Privacy Policy

This Policy explains how [Company Name], operator of Zodiac Aura (the "Service"), collects, uses, shares and protects your personal data. By using the Service or submitting your email you agree to this Policy and to our Terms of Service.

1. Data we collect

• Email address — when you request a card, sign up via exit-intent, or purchase a reading.
• Reading inputs — first name, birth date, optional birth time, birth city, focus area, and a selfie if you upload one.
• Generated content — your aura card, premium reading and forecast tied to your card ID.
• Payment metadata — Stripe customer/session IDs and payment status. We never see or store your full card number.
• Basic technical data — device, browser, approximate location, and pages visited, used for security and to improve the Service.

2. How we use your data

• Generate and deliver your free card and premium reading;
• Send transactional emails (your reading, receipts, account notices);
• Send marketing emails from Zodiac Aura — horoscopes, tips, product updates, and promotional offers — based on the consent you give when submitting your email;
• Detect fraud, debug issues, and improve the quality of readings;
• Comply with legal obligations.

We do not sell your personal data, and we do not share your email with third parties for their own marketing.

3. Legal basis (EEA/UK users)

• Contract — to deliver the card or reading you requested.
• Consent — for marketing emails and selfie processing; you can withdraw at any time.
• Legitimate interests — to keep the Service secure and improve it.

4. AI processing of your selfie and birth data

Your selfie and birth details are sent to AI providers we use to generate your aura and cosmic report. These providers process the data only to return the requested output and, under their terms with us, do not use it to train their general-purpose models. The selfie is stored with your card so you can revisit your reading; you can request deletion at any time.

5. Service providers we share data with

• Stripe — payment processing;
• Resend — email delivery;
• Lovable Cloud / Supabase — hosting, database and authentication;
• AI providers — generating your reading and aura interpretation.

Each provider acts as a processor bound by appropriate data-protection terms. Some are located outside your country; we rely on standard contractual clauses or equivalent safeguards for international transfers.

6. Cookies and analytics

We use only the cookies and local storage required to operate the Service (e.g. keeping your draft card and remembering you between visits). We do not run third-party advertising trackers.

7. How long we keep your data

• Aura cards, selfies and readings: kept while your card is active so you can revisit it.
• Email subscriptions: kept until you unsubscribe or request deletion.
• Payment records: kept as required by tax and accounting law (typically up to 7 years).

8. Your rights

You can ask us to:

• Access a copy of your data;
• Correct inaccurate data;
• Delete your data, including your selfie and reading;
• Stop sending you marketing emails (one click in any email, or email us);
• Object to or restrict certain processing;
• Lodge a complaint with your local data-protection authority.

To exercise any right, email privacy@zodiacaura.fun.

9. Children

Zodiac Aura is not intended for anyone under 18. We do not knowingly collect data from children. If you believe a child has provided us with data, contact us and we will delete it.

10. Security

We use encryption in transit, access controls, and reputable hosting and payment providers. No online service is 100% secure; please use a strong unique email password and keep it private.

11. Changes

We may update this Policy. Material changes will be reflected here with a new "last updated" date.

12. Contact

Data controller: [Company Name], [Registered address]. For privacy questions email privacy@zodiacaura.fun. For legal notices email info@zodiacaura.fun.