Privacy Policy
Last updated: June 15, 2026
This Privacy Policy explains what data the Tarot Magic Cards iOS app (“the App”, “we”, “us”) collects, why, and your choices. Questions: use our support form.
Summary
- We do not ask for your name, email, or phone number to use the App.
- We do not show ads, use third-party analytics, or track you across apps or websites. We never sell your data.
- You sign in automatically and anonymously; your readings are tied to a random identifier, not to your real identity.
- Voice questions are transcribed on your device; the audio is not sent to us or to Apple’s servers.
- You can delete your account and all associated data from within the App at any time (Settings → Account → Delete account).
Who we are
The App is provided by Mikhail Drazdzetski. The App talks to our backend at https://api.tarotmagiccards.com.
What we collect and why
| Data | What it is | Why | Linked to your identity? |
|---|---|---|---|
| Anonymous account identifier | A random ID created by Firebase Anonymous Authentication (Google). No name, email, or phone. | To keep your readings on your device-independent account and let you return to your history. | To the anonymous account only — not to your real-world identity. |
| Your questions | The text you type, or the text transcribed on-device from your spoken question. | Sent to our backend to generate a reading. | To the anonymous account. |
| Reading history | The spreads, drawn cards, and AI-generated interpretations you receive. | Stored so you can revisit past readings. | To the anonymous account. |
| App language preference | Your selected interface/content language. | Stored on your device to localize the App. | Stored on device (UserDefaults); not an identifier. |
| Technical data | Basic request data such as IP address and standard server logs, used transiently to operate and secure the API. | To deliver responses and protect against abuse. | Not used to build a profile of you. |
We do not collect: your name, email address, phone number, contacts, precise location, photos, health data, advertising identifiers (IDFA), or any cross-app/website tracking data.
Voice input
When you ask a question aloud, speech recognition runs on your device (Apple’s on-device Speech framework). The audio recording does not leave your device and is not sent to us or to Apple’s servers; only the resulting text is sent to our backend to generate a reading, exactly as if you had typed it. Microphone and speech-recognition access are requested only when you start a voice question, and you can decline or revoke them in iOS Settings.
AI-generated content
Readings are generated by an artificial-intelligence model based on your question and the drawn cards. To produce a reading, the text of your question is processed by our backend and the AI model that generates the interpretation. Readings are provided for reflection and entertainment and are not professional advice.
Third parties we share data with
We share data only as needed to run the App, never for advertising or sale:
- Google Firebase (Authentication) — issues the anonymous account identifier.
- Our backend hosting and the AI model provider — process your question to generate and store your readings.
- Telegram — if you contact us through our support form, your message (and any email you choose to add) is delivered to us via Telegram. We use it only to receive and respond to your request.
We require these providers to handle data only to provide their service to us. We do not authorize them to use your data for their own advertising.
Data retention and deletion
We keep your anonymous account and reading history until you delete them. You can delete your account and all associated readings at any time in Settings → Account → Delete account; this removes the backend record for your anonymous account and signs you out into a fresh, empty anonymous session. Backups and logs are purged on our standard rotation schedule. If any data must be retained for legal reasons, we keep only what is required and for no longer than necessary.
Children
The App is not directed to children under 13 (or the minimum age of digital consent in your country, if higher). We do not knowingly collect personal data from children under that age.
Security
Connections use HTTPS. Authentication tokens are stored in the iOS Keychain. No method of transmission or storage is 100% secure, but we take reasonable measures to protect your data.
International transfers
Our providers may process data in countries other than yours. Where required, we rely on appropriate safeguards for such transfers.
Your rights
Depending on where you live (e.g., the EU/EEA under GDPR, or California under CCPA/CPRA), you may have rights to access, correct, delete, or export your data, and to object to or restrict certain processing. Because the App is anonymous, the primary way to exercise deletion is the in-app Delete account action. For other requests, contact us through our support form.
Changes to this policy
We may update this policy; we will revise the “Last updated” date above and, for material changes, provide notice in the App or listing.
Contact
Questions or privacy requests: use our support form.