Privacy Policy

Information We Collect

PlayingCardTarot.app collects minimal personal information. When you create an account, we store your chosen username and authentication credentials (passkey or hashed passphrase). We do not collect email addresses, real names, or other personally identifying information unless you voluntarily provide it via our contact form.

Reading Data

Your card readings are stored to allow you to review your reading history. Each reading contains the cards drawn, their positions, any combinations detected, and optional AI-generated analysis. Guest readings are associated with your browser session and are not linked to any personal identity.

AI Analysis

When you request an AI-enhanced reading, your card data (card names, positions, and meanings) is sent to a third-party AI service (OpenRouter) to generate a narrative interpretation. No personal information is included in this request. The generated analysis is stored with your reading for future reference.

Cookies & Local Storage

We use session cookies for authentication and localStorage for theme preferences. We do not use tracking cookies, analytics services, or third-party advertising.

Data Security

All connections are encrypted via HTTPS. Authentication uses WebAuthn passkeys or hashed passphrases. API keys and sensitive data are encrypted at rest using AES-256-GCM. Session cookies are HTTP-only, secure, and strict same-site.

Data Retention

Account data and reading history are retained as long as your account exists. Guest session data may be periodically cleaned. You can request deletion of your account and all associated data by contacting us.

Contact

For privacy-related questions, please use our contact form.