Maia Legal Hub

Privacy Policy

Last Updated: April 10, 2026

Effective Date: April 10, 2026

Maia – AI Personal Companion
Moraalink
Last Updated: April 10, 2026
Effective Date: April 10, 2026

1. Introduction

Welcome to Maia ("App", "we", "us", "our"), an AI-powered personal companion application developed and operated by Moraalink ("Company"). This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information when you use the Maia mobile application and related services (collectively, the "Service").

By downloading, installing, accessing, or using Maia, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use the Service.

2. Information We Collect

2.1 Information You Provide Directly

Data Type Purpose
Google Account Information (email address, profile name) Authentication and account creation via Google OAuth 2.0
Preferred Name Personalized experience and AI interaction
Phone Number (if provided) Account identification and support purposes
Time Zone Scheduling and localized experience
Language Preference (English / Dutch) Language selection for speech recognition and AI responses
Supervisor/Caregiver Email Addresses and Names Emergency contact and caregiver access configuration

2.2 Information Collected Automatically

Data Type Purpose
Device Unique Identifier Device registration and session management
Device Model and Manufacturer Technical support and compatibility
Operating System Version Technical support and compatibility
App Version Version tracking and update management
Firebase Cloud Messaging (FCM) Token Delivery of push notifications

2.3 Audio and Speech Data

Our App requires access to your device's microphone (android.permission.RECORD_AUDIO) to provide voice-based interaction with the AI companion. The following applies to audio data:

  • Live audio streams are transmitted in real-time to Microsoft Azure Cognitive Services for speech-to-text (STT) processing.
  • Audio is NOT stored on your device or our servers. It is processed in real-time and discarded after transcription.
  • Transcribed text (the result of speech recognition) is sent to our backend servers for AI processing and to generate responses.
  • Text-to-Speech (TTS) audio responses are generated by Microsoft Azure Cognitive Services and played back on your device. TTS audio is not stored.

2.4 Conversation Data

  • Conversation transcripts (text converted from your speech) are transmitted to our backend servers for AI processing.
  • AI-generated responses are returned to the App for playback and display.
  • Conversation identifiers are generated per session for tracking and continuity purposes.
  • Token usage metrics (number of tokens used in AI processing) are tracked for service management.

2.5 Information We Do NOT Collect

  • We do NOT access your camera.
  • We do NOT collect your GPS location or precise geolocation data.
  • We do NOT access your contacts, call logs, or SMS messages.
  • We do NOT access your photos, files, or other media stored on your device.
  • We do NOT use third-party analytics SDKs (such as Google Analytics, Mixpanel, or Flurry).

3. How We Use Your Information

We use the information we collect for the following purposes:

  1. Providing the Service: To enable AI-powered voice conversations, speech recognition, and text-to-speech functionality.
  2. Authentication: To verify your identity via Google OAuth 2.0 and Firebase Authentication.
  3. Personalization: To customize your experience based on your preferred name, language, and time zone.
  4. Push Notifications: To deliver important messages, AI-initiated conversations, and system notifications via Firebase Cloud Messaging.
  5. Caregiver/Supervisor Access: To enable authorized caregivers or supervisors to be associated with your account for support and emergency purposes.
  6. Service Improvement: To monitor service performance, diagnose technical issues, and improve the quality of AI interactions.
  7. Security: To protect against unauthorized access, fraud, and abuse.

4. Third-Party Services and Data Sharing

We integrate with the following third-party services to provide core functionality:

4.1 Microsoft Azure Cognitive Services

  • Purpose: Speech-to-Text (STT) and Text-to-Speech (TTS) processing.
  • Data Shared: Live audio streams (for STT), text content (for TTS).
  • Data Retention by Microsoft: Subject to Microsoft Azure Cognitive Services Privacy Policy.
  • Authentication: Secured via temporary tokens with a 9-minute expiration.

4.2 Google Firebase

  • Purpose: User authentication (Firebase Auth), push notifications (Firebase Cloud Messaging).
  • Data Shared: Authentication tokens, FCM tokens, device information.
  • Data Retention by Google: Subject to Google Privacy Policy.

4.3 Google Sign-In (Google Play Services)

  • Purpose: OAuth 2.0 authentication.
  • Data Shared: Google account email and profile information.
  • Data Retention by Google: Subject to Google Privacy Policy.

4.4 Moraalink Backend Servers

  • Purpose: AI conversation processing, user account management, device registration, and supervisor management.
  • Data Shared: Transcribed text, user profile data, device information, conversation data.
  • Server Location: Our servers are hosted securely and all communications are encrypted via TLS/SSL.

We do NOT sell, rent, or trade your personal information to any third party for marketing or advertising purposes.

5. Data Storage and Security

5.1 Local Storage

The following data is stored locally on your device:

  • User profile data (preferred name, language, time zone) in a local encrypted database.
  • Session information (user ID, onboarding status) in secure local preferences.
  • No audio recordings are stored locally.

5.2 Server-Side Storage

  • Conversation data and user profile information are stored on our secure backend servers.
  • All data transmitted between the App and our servers is encrypted using TLS/SSL encryption.

5.3 Security Measures

We implement industry-standard security measures including:

  • TLS/SSL encryption for all data in transit.
  • Firebase Authentication tokens for API authorization.
  • Temporary speech service tokens with short-lived expiration (9 minutes).
  • Code obfuscation (ProGuard) in release builds to protect application logic.
  • No API keys or secrets are hardcoded in the application source code.

Despite our efforts, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

6. Data Retention

  • Account Data: Retained as long as your account is active. You may request deletion at any time.
  • Conversation Data: Retained on our servers for service improvement and continuity purposes. You may request deletion at any time.
  • Audio Data: NOT retained. Audio streams are processed in real-time and immediately discarded after transcription.
  • Device Tokens: Updated as needed and removed upon account deletion or device de-registration.

7. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights:

  1. Right to Access: Request a copy of the personal data we hold about you.
  2. Right to Rectification: Request correction of inaccurate or incomplete personal data.
  3. Right to Deletion: Request deletion of your personal data ("Right to be Forgotten").
  4. Right to Restrict Processing: Request that we limit how we use your data.
  5. Right to Data Portability: Request a machine-readable copy of your data.
  6. Right to Withdraw Consent: Withdraw consent for data processing at any time.
  7. Right to Object: Object to processing of your personal data.

To exercise any of these rights, please contact us at Service@moraalink.com.

7.1 Managing Permissions

You can revoke microphone access at any time through your device's Settings > Apps > Maia > Permissions. Please note that revoking microphone access will disable voice interaction functionality.

7.2 Account Deletion

You may request complete deletion of your account and all associated data by contacting us at Service@moraalink.com. We will process your request within 30 days.

8. Children's Privacy

Maia is not intended for use by children under the age of 13 (or the minimum age required by applicable law in your jurisdiction). We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will take steps to delete such information promptly. If you believe we have inadvertently collected data from a child under 13, please contact us at Service@moraalink.com.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including countries where data protection laws may differ. By using the Service, you consent to the transfer of your information to these countries. We take appropriate safeguards to ensure your data is protected in accordance with this Privacy Policy.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the updated Privacy Policy within the App.
  • Updating the "Last Updated" date at the top of this document.
  • Sending a push notification for significant changes (where applicable).

Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy.

11. Push Notifications

We use Firebase Cloud Messaging (FCM) to send push notifications. These may include:

  • AI-initiated conversations and responses.
  • System notifications and service updates.
  • Important alerts and messages.

You can disable push notifications at any time through your device's notification settings.

12. Health and Wellness Features

Maia includes optional wellness-related features such as guided relaxation modes, sleep assistance modes, and eating mode reminders. These features:

  • Are purely informational and for general wellness purposes only.
  • Do NOT constitute medical advice, diagnosis, or treatment.
  • Should NOT be used as a substitute for professional medical advice.
  • Do NOT collect or process any health-related biometric data.

13. Emergency Features

Maia may include emergency alert functionality. Important disclaimers:

  • Emergency alert features are provided "as-is" and are NOT a replacement for official emergency services (e.g., 112, 911).
  • Moraalink does NOT guarantee the availability, reliability, or timeliness of emergency alerts.
  • Users should always contact official emergency services directly in case of a genuine emergency.
  • Moraalink shall not be held liable for any damages, injuries, or losses resulting from reliance on the App's emergency features.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

By using Maia, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.

Back to Maia Privacy Policy Terms of Service