Privacy Policy

AITarotReading.ai ("we") operates this Service. We can be reached at hello@aitarotreading.ai.

When you use the Service we collect:

• Account info: the email address you sign up with, and a password hash if you set one.
• Your readings: the questions you submit, the cards drawn, the AI-generated interpretations, your ratings, redraws, and deep dives. These are stored only against your account.
• Billing info: handled entirely by Stripe. We store the Stripe customer ID and subscription status; we never see or store your card number.
• Technical logs: IP address, browser, and timestamps as part of standard server operation and abuse prevention.
• Cookies: a session cookie to keep you signed in, and an anonymous "trial used" cookie to enforce the one-free-reading limit.

We use the data above to:

• Provide the Service (generate readings, save them)
• Send transactional emails (sign-in links, reading copies)
• Process subscription payments
• Enforce limits and detect abuse
• Improve the prompts and the product

We do not sell your data, run advertising, or use your readings for marketing.

We rely on the following providers to operate the Service:

• Supabase — database hosting and authentication.
• Vercel — application hosting and edge delivery.
• Stripe — subscription billing.
• Anthropic and OpenAI — large language model APIs used to generate readings. The question you submit and the cards drawn are sent to these providers per their privacy terms.
• Resend — transactional email delivery.

Data is stored in the regions our providers operate (primarily the EU and the US, depending on the provider). Transfers outside your country may occur under the providers' standard contractual clauses.

We keep your account data and readings until you delete your account. After deletion, account data and readings are removed from our database within 30 days. Billing records may be retained longer where required by tax law.

Depending on where you live you have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Delete your account and associated data
• Export your readings (we'll send a JSON export on request)
• Object to processing or restrict it
• Lodge a complaint with your data protection authority

To exercise any of these rights, email hello@aitarotreading.ai.

The Service is not directed at and not intended for users under 18. We do not knowingly collect data from minors.

We protect your data with standard industry practices — encrypted connections, hashed passwords, row-level security in the database — but no system is perfectly secure. Use a strong password and do not share it.

We may update this page. Material changes will be announced by email and on this page.