Tarot Orbits
Tarot Orbitsorbit
Sign in

Legal

Privacy Policy

How Tarot Orbits collects, uses, shares, and stores personal and gameplay-related data.

Last updated: February 17, 2026

1. Data Categories

  • Account data: email, authentication identifiers, profile fields (display name, locale, age, gender if provided).
  • Gameplay data: topics/subjects, round metadata, prediction output, interpretation output, and sharing status.
  • Billing data: payment status, request IDs, Stripe references, and receipt metadata.
  • Technical data: logs, analytics events, error traces, anti-abuse signals, and rate-limit signals.

2. Processing Purposes

  • Account authentication and session continuity.
  • Gameplay operations, interpretation generation, and dashboard history.
  • Payment processing, fraud prevention, and security operations.
  • Product analytics, reliability monitoring, and support processing.

3. Processors

  • Supabase for authentication, database, and storage.
  • Stripe for payment operations.
  • A third-party technology provider (OpenAI API) for interpretation generation.
  • Google Analytics / Google Tag Manager for analytics.
  • Hosting and delivery providers (for example Vercel).

4. Retention

  • Account and prediction history is retained until deletion request or account removal, unless legal obligations require longer retention.
  • Billing records are retained as required by tax/accounting/legal rules.
  • Operational logs are retained for limited periods needed for security and incident response.

5. International Transfers and Rights

Data may be processed outside your country. Where required, transfer mechanisms provided by processors are used.

Depending on your location, you may request access, correction, deletion, portability, or objection/restriction. Contact: support@tarotorbits.com.

6. Cookies and Interpretation Provider

We use necessary cookies for sign-in/security and analytics technologies where applicable.

Tarot Orbits uses automated processing and a third-party technology provider (currently OpenAI API) to generate interpretations based on the information you submit.

Children Under 13

The Service is not intended for children under 13.

If we learn we collected personal data from a child under 13, we will delete it.

Sensitive Data Warning

Please do not submit sensitive personal data (for example health, religion, political opinions).

If you submit such data voluntarily, we process it only to provide the service.

Retention Time Ranges

  • Security and operational logs: typically 30-90 days.
  • Analytics data: typically 12-26 months (depending on configured analytics windows).
  • Account and prediction history: until user deletion request or account removal, unless legal retention obligations apply.