Maloha

Privacy Policy for Maloha

Effective Date: August 18, 2025

Last Updated: August 18, 2025

1. Introduction

Welcome to Maloha ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application Maloha (the "App"), which provides real-time AI voice and video communication services.

By using our App, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this policy, please do not use our App.

2. Information We Collect

2.1 Information You Provide to Us

Account Information

  • Device identifier (for app functionality)
  • Language preference
  • Selected AI model preferences
  • Audio device preferences (speaker/earpiece)

Communication Data

  • Voice and video data during active sessions (transmitted in real-time, not stored)
  • Text messages sent through the chat interface (session-based, not permanently stored)

2.2 Information Automatically Collected

Device Information

  • Device type and model
  • Operating system and version
  • App version
  • Device locale and timezone
  • Network connection type

Usage Information

  • App feature usage statistics
  • Session duration
  • Error logs and crash reports
  • Performance metrics

2.3 Permissions Required

Our App requires the following permissions to function properly:

  • Camera: For video calling features
  • Microphone: For voice calling features
  • Network Access: For WebRTC connections
  • Audio Settings: For managing audio routing (speaker/earpiece)
  • Wake Lock: To keep the screen active during calls
  • Bluetooth (Android only): For Bluetooth audio device support

3. How We Use Your Information

We use the collected information for:

3.1 Service Provision

  • Establishing WebRTC connections for real-time communication
  • Routing your voice/video calls to selected AI models
  • Managing audio and video streams
  • Providing multi-language support

3.2 Service Improvement

  • Analyzing app performance and stability
  • Debugging and fixing technical issues
  • Improving user experience and interface
  • Developing new features

3.3 Security

  • Preventing fraudulent or unauthorized use
  • Ensuring secure WebRTC connections
  • Protecting against security threats

4. Data Storage and Security

4.1 Real-Time Communication

  • Voice and video streams are transmitted in real-time using WebRTC
  • Communications are end-to-end encrypted during transmission
  • We do not record or store your conversations
  • Data channels use secure DTLS encryption

4.2 Local Storage

  • User preferences are stored locally on your device
  • No personal conversation data is stored on our servers
  • Session data is cleared when you close the app

4.3 Security Measures

  • TLS/SSL encryption for all API communications
  • Secure WebRTC signaling server (HTTPS)
  • Regular security audits and updates
  • No persistent storage of sensitive data

5. Third-Party Services

Our App interacts with the following third-party services:

5.1 AI Model Providers

We connect you with various AI models including:

  • OpenAI (GPT-4, GPT-4o)
  • Anthropic (Claude models)
  • Google (Gemini models)
  • Other AI service providers

Note: Your communications with AI models are subject to the respective AI provider's terms and policies. We act only as a communication bridge.

5.2 WebRTC Infrastructure

  • STUN/TURN servers for connection establishment
  • Signaling server for WebRTC negotiation

5.3 Analytics (if applicable)

  • Anonymous usage statistics
  • Crash reporting services
  • Performance monitoring

6. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share information only in the following circumstances:

6.1 With Your Consent

  • When you explicitly agree to share information

6.2 Legal Requirements

  • To comply with legal obligations
  • To respond to lawful requests by public authorities
  • To protect our rights, privacy, safety, or property

6.3 Business Transfers

  • In connection with a merger, sale of company assets, or acquisition

7. Children's Privacy

Our App is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

8. Your Rights and Choices

8.1 Access and Control

  • You can access and modify your preferences within the App settings
  • You can clear local data by uninstalling the App
  • You can deny or revoke permissions through your device settings

8.2 Communication Preferences

  • Choose your preferred language from 14 available options
  • Select your preferred AI model
  • Control audio routing (speaker/earpiece)
  • Toggle between Push-to-Talk and Voice Activity Detection modes

8.3 Data Deletion

  • Since we don't store conversation data, there's no need to request deletion
  • Uninstalling the App removes all locally stored preferences

9. International Data Transfers

Your information may be processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country. By using our App, you consent to the transfer of information to countries outside of your country of residence.

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by:

  • Updating the "Last Updated" date at the top of this policy
  • Providing in-app notifications for significant changes
  • Requiring your consent for material changes that affect your rights

11. Open Source Transparency

Maloha is committed to transparency. Our codebase is open source and available for review on GitHub, allowing you to verify our privacy practices and security implementations.

12. Contact Information

If you have questions or concerns about this Privacy Policy, please contact us:

Email: privacy@maloha.app

GitHub: https://github.com/undermilli/maloha

Address: [Company Address]

13. Additional Information for Specific Regions

13.1 European Union (GDPR)

If you are a resident of the European Union, you have additional rights under the General Data Protection Regulation (GDPR):

  • Right to access your personal data
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to data portability
  • Right to object to processing
  • Right to lodge a complaint with supervisory authorities

Legal Basis: We process your data based on:

  • Your consent (for optional features)
  • Legitimate interests (for app functionality and security)

13.2 California (CCPA)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt-out of the sale of personal information (we do not sell your data)
  • Right to non-discrimination

13.3 Other Jurisdictions

We respect privacy rights in all jurisdictions where our App is available and will comply with applicable local privacy laws.

14. Data Breach Notification

In the unlikely event of a data breach that affects your personal information, we will:

  • Notify affected users within 72 hours of discovery
  • Provide information about the nature of the breach
  • Describe measures taken to address the breach
  • Recommend steps you can take to protect yourself

15. Disclaimer

While we implement industry-standard security measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your information. Use of the App is at your own risk.

Acknowledgment

By using Maloha, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.

Version: 1.0.0