Privacy Policy

This Privacy Policy explains how Authentic Tarot collects, uses, stores, and protects information when you use the website, account features, tarot readings, journal, subscriptions, and related services.

Authentic Tarot is designed as a private reflective space. We aim to collect only what is needed to operate the service, secure accounts, process payments, and improve the product.

Account information, such as your name, email address, password hash, account role, account status, session records, preferences, and login timestamps.

Tarot content you create or save, including readings, selected spreads, selected cards, questions, reading summaries, journal entries, and favourites.

Usage and technical information, such as timestamps, feature usage, app settings, error categories, and basic diagnostic information needed to operate and secure the service.

Billing identifiers from Stripe, such as customer ID, subscription ID, price ID, subscription status, billing period dates, and cancellation status. We do not store full card numbers.

We use your information to create and secure your account, provide readings and journaling features, remember your preferences, enforce plan limits, process subscriptions, provide support, and maintain the service.

We may use aggregated or non-identifying information to understand product usage, improve performance, investigate errors, and plan features.

We do not use your private journal entries or reading questions for advertising targeting.

Payments and subscription management are handled by Stripe. Stripe may collect payment details, billing details, fraud prevention signals, and other information needed to process payments.

Authentic Tarot stores Stripe identifiers and subscription status so your plan can be activated, updated, cancelled, or restored. Full payment card details are handled by Stripe, not stored by Authentic Tarot.

Stripe's use of your information is governed by Stripe's own privacy terms.

We may use cookies or similar technologies for authentication, session security, preferences, analytics, product diagnostics, and abuse prevention.

Analytics, if enabled, should use general product events rather than sensitive content. We do not intentionally send names, email addresses, reading questions, journal text, or billing details into analytics tools.

You can manage some cookie behavior in your browser settings, but blocking essential cookies may prevent login or account features from working.

Readings, questions, journal entries, and favourites are private to your account unless a future sharing feature is explicitly enabled and you choose to use it.

If sharing is added later, shared pages should clearly show what information is included before you publish or send a link.

We use account sessions, password hashing, server-side access checks, database permissions, and operational safeguards to protect the service.

No online service can guarantee perfect security. If you believe your account or data may be at risk, contact support@authenticself.energy.

We keep account and content data while your account is active or as needed to provide the service, comply with legal obligations, resolve disputes, prevent abuse, or maintain business records.

You can delete many user-created items, such as readings, journal entries, or favourites where those controls are available. To request account deletion or a broader privacy request, contact support@authenticself.energy.

Some billing, security, audit, or backup records may be retained for a limited period where required or reasonably necessary.

Depending on where you live, you may have rights to access, correct, delete, export, or object to certain processing of your personal information.

To make a privacy request, contact support@authenticself.energy from the email address associated with your account. We may need to verify your identity before acting on the request.

We may update this Privacy Policy as the service evolves. The updated date will show when the policy last changed.

For privacy questions, data requests, or account concerns, contact support@authenticself.energy.