Privacy Policy
TarotFlow
Last Updated: April 6, 2026
1. Introduction
Welcome to TarotFlow, published by Neuralworks. We are committed to protecting your privacy and ensuring you have a positive experience. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and related services.
2. Information We Collect
2.1 Account Information
- Username and email address
- Password (securely hashed)
- Profile avatar and display name
- Date of birth (for personalized readings)
2.2 Tarot Reading Data
- Daily draw history and cards selected
- Reading timestamps
- Journaling entries and personal notes
- Reading spreads and deck preferences
2.3 AI API Data
- Cards drawn (used for AI reading generation)
- User questions and queries
- Reading tone preferences
2.4 Community Data
- Wishpool entries
- Anonymous tree-hole posts (without identification)
- Community engagement metrics
2.5 Device and Analytics Data
- Device information (model, OS version, unique ID)
- App usage patterns and engagement metrics
- Crash logs and diagnostic data
3. How We Use Your Information
- Providing personalized tarot readings using AI
- Generating daily reading suggestions
- Maintaining your journal and reading history
- Enabling community features
- Processing subscriptions and in-app purchases
- Improving the app through analytics
- Sending daily push notifications and astrology updates
- Compliance with legal requirements
4. AI and Third-Party Services
OpenAI/Gemini API
We use AI models to generate personalized tarot readings. When you request a reading, your selected cards and question are sent to the AI API. These requests are processed according to the respective API providers' privacy policies. We do not retain raw AI conversation logs longer than necessary for service improvement.
Push Notifications
We send daily 8:00 AM push notifications with your daily guardian card. You can disable these in app settings at any time.
5. Data Retention
Your reading history and journal entries are retained for the lifetime of your account. AI conversation logs are not permanently stored. You can export or delete your journal at any time. Upon account deletion, all personal data is removed within 30 days.
6. Your Rights and Choices
6.1 Data Access and Export
You can export all your reading history, journal entries, and profile data in standard format within the app.
6.2 Account Deletion
You can permanently delete your account and all associated data at any time through the app settings.
6.3 Notification Control
Manage all push notification settings within the app or iOS Settings > Notifications.
7. In-App Purchases and Subscriptions
Purchases are processed through Apple's App Store. We do not directly handle payment information. Apple complies with PCI DSS standards and manages all billing.
8. Data Security
We implement encryption for all data in transit and at rest. API communications use HTTPS/TLS. Database access is restricted to authorized personnel. However, no system is 100% secure.
9. Children's Privacy
TarotFlow is not intended for children under 13. We do not knowingly collect data from children under 13. If we become aware of such collection, we will delete the data immediately.
10. Contact Us
- Email: [email protected]
- GitHub Issues: github.com/ivanlaw313/TarotFlow/issues
© 2026 Neuralworks. All rights reserved.