Tarot AI

Privacy Policy

Privacy Policy for Tarot AI App
Last updated: June 16, 2025

A24Z LTD (Company No. 15153605)
128 City Road, London, EC1V 2NX, United Kingdom
Email: info@tarotaiapp.com

1. Introduction

Tarot AI (“we”, “us”, or “our”) is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy describes how we collect, use, share, and safeguard data in connection with our mobile application — “Tarot AI” (the “App”) — and any related websites (“Site”). By installing or using the App, you consent to the practices described in this policy.

2. Scope & Age Rating

  • App Store / Google Play Rating:
    We have designated Tarot AI as suitable for users aged 3 years and older (“3+”). No mature or explicit content is shown.

  • Jurisdictional Compliance:
    This policy applies worldwide. If you access the App from a jurisdiction with additional privacy requirements (e.g., GDPR in the EU, COPPA in the USA), you benefit from any extra protections required by local law.

3. Controller & Contact Details

Data Controller:
A24Z LTD, registered in England & Wales (Company No. 15153605).
Registered Address: 128 City Road, London, EC1V 2NX.
Data Protection Officer (DPO):
Please direct all privacy inquiries or requests to: info@tarotaiapp.com.

4. Information We Collect

Category What We Collect
User-Provided Data Display Name (single name string) for in-App use and personalization.
Device & Usage Data Device identifiers (e.g. IDFA, GAID).
Operating system, device model, screen resolution.
In-App events (time of use, features accessed, crash/log data).
Advertising & Analytics Advertising identifiers, ad impressions, clicks, revenue metrics (via Appodeal, AdMob, etc.).
Event logs, screen views, user engagement metrics (via Firebase Analytics).
Push Notification Tokens • Unique tokens required to deliver push notifications to your device.

No collection of email addresses, phone numbers, precise geolocation, payment card data, or other sensitive personal data is performed at registration—only the user’s chosen display name is stored.

5. How We Use Your Information

Purpose Data Category Legal Basis
Provision of core App functionality Display Name Performance of contract
Personalization of readings Display Name Legitimate interest
Performance monitoring & crash reporting Device & Usage Data Legitimate interest
Analytics & product improvement Device & Usage Data, Event logs Legitimate interest
Targeted advertising and revenue optimization Advertising & Analytics Data Legitimate interest
Push notifications Push Notification Tokens Consent (opt-in on first run)
Customer support Display Name, limited logs Legitimate interest
Compliance with legal obligations Any data required by law Legal obligation

  • Legitimate interest: We monitor and improve App functionality, ensure stability, and serve relevant ads.

  • Consent: On first launch, we ask you to opt-in to receive push notifications. You may withdraw consent at any time.

6. Third-Party Services & Data Sharing

We integrate only industry-standard providers. We do not sell or rent your personal data. We share minimal data as follows:

  1. Firebase Analytics (Google LLC)
    • Device & Usage Data for analytics and crash reporting.

  2. Appodeal & Google AdMob
    • Advertising identifiers and interaction metrics for ad mediation.

All service providers act as “data processors” under applicable laws and are contractually required to process data only on our instructions and to implement appropriate safeguards.

7. Data Retention & Deletion

  • Display Name & Push Tokens: Stored indefinitely until you request deletion.

  • Analytics Data: Retained for up to 26 months per Firebase policy; aggregated metrics thereafter.

  • Advertising Logs: Stored according to each ad network’s policy (typically up to 13 months).

You may request deletion of your Display Name and associated push-notification token at any time by emailing info@tarotaiapp.com. We will erase your data within 30 days of your request, except where retention is required by law.

8. Cookies & Tracking Technologies

Our Site (not the App) uses cookies and similar technologies to:

  • Distinguish you from other users.

  • Collect standard internet log information (browser type, device, IP address).

  • Analyze web traffic (via Google Analytics).

You can disable cookies in your browser settings; however, some Site functionality may be impaired.

9. Security Measures

We implement industry-standard technical and organizational controls to protect your data, including:

  • Encryption in Transit: TLS 1.2+ for all communications.

  • Encryption at Rest: AES-256 encryption on all servers and backups.

  • Access Controls: Role-based access, multi-factor authentication, regular credential rotation.

  • Network Security: Firewalls, intrusion detection systems, DDoS protection.

  • Development Best Practices: Secure coding standards, periodic code reviews, third-party library audits.

  • Incident Response: Documented procedures for breach detection, notification within 72 hours to affected users and regulators.

10. Children’s Privacy

  • COPPA Compliance (USA): We do not collect personal information from children under 13.

  • Global Guidance: Although the App is rated 3+, no personally identifiable information is required beyond a simple Display Name.

  • If we learn that we have inadvertently collected data from a child under 13 without parental consent, we will promptly delete that data.

11. Your Rights & Choices

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of your personal data.

  • Correction: Request correction of inaccurate data.

  • Erasure (“Right to be forgotten”): Request deletion of your data.

  • Data Portability: Request machine-readable export of your data.

  • Opt-Out of Marketing / Analytics:

    • Disable analytics via App Settings → “Disable Analytics.”

    • Opt-out of personalized ads at the device level (iOS Settings → Privacy → Advertising; Android Settings → Google → Ads).

To exercise any right, email info@tarotaiapp.com. We will respond within statutory deadlines (typically 30 days).

12. International Data Transfers

Your data may be stored and processed in the United Kingdom, United States, and other jurisdictions where our service providers operate. We ensure that any cross-border transfers comply with applicable data-transfer mechanisms (e.g., Standard Contractual Clauses under GDPR).

13. Regulatory Disclosures

  • GDPR (EU): EU residents have additional rights under the GDPR.

  • CCPA (California, USA): California residents may request disclosure of personal data categories and opt out of “sale” of personal information. We do not “sell” data under CCPA.

  • UK Data Protection Act 2018: UK residents have the same rights as under the GDPR.

14. Tarot-Specific Compliance Notes

  • Our App provides entertainment and personal insight only and does not offer professional counseling, medical, legal, or financial advice.

  • Tarot AI readings are for personal enrichment; users should exercise their own judgment.

15. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. We will:

  1. Post the revised policy on this page.

  2. Update the “Last updated” date.

  3. Where required by law, obtain your consent if changes are material.

16. Contact Us

If you have questions or wish to exercise your privacy rights, please contact:
Email: info@tarotaiapp.com
Address: A24Z LTD, 128 City Road, London, EC1V 2NX

Thank you for trusting Tarot AI. We are committed to protecting your privacy and providing a safe, insightful experience.