Privacy Policy

1. Information we collect

We collect the following categories of information, depending on how you use the service:

• Account data: if you create an account, your email address, and — if you sign in with Google — your name and profile picture as provided by Google. We support sign-in by Google OAuth and by one-time email verification codes (email OTP).
• Birth and reading inputs: the birth date, time, and place (and similar details) you enter to generate a chart or reading. If you choose to save a chart to your account, these inputs are stored with your account; otherwise they are processed to produce your result and are not tied to an account.
• Saved charts and reading history: charts, readings, and related results you choose to save while signed in.
• Purchase data: records of optional paid "Deep Decision" readings you buy, including the product, amount, currency, and status. Full card/payment-instrument details are handled by our payment processor and are never stored on our servers.
• Email subscription data: if you subscribe to updates, the email address and subscription category you choose, plus your confirmation/unsubscribe status.
• Support and communications: messages you send us.
• Usage and analytics data: privacy-conscious, aggregate-oriented event data about how the site is used (for example, which tools are opened) collected via our own first-party analytics endpoint. This is designed to avoid collecting sensitive personal content.
• Device and connection data: standard request information your browser sends (such as approximate location derived from network data and basic technical metadata) that is necessary to operate and secure the service.

2. How we use your information

• To provide the readings, charts, and tools you request.
• To create and secure your account and authenticate you.
• To process optional purchases and provide receipts and support for them.
• To send transactional messages (such as email verification codes) and, only if you opt in, subscription updates.
• To understand and improve how the service is used, in aggregate.
• To detect, prevent, and respond to fraud, abuse, and security incidents, and to comply with the law.

3. How information is shared with third parties

We do not sell your personal data. We share data only with service providers that help us run the service, and only as needed:

• Google — for "Sign in with Google" authentication, if you choose it.
• Our payment processor (e.g. Stripe and any other processors enabled for your region) — to take payment for optional Deep Decision readings and to process refunds. They receive the payment details necessary to complete the transaction.
• Cloudflare — our hosting infrastructure provider, which processes and routes requests on our behalf and can deliver transactional emails such as sign-in codes.
• Email delivery providers (such as Resend and Cloudflare Email) — to send transactional emails (for example, email verification codes) and, only if you opt in, subscription emails. They receive the recipient email address and message content needed to deliver and track delivery.
• Our own first-party analytics — usage events are sent to an endpoint we operate, not to a third-party advertising network.

4. Cookies and local storage

• Essential cookies: we set a session/authentication cookie so you can stay signed in, and a small preference cookie to remember your chosen language.
• Local storage: while you use a tool as a guest (not signed in), draft inputs and unsaved charts may be kept in your browser’s local storage so you don’t lose your work. This data stays on your device until you clear it and is not, by itself, sent to us as a stored account record.
• We do not use third-party advertising or cross-site tracking cookies.

5. Data retention

We keep account data, saved charts, and purchase records for as long as your account is active or as needed to provide the service, meet legal and accounting obligations, and resolve disputes. Guest draft inputs held in your browser’s local storage persist until you clear them. Analytics data is retained in an aggregate-oriented form. When you delete your account, we delete or anonymize associated personal data as described below, except where we must retain certain records (for example, transaction records for tax and accounting).

6. Your rights and choices

Depending on where you live, you may have rights to access, correct, export, or delete your personal data, and to object to or restrict certain processing. We make two of these available directly in the product:

• Data export: signed-in users can request a machine-readable export of their data via our data-export endpoint (POST /api/v1/data-export).
• Account deletion: signed-in users can request deletion of their account and associated personal data via our account-deletion endpoint (POST /api/v1/account-deletion).
• Email subscriptions: every subscription email includes an unsubscribe link, and you can manage or withdraw email consent at any time.

7. Children

The service is intended for adults and is not directed to children. We do not knowingly collect personal data from children. If you believe a child has provided us personal data, contact us so we can remove it.

8. International users and transfers

We operate on globally distributed infrastructure, so your data may be processed in countries other than your own. Where required, we rely on appropriate safeguards for such transfers.

9. Security

We use reasonable technical and organizational measures to protect your data, including encryption in transit. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.

10. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the effective date above and, where appropriate, provide additional notice.

11. Contact us

If you have questions about this Privacy Policy or your data, contact {{COMPANY_LEGAL_NAME}} at {{CONTACT_EMAIL}}.