Privacy Policy – Maaltalk Global & MaaltalkNow App

Last Updated: December 7, 2025

eSIM Store

MaaltalkNow App

This Privacy Policy explains how Maaltalk Global ("Maaltalk", "we", "our", or "us") collects, uses, shares, and protects your information when you:

Visit and purchase from our eSIM store at shop.maaltalk.com (the "Site"); and/or
Use the MaaltalkNow mobile application (the "App").

If you only use the eSIM commerce Site and not the App, you may also refer to our separate, shorter eSIM Commerce Privacy Policy. This document covers both the Site and the App in more detail.

1. Who We Are (Data Controller)

Maaltalk Global
Dial Communications, Inc.
30 N Gould St Ste R Sheridan, WY 82801, United States
Email: cs_global@dial070.co.kr

Website: https://shop.maaltalk.com

For individuals in the European Economic Area (EEA) and the United Kingdom, Maaltalk Global is the data controller of your personal data in connection with the Site and the App.

2. Scope of This Policy

This Policy applies when you:

Browse, register, or purchase eSIMs via the Site;
Install and use the MaaltalkNow App on your mobile device;
Contact us regarding your purchases or app usage.

3. Information We Collect

3.1 eSIM Store (Site)

Account & contact info - Name, email, etc.
Order & transaction data - Products, billing, order details
Customer support info - Messages and related data

3.2 Automatic Collection

Device model, OS, browser/app version
IP address and approximate region
Log information and performance data
eSIM connectivity statistics

3.3 App Features

AI assistant - Chat questions & prompts
Smart Lens - Camera translation images
Budget tracking - Travel expenses
Location features - Temporary location data
Notifications - Alert preferences

3.4 Information We Do Not Intentionally Collect

Passport numbers or government-issued IDs;
Biometric identifiers (such as fingerprints or facial scans);
Continuous background GPS tracking beyond what is necessary to provide requested features;
Full payment card details (handled by payment processors only).

3.5 App Registration and Feature-Specific Information Collection

Information Collected During App Registration

When registering for the MaaltalkNow App, the following information is collected and stored:

Email Address - For account identification and service-related communication
Gender - Optional information used to personalize travel experiences
Travel Preference - Used to provide interest-based customized content and recommendations

This information is stored as part of your member account and is used to deliver and improve app services.

Information Collected Through App Features

The App collects additional information through specific features:

Location Data

Location information is collected only when a location-based feature is actively requested by the user (e.g., finding nearby places, navigation).
Location data is transmitted in real-time to provide the requested service but is not stored on our servers after the session ends.
You can enable or disable location access through your device's app permission settings at any time.

Images and Photos

Images or photos may be uploaded when using features such as Smart Lens (translation), travel journal, or profile customization.
These images are transmitted to our servers for processing (e.g., translation, storage).
Depending on the feature, uploaded images may be stored for a limited period to enable feature functionality (e.g., saving translated text, travel memories).
You can typically delete uploaded images within the App, after which they will be removed from our servers in accordance with our data retention policy.

AI Assistant & User Content

Text input, questions, or prompts submitted to the AI Assistant feature are processed to generate responses.
Such content may be stored temporarily for improving response accuracy and service quality but is anonymized and not linked directly to your identity for analysis.

Summary of Storage Practices

Stored: Email, Gender, Travel Preference (account data)
Transmitted but not stored: Real-time location data (session-only)
Transmitted and may be stored for a limited period: Images/photos (feature-dependent), AI Assistant queries (anonymized)

4. How We Use Your Information

4.1 Purposes of Processing

We use your personal data to:

eSIM Services

Process purchases, activate eSIMs, manage orders

App Features

AI tools, translation, budgeting, location services

Support

Respond to inquiries, provide customer support

Security

Prevent fraud, misuse, and security incidents

Legal Compliance

Meet tax, accounting, telecom regulations

Communications

Service updates and marketing (with consent)

4.2 Legal Bases under EU GDPR and UK GDPR

For users in the EEA and UK, we rely on one or more of the following legal bases:

Performance of a contract Legitimate interests Legal obligation

Note: We do not use your personal data for automated decision-making that produces legal or similarly significant effects under Article 22 GDPR or UK GDPR.

5. Cookies and Similar Technologies

We use cookies and similar technologies on the Site, and certain tracking technologies in the App, to:

Remember your preferences and settings;
Maintain your login session and cart state;
Measure the performance and usage of our Site and App;
Improve features and user experience.

You can manage cookies in your browser settings and, where applicable, control certain tracking settings within your device or the App. Disabling some cookies or tracking tools may affect functionality.

6. How We Share Your Information

We do not sell your personal information.

We may share your data with:

Payment processors – to complete your transactions securely;
eSIM connectivity partners – to activate and maintain your eSIM service;
Cloud hosting and infrastructure providers – to run the Site and the App;
Customer support platforms – to manage support requests and communication;
Analytics and monitoring providers – to understand performance and detect issues;
Professional advisors – such as lawyers, accountants, or consultants, where necessary;
Regulators or law enforcement – where required by applicable law or valid legal process.

These third parties are required to protect your information and use it only as instructed by us.

7. International Data Transfers (EU & UK)

We may transfer your personal data to countries outside your country of residence, including outside the EEA and the UK. When we transfer data from the EEA or the UK to a country that does not provide the same level of protection, we use appropriate safeguards, such as:

EU Standard Contractual Clauses (SCCs) for EEA-origin data;
UK International Data Transfer Agreement (IDTA) or UK Addendum to SCCs for UK-origin data;
Additional technical and organizational measures, such as encryption and access controls.

8. Data Retention

We retain your personal data only as long as necessary for the purposes described in this Policy:

Order and billing records – retained as required by tax and accounting laws;
eSIM service and connectivity logs – retained for a limited period to support service and then deleted or anonymized;
App usage and diagnostics – retained for a limited time to troubleshoot and improve performance;
Customer support records – retained until the issue is resolved and for a reasonable period afterward;
Data for optional features (e.g., budgeting entries) – retained while the feature is in use and until you delete it or close your account, subject to legal obligations;
Location data – used in real time to provide a feature and not stored on our servers after use.

9. How We Protect Your Information

We use appropriate technical and organizational measures to safeguard your personal data, including encryption, secure storage, access controls, and regular security reviews. Although no system is completely secure, we strive to protect your information from unauthorized access, loss, misuse, or alteration.

10. Your Rights (EU GDPR & UK GDPR)

If you are located in the EEA or the UK, you have the following rights, subject to certain conditions:

The right to access your personal data;
The right to correct inaccurate or incomplete data;
The right to request deletion of your data in certain circumstances;
The right to restrict processing of your data;
The right to object to processing based on our legitimate interests;
The right to data portability for information you provided to us;
The right to withdraw consent at any time where processing is based on consent.

To exercise these rights, please contact us at:
cs_global@dial070.co.kr

We will respond within timeframes required by applicable law (for example, within one month under GDPR/UK GDPR).

You also have the right to lodge a complaint:

EEA users – with your local supervisory authority in the EEA;
UK users – with the Information Commissioner's Office (ICO) at https://ico.org.uk.

11. California Privacy Rights (CCPA/CPRA)

If you are a resident of California, you may have additional rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).

11.1 Categories of Personal Information

In the last 12 months, we may have collected:

Identifiers (name, email address, IP address, device identifiers);
Customer records (billing information, order history);
Commercial information (purchased products and app-related services);
Internet or other electronic network activity (Site/App usage data);
Approximate geolocation (e.g. region based on IP or location settings).

11.2 CCPA/CPRA Rights

The right to know what personal information we collect, use, and disclose;
The right to request deletion of personal information, subject to legal exceptions;
The right to correct inaccurate personal information;
The right to non-discrimination for exercising any of your rights.

11.3 Sale or Sharing of Personal Information

We do not sell your personal information for money. We also do not "share" your personal information for cross-context behavioral advertising as defined under the CPRA. If our practices change, we will update this Policy and provide appropriate notices and opt-out mechanisms.

11.4 How to Exercise California Rights

To exercise your rights under the CCPA/CPRA, please contact us at:
cs_global@dial070.co.kr

We may ask for additional information to verify your identity and residency in California.

12. Children's Privacy

Our Service (Site and App) is intended for users aged 16 and above. We do not knowingly collect personal information from children under the age of 16.

We do not employ age-verification procedures prior to access, which is a common practice among many global online services.
However, if a parent or guardian believes that a child under their supervision has provided us with personal information, please contact us immediately at cs_global@dial070.co.kr.
If we become aware that we have collected personal data from a child under 16 without verification of parental consent, we will take all reasonable steps to delete that information from our servers as promptly as possible, to the extent permitted by law.
We encourage parents and guardians to actively monitor their children's online activities and to help enforce our privacy policy by instructing their children never to provide personal information through our Service without their permission.

13. Changes to This Policy

We may update this Privacy Policy from time to time in response to changes in our services, legal requirements, or internal practices. When we do, we will update the "Last Updated" date at the top, and where appropriate, we will provide additional notice (for example, inside the App or on the Site).