Privacy Policy
Effective Date: To be published upon launch · Last Updated: To be published upon launch
Beym ("Company", "we", "us", or "our"), a company incorporated in Hong Kong, operates the Beym mobile application ("Service"). This Privacy Policy explains what personal information we collect, how we use it, with whom we share it, and what rights you have.
By using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, you must not use the Service.
1. Information We Collect
1.1 Information You Provide Directly
| Category | Data | When |
|---|---|---|
| Account identity | Phone number, username, display name, gender, date of birth, country | Registration |
| Profile content | Profile photographs (up to 6 images) | Profile setup |
| Communications | Text messages, voice notes, in-call messages | During use |
| Support | Messages you send when contacting support | When you contact us |
1.2 Information Generated by Your Use
| Category | Data | Purpose |
|---|---|---|
| Call records | Call type, duration, timestamp, match outcome | Operations, moderation |
| Usage activity | Features accessed, interactions, session timestamps | Improvement, personalization |
| Virtual economy | Coin balance, purchase history, gift transactions | Feature operation, financial records |
| Gamification | XP, level, gifting rank, challenge completions | Feature operation |
1.3 Technical Information Collected Automatically
| Category | Data | Purpose |
|---|---|---|
| Device information | Device type, OS, OS version, device identifiers | Delivery, debugging, fraud prevention |
| Network information | IP address (country-level geolocation only; not stored long-term) | Security, rate limiting |
| App performance | Crash reports, error logs, performance metrics | Debugging (via Sentry) |
| Push tokens | FCM token, APNs token | Push notifications |
1.4 Information Processed During Video and Voice Calls
Content of video and voice calls is not recorded or stored by the Company. However:
- Automated frame analysis: During video calls, our automated moderation system periodically captures still-image frames (not continuous video) from your camera stream and transmits them to our content moderation provider (Sightengine) for real-time analysis. These frames are not retained beyond the immediate analysis period.
- Agora processing: Real-time video and voice transmission is facilitated by Agora, our communications infrastructure provider. Agora's data practices are governed by their own privacy policy.
- You are visible to your call partner: Your video and audio are transmitted to the user you are connected with. We cannot control what that user does with what they see or hear.
1.5 Information We Do Not Collect
- Precise GPS location (country-level only, at registration)
- Financial payment information (processed by Apple or Google)
- Biometric identifiers (facial recognition, fingerprints, voiceprints)
- Contacts from your device address book
2. How We Use Your Information
| Purpose | Legal Basis |
|---|---|
| Creating and managing your account | Performance of contract |
| Delivering Service features (matching, messaging, calls, gifts) | Performance of contract |
| Processing payments and managing Virtual Currency | Performance of contract |
| Verifying identity via OTP (Twilio) | Performance of contract; legal obligation |
| Moderating content and enforcing policies | Legitimate interests; legal obligation |
| Detecting and preventing fraud and abuse | Legitimate interests; legal obligation |
| Sending service notifications | Performance of contract |
| Sending push notification campaigns (opt-out available) | Legitimate interests / consent |
| Analyzing usage to improve the Service | Legitimate interests |
| Complying with legal obligations | Legal obligation |
We do not currently use your personal information for targeted advertising and do not sell your data to third parties. If this changes, we will update this policy and notify you in advance.
3. How We Share Your Information
We do not sell your personal information.
3.1 With Other Users
Your profile information (username, display name, profile photos, country, gender, age, level, gifting rank) is visible to users you match with or who view your profile. Messages are delivered to the intended recipient.
3.2 With Service Providers
| Provider | Country | Purpose |
|---|---|---|
| Supabase | United States | Database hosting (PostgreSQL) |
| Cloudflare / R2 | Global (CDN) | Media storage and delivery |
| Google Firebase | United States | Push notifications, crash analytics |
| Apple (APNs) | United States | iOS push notifications |
| Twilio | United States | Phone number verification via SMS OTP |
| Agora | United States / Global | Real-time video and voice transmission |
| Sightengine | France (EU) | Automated AI content moderation of video frames |
| RevenueCat | United States | In-app purchase management |
| Sentry | United States | Error tracking and crash reporting |
| BetterStack | Czech Republic (EU) | Log aggregation and uptime monitoring |
| OneSignal | United States | Push notification campaigns |
3.3 For Legal Reasons
We may disclose your information to comply with law, enforce our Terms, detect fraud, or protect the safety of users and the public.
Child sexual abuse material (CSAM): If we discover CSAM, we are required to report it to the National Center for Missing and Exploited Children (NCMEC) and law enforcement. This occurs without prior notice to the account holder.
4. Data Retention
| Data Category | Retention Period |
|---|---|
| Account information | Until account deletion, plus up to 30 days |
| Messages and media | Until deleted by you or account deletion |
| Call records (metadata only) | 24 months |
| Content moderation records | Duration of account plus 7 years |
| Transaction records | 7 years |
| Crash and error logs | 90 days |
| Application logs | 30 days |
5. Data Security
We implement appropriate technical and organizational security measures including:
- Encryption of data in transit using TLS (HTTPS and WSS)
- JWT-based authentication with short-lived access tokens (15 minutes) and rotating refresh tokens
- Hashed storage of sensitive authentication tokens
- Access controls limiting data access to authorized personnel
- Automated content moderation and regular security monitoring
No method of transmission over the Internet is 100% secure. If you discover a security vulnerability, please contact us immediately at legal@beymlive.com.
6. International Data Transfers
The Company is incorporated in Hong Kong. We and our service providers operate globally. Where we transfer personal data from the EEA, UK, or Switzerland to countries without adequate protection, we rely on Standard Contractual Clauses approved by the European Commission.
7. Your Rights and Choices
7.1 Rights Available to All Users
- Access: Request a copy of the personal information we hold about you.
- Correction: Request correction of inaccurate or incomplete personal information.
- Deletion: Request deletion via Settings → Account → Delete Account within the app.
- Opt-out of marketing: Opt out of push notification campaigns through your device settings or within the app.
7.2 Additional Rights for EEA, UK, and Swiss Residents (GDPR)
If located in the EEA, UK, or Switzerland, you have additional rights including portability, restriction, objection, and the right to lodge a complaint with your local data protection authority.
7.3 Additional Rights for Saudi Arabia Residents (PDPL)
If located in the Kingdom of Saudi Arabia, you have rights under the Saudi Personal Data Protection Law (PDPL), including access, correction, deletion, and objection. Contact us at legal@beymlive.com to exercise these rights.
8. Children's Privacy
The Service is intended for users 18 years of age or older. We do not knowingly collect personal information from individuals under 18. If you believe your child has provided us with personal information, contact us at legal@beymlive.com and we will delete it immediately.
9. Cookies and Tracking Technologies
The Beym mobile application does not use browser cookies. The app may use device identifiers and local storage for authentication, session management, and preference storage. These are necessary for the functioning of the Service.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we make material changes, we will notify you through the app before the changes take effect. Your continued use of the Service constitutes acceptance.
11. Contact and Data Controller
Beym is the data controller responsible for your personal information.
Beym
Hong Kong
Email: legal@beymlive.com
This Privacy Policy was last updated upon launch.