, and responses will be provided within the time limits prescribed by law.
5. Notice Regarding Minors
The Service is not intended for users under 16 years of age, and the Company does not knowingly collect personal information from minors.