NodajiFi Labs · nodajifilabs.com

Privacy Policy

Effective July 1, 2026 · Version v1 · migram

Operator: NodajiFi Labs · Applies to: the migram app (part of the NodajiFi ecosystem) · Effective date: July 1, 2026 · Last updated: July 1, 2026

This app-scoped policy supplements the ecosystem-wide NodajiFi Privacy Policy. Where the two differ for migram, this page prevails.


Introduction

NodajiFi Labs ("we," "us") respects the privacy of users worldwide and honors the standards of the GDPR and CCPA as well as the data-protection laws of your country of residence.

Core principle — you own your data. We do not record personal data on any blockchain, GEM has no cash value so we collect no financial or payment-related sensitive data, and we do not collect your real name or government-issued ID number.

1. Common account data

CategoryItemsPurpose
Account / authenticationEmail address, phone number, passwordless login credentials (magic link / OTP)Identification, authentication, account recovery, security
Profile (optional)Nickname, avatar (no real name required)Personalization, display
Age verification"Aged 16 or older" result derived from date of birth at sign-up (raw date of birth is discarded)Eligibility, child protection
Device / accessDevice identifier, OS / app version, IP address, access logs, push tokenOperation, security, notifications

2. migram-specific data & permissions

CategoryItemsPurpose
Camera (makeup coaching)Real-time camera frames and face landmarks during coaching sessionsOn-device AR coaching guidance. Face landmarks are geometric reference points processed on your device; camera frames are not uploaded and no biometric identification template is created or stored.
Saved media (optional)Before/after photos or looks you explicitly choose to saveYour personal progress record
Ingredient scans (optional)Photos of cosmetic ingredient labels you scanExtracting label text to show ingredient information; not used to identify people
Learning recordsLesson progress, coaching session scores, GEM earn/spend historyService delivery, reward calculation

Face-data honesty. Your face is the most personal data there is. migram processes face landmarks on your device, only as geometric guides for coaching. We do not upload your camera frames, do not build biometric identification templates, and coaching video never leaves your phone. Only the derived scores and the media you explicitly save are stored with your account.

3. How we use information

  1. Account management: identification, authentication, recovery, abuse prevention
  2. Service delivery: the migram features above, GEM earn/spend
  3. Service improvement: pseudonymized / anonymized usage analysis
  4. Notices: capped at 1–2 push notifications per day; you control frequency, timing, and type
  5. Legal compliance and dispute handling

4. Retention and deletion

We delete personal data without delay once its purpose is fulfilled, keeping only what applicable law requires for its required period. Account deletion is actually possible by design — see Delete Your Account. Unused GEM is forfeited on deletion; since GEM is not redeemable for cash, no settlement occurs.

5. Sharing and sub-processors

We do not sell personal data and do not share it with third parties except with your prior explicit consent or under lawful process. Core sub-processors: Google Firebase (authentication, database, push, analytics) and email/SMS delivery providers (passwordless sign-in). Data sharing between ecosystem apps does not operate without your explicit opt-in.

6. Protection of children (ages 16+)

The service is provided only to users aged 16 or older. At sign-up we take a date of birth, keep only the "16+" result, and discard the raw date. If we learn a user is under 16, we delete the account and its data without delay.

7. Your rights

You may request access, rectification, deletion, portability, restriction of processing, and withdrawal of consent — in-app via "NodajiFi Labs > Privacy" or by email to support@nodajifilabs.com. You may also lodge a complaint with your local data-protection authority.

8. Security

TLS encryption in transit, encrypted storage of sensitive data, access controls, server-authoritative abuse prevention, and no on-chain personal data by design.

9. Contact

Operator: NodajiFi Labs · Data Protection Officer: Myongsu Choe (CEO) · General: together@nodajifilabs.com · Privacy rights: support@nodajifilabs.com

10. Changes to this policy

We give in-app notice at least 7 days before changes take effect (at least 30 days for material changes adverse to users).