On this page

Contents

  1. 1. Who We Are
  2. 2. Scope
  3. 3. Information We Collect
  4. 4. How We Use Information
  5. 5. Legal Bases for Processing
  6. 6. How Conversations and Voice Features Work
  7. 7. How We Disclose Information
  8. 8. Selling and Sharing Personal Information
  9. 9. Cookies and Similar Technologies
  10. 10. Data Retention
  11. 11. International Processing
  12. 12. Security
  13. 13. Your Privacy Rights
  14. 14. Marketing Communications
  15. 15. Children's Privacy
  16. 16. Automated Processing and AI
  17. 17. Third-Party Links and Services
  18. 18. Changes to This Policy
  19. 19. Contact and Complaints

MOMO Privacy Policy

Effective date: June 13, 2026

Last updated: June 13, 2026

This Privacy Policy explains how MOMO ("we," "us," or "our") collects, uses, discloses, and protects personal information when you use the MOMO website, applications, conversational search, voice features, business tools, QR tools, and related services (collectively, the "Service").

This is a template for informational purposes. Consult with a qualified attorney for legal advice specific to your situation.

1. Who We Are

MOMO is a conversational local business directory. It helps people find and compare nearby businesses using text or voice and provides tools that allow eligible business representatives to claim and manage business listings.

2. Scope

This Policy applies to personal information processed through the Service. It does not govern third-party websites, applications, maps, business websites, authentication providers, or other services that you may access through links or integrations in the Service.

Business listing information that identifies a business rather than an individual may not be personal information under applicable law. However, information about sole proprietors, business representatives, claimants, or other identifiable people may be personal information and is covered by this Policy.

3. Information We Collect

3.1 Information You Provide

Depending on how you use the Service, we may collect:

  • Account information: email address, password-related authentication records, display name, profile image, phone number, default market, account metadata, and referral source.
  • Authentication information: information received when you sign in using a supported third-party provider, such as Google, Apple, Microsoft, or GitHub. The available providers may change.
  • Search and conversation information: typed messages, dictated text, voice transcripts, assistant responses, conversation titles, search results, selected market, and location labels.
  • Voice and audio information: microphone audio used to provide realtime voice interactions or transcription. Audio may be sent to service providers to generate transcripts and responses.
  • Saved content: businesses you save, list names, notes, and related preferences.
  • Contact information: name, email address, subject, and message submitted through the contact form.
  • Business claim information: business name, your role, website, phone number, evidence, notes, and information used to review whether you are authorized to represent a business.
  • Business profile information: descriptions, taglines, images, logos, hours, specialties, contact details, booking links, calls to action, and other listing content submitted by authorized business users.
  • QR tool information: destination URLs, branding choices, associated user account, and information used to rate-limit or secure the tool.
  • Communications: information you provide when you contact us, report a problem, request support, exercise a privacy right, or otherwise communicate with us.

Please do not include sensitive personal information, confidential information, health information, financial account information, government identifiers, or information about another person in search prompts, voice requests, claim evidence, or free-text fields unless it is necessary and you are authorized to provide it.

3.2 Location Information

With browser permission, the Service may collect precise device coordinates to provide nearby results. We may also collect a location you enter manually, a city or neighbourhood label, the source of the location selection, and a market identifier.

The Service may:

  • store a selected location in browser local storage;
  • use session storage to preserve temporary search and conversation context;
  • send coordinates or location labels to our servers for search and geocoding;
  • send location information to OpenAI as part of a realtime voice session context; and
  • send location information to Google services for geocoding, reverse geocoding, place autocomplete, or place details.

You can deny or revoke location permission through your browser or device settings. Some nearby-search functionality may then be unavailable or less accurate.

3.3 Information Collected Automatically

When you use the Service, we or our service providers may automatically collect:

  • IP address and request metadata;
  • browser, device, operating system, and network information;
  • authentication session and cookie information;
  • timestamps, pages or features used, and technical logs;
  • conversation, voice-session, and business identifiers;
  • interaction events such as searches, result views, saves, calls, website clicks, directions, shares, comparisons, and navigation actions;
  • source mode, such as typed text, dictated text, or realtime voice;
  • operational metrics, error records, rate-limit data, and security events; and
  • QR generation activity, including destination URL, account identifier when signed in, and IP address.

The implemented first-party analytics pipeline is designed to remove payload keys associated with message text, query text, transcripts, audio, and similar content before analytics events are stored. Conversation content may still be stored separately for signed-in users as described below.

3.4 Business Listing Information

We collect or receive business listing data from public sources, business representatives, data providers, and third-party services such as Google Places. This may include:

  • business name, category, description, and service area;
  • address, coordinates, phone number, email address, and website;
  • hours, ratings, review counts, review excerpts, photos, and place identifiers;
  • listing status, claim status, and business profile content; and
  • derived information such as search embeddings, summaries, classifications, ranking signals, and review syntheses.

If business information identifies you personally, you may contact us to request access or correction, subject to applicable law.

3.5 Information From Other Sources

We may receive information from:

  • authentication providers you choose to use;
  • business data and mapping providers;
  • business representatives and workspace members;
  • public websites and public business records;
  • people who contact us or submit information about a business; and
  • fraud prevention, security, and service providers.

4. How We Use Information

We may use personal information to:

  • create, authenticate, maintain, and secure accounts;
  • provide text, voice, location, search, map, saved-business, history, QR, and business-management features;
  • process prompts, audio, transcripts, and search requests;
  • personalize results using your selected location, market, saved businesses, and conversation context;
  • save and restore conversations for signed-in users;
  • review business claims and provision business workspaces;
  • publish information that authorized business users choose to make public;
  • respond to contact forms, support requests, complaints, and privacy requests;
  • measure use of the Service and improve ranking, reliability, accessibility, and product performance;
  • detect, investigate, prevent, and respond to abuse, fraud, security incidents, and violations of our Terms of Service;
  • comply with legal obligations and enforce legal rights; and
  • send service-related messages and, where permitted and with any consent required by law, marketing communications.

We will not use personal information for a new purpose that is materially incompatible with the purpose for which it was collected without providing notice or obtaining consent where required.

Where laws such as the UK GDPR or EU GDPR apply, we rely on one or more of the following legal bases:

  • Contract: processing necessary to provide the Service you request or take steps at your request before entering a contract.
  • Consent: for optional processing such as precise location, microphone access, certain marketing, or other processing where consent is required. You may withdraw consent at any time, without affecting prior lawful processing.
  • Legitimate interests: operating, securing, improving, and understanding the Service; preventing abuse; managing business listings; and communicating with users, where those interests are not overridden by your rights.
  • Legal obligation: complying with applicable laws, lawful requests, recordkeeping duties, and regulatory requirements.
  • Legal claims and vital interests: protecting rights, safety, and property or responding to urgent threats where applicable.

Where Canadian privacy law applies, we collect, use, and disclose personal information with consent or as otherwise permitted or required by law.

6. How Conversations and Voice Features Work

Signed-in users

For signed-in users, the Service may store:

  • conversation title and mode;
  • typed messages and voice transcripts;
  • assistant messages and associated result data;
  • selected market and last location label; and
  • timestamps and archive status.

Starting a new search may archive the previous conversation rather than immediately delete it. Conversation history can be displayed in the account's history area.

Users who are not signed in

For users who are not signed in, temporary search results, selected location, onboarding state, saved-business identifiers, and conversation preferences may be kept in local or session storage in the browser. Requests are still processed by our servers and relevant service providers.

Voice processing

Realtime voice mode may establish a direct WebSocket connection from your browser to OpenAI using a short-lived token issued by our server. Audio, transcripts, prompts, tool calls, location context, and generated responses may be processed by OpenAI to provide the feature. Dictation or fallback transcription may also use browser speech-recognition functionality or OpenAI transcription services.

Do not use voice features where recording or transmitting a conversation would violate law or another person's rights. Obtain any consent required from people who may be audible.

7. How We Disclose Information

We may disclose personal information to:

  • Service providers: hosting, database, authentication, AI, transcription, mapping, geocoding, security, infrastructure, support, and analytics providers that process information for us.
  • OpenAI: to process text prompts, generate embeddings and responses, transcribe audio, synthesize speech, and provide realtime voice features.
  • Supabase: to provide authentication, session management, database, and related backend services.
  • Google: to provide Places data, place autocomplete, geocoding, maps, and Safe Browsing checks. If you choose Google authentication, Google also processes authentication data.
  • Map and tile providers: Google Maps, Apple Maps, OpenStreetMap, CARTO, or similar services when maps, directions, or map tiles are loaded or opened.
  • Authentication providers: the provider you choose for OAuth sign-in, such as Google, Apple, Microsoft, or GitHub.
  • Business users and the public: business profile content that an authorized user publishes is publicly available. Claim evidence is not intended for public display but may be reviewed by authorized personnel.
  • Professional advisers and transaction parties: lawyers, auditors, insurers, lenders, investors, purchasers, or successors in connection with professional advice, financing, reorganization, sale, merger, or similar transaction, subject to appropriate safeguards.
  • Authorities and other parties: where required by law or reasonably necessary to protect rights, safety, security, users, the public, or the Service.
  • At your direction: when you ask us to disclose information or intentionally use a feature that transmits information to another service.

Third-party services have their own privacy practices. Review their policies before using those services.

8. Selling and Sharing Personal Information

We do not sell or share personal information with third parties for their independent commercial purposes, including cross-context behavioural advertising. Any disclosure to a third party occurs only at your direction or with your explicit consent, such as when you consent to a business contacting you to address your needs.

9. Cookies and Similar Technologies

The Service uses authentication cookies that are necessary to sign users in, refresh sessions, and protect account access.

The Service also uses browser local storage and session storage for functions such as:

  • remembering a selected location;
  • preserving temporary search results and conversational preferences;
  • remembering whether onboarding has been completed; and
  • retaining locally saved business identifiers for users who are not signed in.

Map, authentication, AI, and other third-party integrations may use cookies or similar technologies under their own policies.

The reviewed code does not include a third-party advertising cookie or marketing analytics SDK. If non-essential cookies or similar technologies are added, we will provide any notice and consent controls required by law.

10. Data Retention

We retain personal information only for as long as reasonably necessary for the purposes described in this Policy, including providing the Service, maintaining security, resolving disputes, enforcing agreements, and meeting legal obligations.

Retention depends on the type of information and context:

  • account and profile information may be retained while the account is active and for a limited period afterward;
  • conversation messages and history may remain until deleted, archived, or removed under an applicable retention schedule;
  • contact submissions and business claim records may be retained while they are being handled and afterward for accountability, dispute, fraud-prevention, and legal purposes;
  • business profile and workspace records may be retained while the listing or workspace is active and as needed to preserve publication and ownership history;
  • analytics, logs, IP addresses, rate-limit records, and security records may be retained for operational and security purposes; and
  • backup copies may remain for a limited period after deletion from active systems.

When retention is no longer required, we will delete, anonymize, or securely isolate the information, subject to technical and legal limitations.

11. International Processing

MOMO and its service providers may process personal information in countries other than the country where you live, including Canada and the United States. Those countries may have different privacy laws, and information may be accessible to courts, law enforcement, or national security authorities under local law.

Where required, we use recognized safeguards for international transfers, such as contractual protections or adequacy mechanisms.

12. Security

We use administrative, technical, and organizational safeguards designed to protect personal information. Implemented controls visible in the repository include authenticated sessions, row-level database access policies, short-lived realtime tokens, server-side secret handling, input validation, rate limiting, and restrictions on stored analytics payloads.

No security measure can guarantee absolute protection. You are responsible for using a strong, unique password and protecting your account and devices. Notify us promptly if you believe your account or information has been compromised.

13. Your Privacy Rights

Depending on where you live and subject to legal exceptions, you may have rights to:

  • know whether and how we process your personal information;
  • request access to or a copy of personal information;
  • request correction of inaccurate or incomplete information;
  • request deletion of personal information;
  • withdraw consent;
  • object to or restrict certain processing;
  • receive certain information in a portable format;
  • opt out of certain sales, sharing, targeted advertising, or marketing;
  • appeal a decision concerning a privacy request; and
  • make a complaint to a privacy or data protection regulator.

We will not discriminate against you for exercising a right protected by applicable law.

To submit a request, contact support@momotop10.com or use the contact form at /contact. We may need to verify your identity and authority before completing a request. An authorized agent may submit a request where permitted by law, subject to verification.

14. Marketing Communications

We may send transactional or service communications about accounts, security, claims, support, or changes to the Service.

We will send commercial electronic messages only as permitted by applicable law. Where required, we will obtain consent, identify the sender, provide contact information, and include a working unsubscribe mechanism. You may still receive non-marketing messages necessary to provide or secure the Service.

15. Children's Privacy

The Service is not intended for children under thirteen (13) years old, and we do not knowingly collect personal information from children contrary to applicable law. If you believe a child has provided personal information without required parental or guardian consent, contact us so we can investigate and take appropriate action.

16. Automated Processing and AI

MOMO uses automated systems and artificial intelligence to:

  • classify the intent of a request;
  • generate embeddings and retrieve potentially relevant businesses;
  • rank and summarize search results;
  • synthesize reviews and business information;
  • transcribe and respond to voice input; and
  • help detect urgency or determine what follow-up information may be useful.

Automated results may be incomplete, inaccurate, or influenced by the information available to the system. The reviewed implementation does not make decisions that determine eligibility for employment, housing, credit, insurance, healthcare, education, or another similarly significant service.

Do not rely on MOMO as the sole basis for an emergency, medical, legal, financial, safety-critical, or other high-impact decision.

The Service may link to or embed third-party maps, directions, telephone services, websites, booking services, and other resources. When you use those features, the third party may collect information such as your IP address, device data, location, and activity. We do not control those third parties and are not responsible for their privacy practices.

18. Changes to This Policy

We may update this Policy from time to time. We will post the updated version, revise the "Last updated" date, and provide additional notice where required by law. Material changes apply prospectively unless otherwise permitted by law.

19. Contact and Complaints

Questions, requests, and complaints may be directed to:

support@momotop10.com

We will investigate privacy complaints and respond as required by applicable law. You may also have the right to complain to the privacy regulator in your jurisdiction.