Privacy Policy

Last updated: October 23, 2025

Introduction

Welcome to Zodiacal. We are committed to protecting your personal information and your right to privacy. This privacy policy describes how we collect, use and share your information when you use our astrological card reading and horoscope consultation website.

Information we collect

We collect the following categories of information:

  • Personal information : name, email address, date of birth (day and month only), and encrypted password for creating your account.
  • Draw history : recording of your daily astrological card draws, consultation dates, and personalized interpretations.
  • Card collection : astrological cards unlocked in your personal collection and unlock dates.
  • Payment information : shard purchase transactions via Stripe (we do not store your banking data, it is securely processed by Stripe).
  • Usage information : data regarding your interaction with our website, such as pages you visit, features you use and time spent on the site.
  • Technical information : IP address, browser type, Internet service provider, operating system, and timestamps.

How we use your information

We use the information we collect to:

  • Provide, maintain and improve our astrological card reading and horoscope services.
  • Personalize your experience, such as daily draws based on your date of birth and astrological profile.
  • Manage your astrological card collection and draw history.
  • Process your shard purchases and manage your shard balance.
  • Communicate with you, including sending updates, account-related information and responses to your requests.
  • Develop new astrological products and services.
  • Ensure the security of your account with a secure authentication system.
  • Prevent fraud and enhance the security of our website.

Sharing your information

We do not sell your personal information. We may share your information with:

  • Stripe : for secure payment processing when purchasing shards. Stripe only receives information necessary for transaction processing.
  • Supabase : our database hosting provider that securely stores your account information, draw history and card collection.
  • Vercel : our web host that ensures the availability and performance of our website.
  • Legal authorities : when we are legally required to do so or to protect our legal rights.

Cookies and similar technologies

We use cookies and similar technologies to:

  • Authentication cookies : to maintain your login session and secure your account (Next-Auth).
  • Security cookies : to protect against CSRF attacks and ensure the security of your transactions.
  • Preference cookies : to remember your choices and personalize your experience.

You can configure your browser to refuse cookies, but this may affect certain essential features of our website, particularly logging into your account.

Data security

We take appropriate technical and organizational measures to protect your information against unauthorized access, alteration, disclosure or destruction:

  • Password encryption with bcrypt.
  • Secure authentication with Next-Auth and JWT.
  • Secure database with Row Level Security (RLS) on Supabase.
  • Data transmission via HTTPS.
  • Payment processing via Stripe in compliance with PCI-DSS standards.

However, no method of transmission over the Internet or electronic storage is completely secure, and we cannot guarantee absolute security.

Your rights

Depending on your place of residence, you may have certain rights regarding your personal information, such as:

  • Access your personal information.
  • Correct inaccurate information.
  • Delete your information.
  • Restrict or object to the processing of your information.
  • Request the portability of your information.

To exercise these rights, please contact us at the email address indicated below.

Data retention

We retain your personal information for as long as you maintain your active account and as long as necessary to provide our services and comply with our legal obligations. If your account is deleted, your personal data will be erased from our systems, except for information we must retain for legal or accounting reasons (for example, transaction history for accounting purposes).

Modifications to this policy

We may update this privacy policy from time to time. We will notify you of any significant changes by email or by a notice on our website. We encourage you to regularly review this policy to stay informed about how we protect your information.

Contact us

If you have questions regarding this privacy policy or wish to exercise your GDPR rights, please contact us at: contact@zodiacal.fr

Back to home