Privacy Policy

Information We Collect

We collect only what is required to deliver, secure, and personalise the service.

• Account information. When you authenticate with Apple Sign-In, Google Sign-In, or LINE Login, we receive your email, display name, and profile picture URL — only enough to create and recover your account.
• Reading history. Questions you ask, cards drawn, and the AI interpretation generated for you — saved into your private Grimoire so you can return to past sessions.
• Wallet & entitlements. Your tarot-credit balance, ticket inventory, and active subscription tier (Buffet, Emperor, etc.) — kept in sync across web, iOS, and Android.
• Affiliate (Ambassador) data. Voluntary. Legal name, bank, account number — used solely to remit your commission.
• Technical & usage logs. App version, device type, locale, error reports, and aggregate timestamps. No advertising IDs are collected.

How We Use Information

Each data point above maps to a specific functional purpose. We do not repurpose it.

• Authenticate access and protect your saved Grimoire from impersonation.
• Generate personalised tarot interpretations using Google Gemini models — your question and minimum context only.
• Manage credits, tickets, and subscription entitlements across devices.
• Calculate, audit, and pay affiliate commissions accurately.
• Maintain service health: detect abuse, throttle bots, ship reliability fixes.

Storage & Security

Your data is stored in Firebase / Firestore, with the primary region in asia-southeast1 (Singapore). All transit is TLS-encrypted; storage is encrypted at rest under Google-managed keys. Edge protection (rate limits, bot challenges) is provided by Cloudflare.

Access to production data is limited to authorised engineers, secured behind hardware-key MFA, and logged. We do not sell your personal data to anyone. Data shared with AI providers is limited to the question and minimum context required to generate the reading, under enterprise-grade non-training agreements.

Service Providers

The service depends on a small, audited set of professional vendors. Each operates under its own published privacy policy.

• Google Cloud / FirebaseHosting, Firestore, Authentication, Cloud Functions in asia-southeast1.data infrastructure
• Google GeminiAI interpretation generation. Requests are not used to train Google's foundation models.ai inference
• Apple · Google · LINESign-In identity providers — receive only the OAuth callback you authorise.authentication
• StripeCard and PromptPay processing on the web. Card numbers never reach our servers.web payments
• RevenueCatiOS / Android subscription state — works alongside App Store and Google Play.mobile subscriptions
• CloudflareCDN, WAF, and Turnstile bot protection on form submissions.edge security
• Google Analytics 4Aggregate, anonymised traffic and engagement metrics. IP anonymisation enabled.analytics
• Capacitor (mobile)Native bridge for filesystem and social-share features on the device only.mobile runtime

Payments & Financial Data

Purchases of credits or subscriptions are processed by Apple App Store, Google Play, Stripe, or PromptPay (via Stripe). We receive only the success / failure result linked to your user ID and the line items you bought. We do not see, process, or store your card numbers, CVV, or banking credentials. The single exception is the bank-account detail you choose to provide for affiliate payouts (Section I), which is encrypted at rest and accessed only for remittance.

Analytics & Cookies

We use device localStorage and cookies only for functional purposes — keeping you signed in, restoring an in-progress reading after a network drop, remembering your language, and caching static assets.

Google Analytics 4 is enabled with IP anonymisation to measure aggregate traffic. We do not deploy retargeting pixels, advertising trackers, or third-party fingerprinting. Cloudflare Turnstile may briefly run on form pages to deter bots; it does not require user interaction in the typical case.

Your Rights (PDPA / GDPR)

Under Thailand's PDPA and equivalent regimes, you may exercise the following rights at any time, free of charge.

• Access & portability. View every saved reading inside the app's Grimoire / Collection screen.
• Rectification. Update display name, email, or affiliate payout details from in-app settings.
• Erasure. Delete your account and all associated data from in-app settings, or by writing to [email protected].
• Objection & withdrawal. Withdraw consent for processing — equivalent to closing your account.
• Complaint. If you believe we have not handled your request properly, you may lodge a complaint with the Personal Data Protection Committee (PDPC) of Thailand or your local data-protection authority.

Children's Privacy

The service is intended for general audiences and is not directed at children under 13. We do not knowingly collect personal data from children. If we learn that we have, we will delete it promptly.

Retention & Deletion

Account and reading data is retained while your account is active. On deletion, personal records are purged from production within 30 days; encrypted backups age out within 90 days. Aggregate, fully anonymised metrics may be retained for service-quality reporting.

Entertainment Disclaimer

POLYME's products are tools for reflection, journaling, and entertainment. AI-generated readings are symbolic and linguistic, not deterministic. They are not a substitute for professional medical, legal, financial, or psychological advice.

Changes to This Policy

We will post material changes here with an updated effective date. For changes that meaningfully expand the scope of data we collect, we will additionally notify you in-app.

Contact

For privacy questions, deletion requests, or rights enquiries, write to the POLYME DOT team: