Privacy Policy

1. INTRODUCTION

One Moments, Inc. ("Moments," "we," "us," or "our") respects the privacy of its Users ("User," "your," or "you"). This Privacy Policy (the "Privacy Policy") explains how we collect, use, disclose, and safeguard your information when you use Moments Platform (the "Platform") through Moments' website at https://havemoments.com/ (the "Website") or Moments' mobile application (the "App"). Moments is an artificial intelligence social media platform that operates via iMessage to connect Users to other Users via group chats based on similar interests.

Moments is committed to protecting the privacy of its Users whose information is collected and stored while using Moments' Platform through our Website or App. This Privacy Policy is applicable to our Website, Platform and all applications offered for sale to the public.

The capitalized terms have the same meaning as ascribed in our Terms of Use or Terms of Service as applicable, unless otherwise noted here.

2. WHAT INFORMATION DO WE COLLECT?

When you register to use our Website, App, or Platform, we collect personal information (also referred to as personally identifiable information or "PII") which may include your first and last name, online contact information such as your email address or username, phone number, education information (degrees, majors, schools, professional or employment-related information (medical associations, bar associations, engineering societies, employer, business title, business address, etc.), photographs, video or audio file containing an image or voice for the purpose of creating your profile on the Platform, and other personal information. The information so collected will be stored on our servers. You are able to change your personal information via email by contacting us at privacy@havemoments.com or through your profile or account settings on our Website, App, or Platform.

a. Geolocation and Equipment Information

We may collect information that does not personally identify you such as (i) your geolocation, and (ii) information about your internet connection, the equipment you use to access our Website, App, or Platform, and usage details -- browsing history information regarding User's interaction with our Website, App, or Platform.

b. Financial Information

We currently do not collect or store any credit cards or bank information, as we are using a third-party payment processor. However, we will update this Privacy Policy when we start using and storing such information. We will also inform you via reasonable means if we start collecting such information from you.

c. Google Calendar Data

When you grant us access to your Google Calendar through the calendar.readonly scope, we collect calendar event data from the past year and upcoming month, including event duration, number of attendees, and attendee names and emails. This data is used solely to identify your top 100 closest contacts based on meeting frequency and duration. We define "second-degree connections" as individuals who frequently appear in calendar events with Moments users but are not themselves registered users. This analysis is based entirely on observable co-attendance data, not inferred relationships or external sources.

We do not use calendar data to collect or store the personal information of non-registered attendees. If a contact is not a Moments user, their data will be anonymized before processing.

3. HOW DO WE COLLECT INFORMATION?

We collect personal information from you in the following ways:

• • At registration on our Website, App, or Platform;
• • In email, text, and other electronic messages between you and our Website, App, or Platform;
• • Through mobile and desktop applications your downloads from our Website, App, or Platform, which provides dedicated non-browser based interaction between you and our Website, App, or Platform;
• • From forms filled out by you;
• • From records or copies of correspondences (including email addresses) if you contact us;
• • From search queries on our Website, App, or Platform; and
• • When you post information to be published or displayed on our Website, App, or Platform.
• • From third parties including Posthog as well as the Google Calendar API through the calendar.readonly scope to analyze your meeting patterns, attendee data, and event frequency from the past 12 months and upcoming month to identify your closest professional contacts.

We collect information from you automatically when you navigate through our Website, App, or Platform in the following ways:

• • Usage details;
• • IP addresses;
• • Information obtained through browser cookies;
• • Web beacons on our Website; and
• • Other tracking technologies.

4. HOW DO WE USE YOUR INFORMATION?

We use the information that you provide to:

• • Personalize your experience in using our Platform;
• • Provide you with information or services requested from us; and as a social media Platform, other Users are able to view your username and associated PII, and information you upload in the group chat features of the Platform
• • Present our Website, App, and Platform and their contents to you;
• • Provide you with notices about account and/or subscription, including expiration and renewal notices;
• • Carry out obligations and enforce rights arising from contracts entered into between you and us, including billing and collection;
• • Notify you about changes to our Website, App, and Platform and any products or services;
• • Improve the Website, App, and Platform;
• • Improve our customer service;
• • Contact you for other purposes such as User interviews with your consent;
• • Enable the display of advertisements to our advertisers' target audiences, although personal information is not shared with advertisers without your consent; and
• • Send you periodic emails, in accordance with the CAN-SPAM Act of 2003 as detailed in Section 16, via the email address provided by you to (i) send information, respond to inquiries, and/or other requests or questions; (ii) process orders and send information and updates pertaining to such orders; (iii) send additional information related to your product and/or service; and (iv) market to our mailing list or continue to send email to you after the original transaction has occurred.
• • Analyze Google Calendar data to identify your top 100 closest contacts based on meeting frequency, duration, and co-attendance patterns to facilitate meaningful professional connections and networking opportunities.

5. OUR COOKIE POLICY

Cookies are small pieces of text used to store information on web browsers. Cookies are used to store and receive identifiers and other information on computers, phones, and other devices. Other technologies, including data we store on your web browser or device, identifiers associated with your device, and other software, are used for similar purposes. In this Privacy Policy, we refer to all of these technologies as "Cookies."

We use Cookies on our Website and App to (a) understand and save your preferences for future visits, (b) compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future, and (c) allow trusted third-party services that track this information on our behalf. You can set your browser to refuse all or some browser Cookies, but it may affect your user experience. We honor Do Not Track signals and, if one is in place, we will not track, plant cookies, or use advertising.

A complete list of third-party tracking partners is available in our Privacy Dashboard. Users may configure cookie preferences or opt-out of behavioral tracking through their account settings.

We allow third party behavioral tracking and links to third-party web pages. Occasionally, at our discretion, we may include or offer third-party products or services on our Website, App, or Platform. These third-party sites have separate and independent privacy policies. We, therefore, have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our Website, App, or Platform and welcome any feedback at about these sites. Please contact us at privacy@havemoments.com.

6. HOW DO WE PROTECT INFORMATION WE COLLECT?

Our Website and App receive regular security scans and penetration tests. Our Website and App also receive regular malware scans. In addition, our Website and App use an SSL certificate as an added security measure. We require username and passwords for our employees who can access your personal information that we store and/or process on our Platform and servers. In addition, we actively prevent third parties from getting access to your personal information that we store and/or process on our Platform and servers. We will accept payment by credit card through a third party credit card processor on our behalf, when required. We will implement reasonable security measures every time you (a) enter, submit, or access your information, (c) register, or (d) access our Platform, on our Website and App.

7. DATA SECURITY MEASURES

a. Security Measures

We have implemented measures designed to secure your personal information from accidental loss and from unauthorized access, use, alteration, and disclosure. All information you provide to us is stored on our secure servers behind firewalls. The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website, App, or Platform, you are responsible for keeping this password confidential. We ask you not to share your password with anyone. Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot guarantee the security of your personal information transmitted to our Website, App, or Platform. Any transmission of personal information is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on our Website, App, or Platform.

b. Fair Information Practice Principles

In the event of a personal data breach, we will notify you within seventy-two (72) hours, or within such time as required under the applicable data privacy laws via: (i) email and/or (ii) our Platform notification system on our Website and/or App. We agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.

8. DISCLOSURE OF PERSONAL INFORMATION

There are times when we may share Personal Information that you have shared with us may be shared by Moments with others to enable us to provide you over Services, including contractors, service providers, and third parties ("Partners"). This section discusses only how Moments may share such information with Partners. We will ensure that our Partners protect your Personal Information. The following describe how and with whom we may share your Personal Information:

Disclosure of Personal Information.

• • We may disclose aggregated, de-personalized information about you that does not identify any individual to other parties without restriction, such as for marketing, advertising, or other uses.
• • We may disclose personal information to our subsidiaries and affiliates.
• • We may disclose personal information to contractors, services providers, and other third parties.
• • We require all contractors, service providers, and other third parties to whom we disclose your personal information to be under contractual obligations to keep personal information confidential and to use it only for the purposes for which we disclose them.
• • We may disclose personal information in the event of a merger, sale of business, etc.
• • We may disclose to third parties to market their products and services to you if you have either consented or not opted out of these disclosures.
• • We require all other Partners, to whom we disclose your personal information, to enter into contracts with us to keep personal information confidential and use it only for the purposes for which we disclose it to such Partners.
• • We disclose personal information to fulfill the purpose for which you have provided it, for instance, if you gave us an email address to use the "email a friend" feature of the Platform.
• • We may disclose personal information for any other purpose for which you have provided it.
• • We may only disclose personal information as described in this Privacy Policy or your consent.
• • We sell personal information to others for their use.

Other Disclosure of Personal Information.

We will disclose personal information (i) to comply with any court order, law, or legal process, including to respond to any government or regulatory request, (ii) to enforce or apply our Terms of Use or Terms of Service and other agreements, including for billing and collection purposes, (iii) if we believe it is necessary or appropriate to protect the rights, property, or safety of Moments, our customers or others, and/or (iv) if it is necessary or appropriate to protect the rights, property, or safety of Moments, our customers, or others, and this includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

Third Party Disclosure.

We do not sell, trade, rent, or otherwise transfer personal information to others, unless we provide you with advance notice. This does not include our hosting partners and other parties who assist us in operating our Website, App, or Platform, conducting our business, or servicing you, so long as those parties agree to keep this information confidential.

We do not provide non-personally identifiable visitor information for marketing purposes.

Choices Users Have About How Moments Uses and Discloses Information.

Tracking Technologies and Advertising. You can set their browser to refuse some or all the browser cookies, but if you disable or refuse cookies, some parts of our Website may not be accessible or function properly.

Disclosure of Users' Information for Third-Party Advertising. Users can opt-out by (i) checking the relevant form when we collect the data; (ii) logging into the Website, App, or Platform and adjusting their preferences in their account profile by checking or unchecking the relevant boxes, or (iii) emailing us their opt-out request at privacy@havemoments.com. Users receiving promotional email can opt-out by sending a return email requesting to be omitted from future promotional email distributions. This opt-out will not apply to information provided by Moments for product purchases, warranty registration, or other transactions.

Disclosure of User's Information for Targeted Advertising. Users can opt-out by (i) checking the relevant form when we collect the data, (ii) logging into the Website, App, or Platform and adjusting their preferences in their account profile by checking or unchecking the relevant boxes, or (iii) emailing us their opt-out request at privacy@havemoments.com.

9. GOOGLE CALENDAR DATA PROTECTION

We collect Google Calendar data through the calendar.readonly scope for the specific purpose of identifying your closest professional network. Here's how we protect this sensitive data:

• • Data Collection Scope: We access calendar events from the past year and one month in the future
• • Data Usage: We analyze event duration, attendee count, and attendee contact information to determine your top 100 closest professional contacts
• • Data Retention: Calendar data is stored for 3 days beyond the time necessary for analysis
• • Data Protection: Calendar data is processed in real-time and is not used for any purpose other than improving your networking experience on our Platform
• • Third-Party Sharing: We do not share, sell, or transfer any Google Calendar data to third parties
• • User Control: You can revoke calendar access at any time through your Google account settings

Email addresses are stored as "skeleton profiles". If the owner of the email address eventually creates an account on Moments, that skeleton profile is replaced with the actual user.

GOOGLE CALENDAR DATA SHARING: We do not sell, transfer, or disclose Google Calendar user data to third parties. Calendar data is used exclusively for determining your closest professional network to improve matching functionality. We do not share attendee information, meeting details, or calendar patterns with other users or external parties.

10. DATA RETENTION

We retain personal data and PII only for as long as necessary to fulfill the purposes for which it was collected, including to comply with legal, regulatory, or operational requirements, enforce our Terms of Service, or protect the safety and integrity of our Platform.

User information associated with inactive or deleted accounts may be retained for a limited period (typically no more than 90 days) for purposes such as account recovery, fraud prevention, or dispute resolution, after which it is securely deleted or anonymized in accordance with applicable laws and our internal data handling practices.

Calendar data is stored for 3 days to ensure proper processing and analysis of your professional network connections.

We do not knowingly retain personal information of users under the age of 18. If we become aware that such data has been collected, it will be promptly deleted.

11. AI PROCESSING AND PROFILING

Moments does not train machine learning models using raw calendar text, private messages, or audio input. AI-generated outputs are monitored to ensure fairness and accuracy. We periodically audit model behavior and do not allow AI systems to make legally or financially impactful decisions without human oversight.

Our AI systems are designed to enhance your networking experience while maintaining strict privacy protections. We implement the following safeguards:

• • Data Protection: Raw personal communications and calendar content are never used as training data for our machine learning models
• • Output Monitoring: All AI-generated recommendations and matches undergo quality assurance to prevent bias and ensure accuracy
• • Human Oversight: Critical decisions affecting user accounts, billing, or legal matters require human review and approval
• • Regular Audits: We conduct periodic assessments of our AI systems to identify and correct potential biases or inaccuracies
• • Transparency: Users can request information about how AI systems process their data and influence their platform experience

These measures ensure that our use of artificial intelligence remains ethical, transparent, and aligned with user privacy expectations.

12. FOR OUR CANADIAN USERS

This Section supplements the information contained in our Privacy Policy above and applies solely to all visitors, users, and others to our Website, App, or Platform, who reside in Canada ("consumers" or "you"). We ensure with the Personal Information Protection and Electronics Document Act of 2000 ("PIPEDA") and any terms defined in the PIPEDA have the same meaning when used in this Section.

a. Definition of Personal Information

Any information about an identifiable individual. Whatever may be the physical form or characteristics of a particular regime for "business contact information" (name, position, title, address, professional phone number, etc.)

b. Right to Access Personal Information

You can request to access your personal information we hold about you. We will first confirm whether you have requested such information, explain how we have used your information, provide a list of names with whom your information has been shared and provide a copy of your information in an accessible format and make alternative formats available if requested.

c. Right to Correction/Limited Right to Deletion

You can request us to correct or delete your information IF you demonstrate that the personal information we hold on you is inaccurate. We will delete or correct your information within thirty (30) calendar days. When we delete/correct your personal information we will inform the third parties with whom we have shared your information.

d. Right to be Forgotten

Your information will be kept with us for as long as it is required for the fulfillment of the purposes of Moments platform. Unless we otherwise give you notice, we will retain your Information on the Moments Platform on your behalf until such times as you or we terminate your User Account.

e. Data Breach Notification

We will send a notification to you as soon as feasible regarding the information of any breach that creates a "real risk of significant harm" to you. We keep a record of every data breach and, on request, provide the Office of the Privacy Commissioner with access to the record.

f. Canadian Privacy Officer

We have appointed a Canadian Privacy and Data Protection Officer at privacy@havemoments.com to make sure the privacy rights of our Canadian users are protected in compliance with PIPEDA.

g. Two Factor Authentication

You may enable two-factor authentication on your account to help ensure that only you can access your account. If you do, in addition to entering your password to log in to your account to access the Moments Platform, we will send a code to your mobile number, which you will need to enter. This added security prevents anyone else from accessing your Moments account unless they have access to your login information.

h. Contact Information

You may contact us (i) at privacy@havemoments.com, or (ii) by writing to us at Privacy Officer at One Moments, Inc. 4405 Hana Road, Edison NJ 08817 to (i) make a Personal Information Request, (ii) correct or delete your personal information, (iii) discuss our Privacy Policy and/or anything that has to do with it. We will respond within thirty (30) calendar days of receiving such a request or query. Additionally, in order for us to respond to your request or query, we will need to collect information from the requesting party to verify their identity.

13. YOUR CALIFORNIA PRIVACY RIGHTS

Moments does not sell, trade, or otherwise transfer to outside third parties your "Personal Information" as the term is defined under the California Civil Code Section § 1798.82(h). Additionally, California Civil Code Section § 1798.83 permits Users of our Website, App, or Platform that are California residents to request certain information regarding our disclosure of their Personal Information to third parties for their direct marketing purposes. To make a request for such disclosure, or identification and/or deletion of Personal Information in all our systems that we store on you, please send an email to privacy@havemoments.com or write us at One Moments, Inc. 4405 Hana Road, Edison NJ 08817.

Note that (i) if we delete your Personal Information as requested, we will no longer be able to provide our services to you and (ii) we may need to keep such Personal Information for a while during the shutting down and billing process. If you would like to discuss our Personal Information storage and processing process with us, please send us an email at privacy@havemoments.com or write us at One Moments, Inc. 4405 Hana Road, Edison NJ 08817

14. COPPA COMPLIANCE (FOR CHILDREN UNDER 13 ONLY)

The Children's Online Privacy Protection Act ("COPPA") is a federal legislation that applies to entities that collect and store "Personal Information," as the term is defined under COPPA, from children under the age of 13. Our Website, App, and Platform are available for use and download only for Users over the age of 18, and is NOT meant for use by children under the age of 13. Our Website, App, and Platform do not target children under the age of 13 or Users between 13 - 17, and we have implemented a self-certification for age on the Platform at onboarding. We do not knowingly retain personal information of users under the age of 18. If we become aware that such data has been collected, it will be promptly deleted. If you are a parent or guardian and believe your child under 18 has provided us with personal information, please contact us at privacy@havemoments.com. If you would like to know more about our practices, please email us at privacy@havemoments.com.

IF YOU ARE UNDER 13, PLEASE DO NOT ACCESS OR USE OUR WEBSITE, APP, OR PLATFORM.

15. FOR OUR NEW YORK USERS

We will fully comply with the letter and the spirit of the New York Shield Act (the "Act'), to the fullest extent that it is applicable to us. We have adopted reasonable safeguards to protect the security, confidentiality, and integrity of your private information, as defined in the Act ("Private Information"). We will securely protect any personal information, as defined in the Act ("Personal Information"), and/or Private Information in accordance with the requirements set forth in the Act. We will notify you of any unauthorized access to or disclosure of your Personal Information or your Private Information in accordance with the requirements of the Act.

16. OTHER US STATE PRIVACY LAWS

Company is committed to the protection of users' data and privacy and complies with all applicable US State laws to the fullest extent that it is applicable to us. Company does its best to identify and monitor the changes in the laws as and when amended, to update this Policy. Please send us an email at privacy@havemoments.com for more information on your rights under laws that are applicable in your State.

17. FOR OUR EUROPEAN CUSTOMERS

We are headquartered in the United States and our operations are located in the United States. Your Personal Information, which you give to us during registration or use of our Website, App or Platform, may be accessed by or transferred to us in the United States. If you are visiting our Website or registering for our services from outside the United States, be aware that your Personal Information may be transferred to, stored, and processed in the United States. Our servers or our third-party hosting services partners are located in the United States. By using our Website, App or Platform, you consent to any transfer of your Personal Information out of Europe, UK, or Switzerland for processing in the US or other countries.

18. CAN-SPAM ACT OF 2003

The CAN-SPAM Act establishes requirements for commercial messages, gives recipients the right to have businesses stop emailing them, and spells out penalties for violations. Per the CAN-SPAM Act, we will:

• • not use false or misleading subjects or email addresses;
• • identify the email message as an advertisement in some reasonable way;
• • include the physical address of One Moments, Inc. 4405 Hana Road, Edison NJ 08817;
• • monitor third-party email marketing services for compliance, if one is used;
• • honor opt-out/unsubscribe requests quickly; and
• • give an "opt-out" or "unsubscribe" option.

If you wish to opt out of email marketing, follow the instructions at the bottom of each email or contact us at privacy@havemoments.com and we will promptly remove you from all future marketing correspondences.

19. MODIFICATIONS TO OUR PRIVACY POLICY

Moments reserves the right, at its sole discretion, to change or modify this Privacy Policy at any time. In the event we modify this Privacy Policy, such modifications shall be binding on you only upon your acceptance of the modified Privacy Policy. We will inform you about the modifications on our Privacy Policy page via email, on our Website, App, or Platform by posting a modified version of the Privacy Policy page, or by a comparable means within a reasonable time period. Your continued use of our Website, App, or Platform shall constitute your consent to such changes. Moments may change, modify, suspend, or discontinue any aspect of the Website, App, or Platform at any time without notice or liability.

20. LIST OF THIRD-PARTY SERVICE PROVIDERS

Moments uses the following third-party service providers for the provision of services as detailed under the Terms of Use or Terms of Service, as applicable:

A complete list of third-party tracking partners is available in our Privacy Dashboard. Users may configure cookie preferences or opt-out of behavioral tracking through their account settings.

Additionally, if you have any questions or concerns about our third-party service providers, please email us at privacy@havemoments.com

21. COPYRIGHT INFRINGEMENT NOTICE

If you believe that any content on our Website, App, or Platform violates your copyright, and you wish to have the allegedly infringing material removed, the following information in the form of a written notification (pursuant to the Digital Millennium Copyright Act of 1998 ("DMCA Takedown Notice")) must be provided to our designated Copyright Agent.

• • Your physical or electronic signature;
• • Identification of the copyrighted work(s) that you claim to have been infringed;
• • Identification of the material on our Website, App, or Platform that you claim is infringing and that you request us to remove;
• • Sufficient information to permit us to locate such material;
• • Your address, telephone number, and email address;
• • A statement that you have a good faith belief that use of the objectionable material is not authorized by the copyright owner, its agent, or under the law; and
• • A statement that the information in the notification is accurate, and under penalty of perjury, that you are either the owner of the copyright that has allegedly been infringed or that you are authorized to act on behalf of the copyright owner.

Moments' Copyright Agent to receive DMCA Takedown Notices is DMCA Agent, at dmca@havemoments.com and at One Moments, Inc. Attn: DMCA Notice, 4405 Hana Road, Edison NJ 08817. You acknowledge that for us to be authorized to take down any content, your DMCA Takedown Notice must comply with all the requirements of this Section. Please note that, pursuant to 17 U.S.C. § 512(f), any misrepresentation of material fact (falsities) in a written notification automatically subjects the complaining party to liability for any damages, costs and attorney's fees incurred by Moments in connection with the written notification and allegation of copyright infringement.

22. CONTACT US

To ask questions or comment about this Privacy Policy and our privacy practices, contact us at: