Privacy Policy
Effective date: June 6, 2026 · Last updated: June 6, 2026
TarotVibe (“TarotVibe,” “we,” “our,” or “us”) is a mobile
tarot and astrology companion published by Azentech. This Privacy Policy explains what information
we collect when you use the TarotVibe Android app and the TarotVibe backend service (together, the
“Service”), how we use it, and the choices you have.
The short version. TarotVibe works largely offline. You can use the app without
creating an account. If you choose to sign in for cloud features (reading backups, multi-device
sync), we collect only what is needed to provide those features. We do not sell your personal
information.
1. Information We Collect
1.1 Information you provide
- Account information. If you create an account, we collect your email address and a securely hashed password.
- Onboarding details. Your name or nickname, intention, birth date, birth time, birth location, zodiac sign, and current energy or mood — used to personalize daily cards, alignments, and horoscopes. These are stored locally on your device and, if you enable cloud backup, on our servers.
- Reading content. Cards drawn, spread layout, journal notes, and optional context you write (a question or topic). These are stored locally on your device and, if you enable cloud backup, on our servers.
- Support communications. If you contact us, we keep your message and our reply.
1.2 Information collected automatically
- Device and technical data. Device model, operating system version, app version, language, time zone, and a randomly generated device identifier used for crash reports and abuse prevention.
- Usage events. Aggregated counts such as how many spreads were drawn or how often a feature was opened, used to improve the app. This data does not include your reading content.
- Server logs. When you connect to our backend, our servers log the request URL, timestamp, IP address (truncated where allowed), and basic response metadata for security and reliability.
- Advertising identifiers. If you see ads, the Google Mobile Ads SDK may access your Android Advertising ID and limited device signals as described in section 3.
1.3 Information we do not collect
- We do not access your contacts, calendar, photos, microphone, or precise location.
- We do not require sign-in to use the core tarot, spread, journal, or daily card features.
- We do not knowingly collect information from children under the age applicable in your country (see section 7).
2. How We Use Your Information
- To provide and personalize core features: daily cards, cosmic alignment, horoscopes, spread results, and journal history.
- To generate the personalized reading text for the spreads you draw, by sending the cards drawn and your chosen topic or question to a third-party text generation service (see section 3).
- To synchronize your readings, notes, and preferences across your devices when cloud backup is enabled.
- To authenticate you and keep your account secure.
- To send transactional emails such as account verification, password reset, and important notices.
- To detect, prevent, and address fraud, abuse, and technical issues.
- To comply with applicable law and enforce our terms.
3. Third-Party Services
TarotVibe relies on a small set of third-party providers. Each is described below, along with the data shared:
-
Pollinations (gen.pollinations.ai). When you open a reading, we send the cards
drawn, the spread name, and the topic or question you selected (if any) to Pollinations to
generate the personalized reading text shown to you. We do not send your email address, name,
or account identifier with these requests.
-
Google AdMob. If ads are shown in the app, the Google Mobile Ads SDK collects
the Android Advertising ID, device signals, and ad-interaction data to serve ads and prevent
fraud. You can reset or limit your advertising ID in your Android settings. See
Google’s Privacy Policy.
-
Google Play Billing. If you make in-app purchases, the transaction is processed
by Google Play. We receive a purchase token and product identifier to grant the entitlement;
Google handles payment information directly.
-
Email delivery (Nodemailer / SMTP). Transactional emails such as verification
and password-reset codes are sent through our SMTP provider.
-
Hosting provider. Our backend runs on commercial cloud infrastructure, which
stores the data described above in encrypted form at rest.
4. Sharing of Information
We do not sell or rent your personal information. We share information only:
- With the third-party providers in section 3, strictly for the purposes described.
- When required by law, court order, or a valid governmental request.
- To investigate, prevent, or respond to fraud, abuse, security threats, or violations of our terms.
- In connection with a merger, acquisition, or sale of assets, in which case we will give you notice and a chance to choose before your information becomes subject to a different policy.
5. Data Retention
- On-device data stays on your device until you uninstall the app or clear its storage.
- Cloud backup data is kept while your account is active. You can delete it at any time from inside the app, or request deletion as described in our Data Deletion page.
- Server logs are kept for up to 30 days for security and debugging.
- Backups may persist for up to 30 days after deletion before being permanently overwritten.
6. Your Rights and Choices
Depending on where you live, you may have the right to:
- Access the personal information we hold about you.
- Correct inaccurate information.
- Delete your account and associated data (see Data Deletion).
- Object to or restrict certain processing.
- Withdraw consent at any time, where processing is based on consent.
- Lodge a complaint with a data-protection authority in your country.
To exercise any of these rights, contact us at [email protected].
7. Children’s Privacy
TarotVibe is intended for users aged 13 and older (or the minimum age required in your country
to consent to data processing). We do not knowingly collect information from children below
that age. If you believe a child has provided information to us, please contact us and we will
delete it.
8. Security
We protect your information with TLS encryption in transit, encrypted storage at rest, hashed
passwords (bcrypt), short-lived authentication tokens, and rate-limiting on sensitive
endpoints. No method of transmission or storage is 100% secure, but we work to protect your
information using industry-standard safeguards.
9. International Transfers
Your information may be processed in countries other than the one in which you live. Where
required, we use appropriate safeguards such as standard contractual clauses to protect your
information during international transfers.
10. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the
“Last updated” date at the top. For material changes, we will provide a more
prominent notice (for example, an in-app message). Your continued use of the Service after the
changes take effect means you accept the updated policy.
11. Contact Us
Questions or concerns about this policy or your data? Email
[email protected].