Privacy Policy

ZenithAlign (“we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the ZenithAlign mobile application and website (collectively, the “Service”). Please read this policy carefully. By using the Service, you consent to the practices described herein.

If you do not agree with the terms of this Privacy Policy, please do not use the Service.

1. Information We Collect

1.1 Information You Provide Directly

• ✦Account Information: When you create an account, we collect your name, email address, and password (stored in encrypted form).
• ✦Profile Data: Date of birth, zodiac sign, and optional profile photo if you choose to provide them.
• ✦User-Generated Content: Dream journal entries, tarot questions, reading responses, and chat messages you submit within the app.
• ✦Payment Information: In-app purchases and subscriptions are processed entirely by Apple via StoreKit. We do not receive or store your full payment card details. We may receive a purchase confirmation token from Apple.
• ✦Support Communications: When you contact us, we retain the content of your messages and your email address.

1.2 Information Collected Automatically

• ✦Usage Data: Features accessed, session duration, screens viewed, and interactions within the app.
• ✦Device Information: Device model, operating system version, unique device identifiers (including Apple’s IDFV), and app version.
• ✦Log Data: IP address (anonymized), timestamps, error logs, and crash reports.
• ✦Analytics: Aggregated, anonymized behavioral data to improve app performance and user experience.

1.3 Information from Third Parties

• ✦Sign in with Apple: If you sign in using Apple ID, we receive your name and email address (or Apple’s relay email) as authorized by you.
• ✦AI Service Providers: When you use AI-powered features (such as Astra AI guidance or dream interpretation), anonymized or pseudonymized conversation content may be transmitted to our AI infrastructure partners. See Section 5 for full disclosure.

2. How We Use Your Information

• ✦To create, authenticate, and manage your account
• ✦To deliver the core features of the Service: tarot readings, dream interpretation, guided breathing, and AI guidance
• ✦To process and fulfill in-app purchases and subscriptions via Apple StoreKit
• ✦To personalize your experience based on your preferences, birth data, and usage history
• ✦To send transactional notifications (e.g., reading ready, subscription renewal) if you have opted in
• ✦To improve, debug, and optimize the app through aggregated analytics
• ✦To respond to your support requests and communicate with you
• ✦To detect and prevent fraud, abuse, and violations of our Terms of Service
• ✦To comply with applicable legal obligations

We will not use your personal data for purposes incompatible with those listed above without your explicit consent.

3. Legal Basis for Processing (GDPR / EEA Users)

If you are located in the European Economic Area, United Kingdom, or Switzerland, our legal bases for processing your personal data include:

• ✦Contractual Necessity: Processing required to provide the Service you have requested (e.g., account creation, delivering readings).
• ✦Legitimate Interests: Analytics, fraud prevention, and service improvement — where these interests are not overridden by your rights.
• ✦Consent: Marketing communications, AI data sharing for personalization, and optional analytics. You may withdraw consent at any time.
• ✦Legal Obligation: Compliance with applicable laws and regulations.

4. Data Sharing and Disclosure

We do not sell your personal data. We may share your information only in the following circumstances:

• ✦Service Providers: Trusted third-party vendors who assist in operating the Service (cloud hosting, customer support tools, email delivery), bound by data processing agreements.
• ✦Apple Inc.: In-app purchase and subscription data processed under Apple’s own Privacy Policy via StoreKit.
• ✦AI Infrastructure Partners: Anonymized prompts and responses may be processed by AI providers to generate responses (see Section 5). Full disclosure provided prior to first use.
• ✦Human Readers: When you request a reading from a human reader, your question and selected tarot spread are shared with that reader to fulfill the service. Readers are bound by confidentiality agreements.
• ✦Legal Compliance: When required by law, court order, or governmental authority, or to protect the rights, safety, or property of ZenithAlign or others.
• ✦Business Transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred to the successor entity, subject to the same privacy protections.

5. Artificial Intelligence & Third-Party AI Services

• ✦Data Transmitted: User prompts, dream descriptions, and questions — minimized and anonymized where possible.
• ✦No Training Use: We contractually prohibit our AI partners from using your personal data to train their general models.
• ✦User Control: You may withdraw consent to AI data processing at any time via Settings → Privacy → AI Data Sharing. Withdrawal disables AI-powered features but does not affect other Service functionality.
• ✦Retention by AI Partners: Processing logs are retained by AI partners for no more than 30 days for safety and quality monitoring.

6. Data Retention

• ✦Account Data: Retained for the duration of your account, plus 90 days after deletion to allow for recovery.
• ✦Reading & Dream Data: Retained indefinitely unless you delete it within the app or request account deletion.
• ✦Payment Records: Transaction records retained for 7 years as required by applicable tax and accounting laws.
• ✦Usage & Analytics: Aggregated, anonymized data may be retained indefinitely; identifiable logs purged after 12 months.
• ✦Support Communications: Retained for 3 years from last contact, then deleted.

7. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal data:

• ✦Access: Request a copy of the personal data we hold about you.
• ✦Correction: Request correction of inaccurate or incomplete data.
• ✦Deletion: Request deletion of your account and associated personal data. Submit requests to privacy@zenithalign.com or use Settings → Account → Delete Account.
• ✦Portability: Request a machine-readable export of your data (EEA users).
• ✦Objection / Restriction: Object to or request restriction of certain processing activities.
• ✦Withdraw Consent: Withdraw consent for marketing or AI data processing at any time without affecting the lawfulness of prior processing.
• ✦Notification Preferences: Manage push notifications in iOS Settings → ZenithAlign → Notifications.

We will respond to verifiable requests within 30 days (45 days for complex requests). We may need to verify your identity before processing your request.

8. Children's Privacy

ZenithAlign is not directed at, and does not knowingly collect personal information from, children under the age of 13 (or 16 in the EEA). The App Store age rating for ZenithAlign is 17+ (due to infrequent mature spiritual themes).

If we become aware that we have collected personal data from a child under the applicable age threshold without verifiable parental consent, we will delete that data immediately. If you believe we have inadvertently collected such data, please contact us at privacy@zenithalign.com.

9. Data Security

• ✦All data transmitted between the app and our servers is encrypted using TLS 1.3.
• ✦Passwords are hashed using industry-standard bcrypt with per-user salts.
• ✦Personal data at rest is encrypted using AES-256.
• ✦We conduct regular security audits and penetration testing.
• ✦Access to personal data is restricted to authorized personnel on a need-to-know basis.

No method of electronic transmission or storage is 100% secure. While we use commercially reasonable measures to protect your data, we cannot guarantee absolute security.

10. Cookies and Tracking Technologies

The ZenithAlign mobile app does not use advertising tracking identifiers (IDFA) and does not engage in cross-app tracking. The app uses Apple’s IDFV (Identifier for Vendor) solely for analytics and crash reporting within our own Service.

Our website uses essential cookies for functionality and optional analytics cookies. You may control cookie preferences via the cookie settings banner on our website. We do not use cookies for behavioral advertising.

11. International Data Transfers

ZenithAlign operates globally. Your personal data may be transferred to and processed in countries other than your country of residence, including the United States. When we transfer data from the EEA, UK, or Switzerland, we rely on appropriate legal mechanisms including Standard Contractual Clauses (SCCs) approved by the European Commission.

12. California Privacy Rights (CCPA/CPRA)

California residents have the right to:

• ✦Know what personal information we collect, use, disclose, and sell
• ✦Delete personal information we hold (with certain exceptions)
• ✦Correct inaccurate personal information
• ✦Opt out of the sale or sharing of personal information (we do not sell personal data)
• ✦Non-discrimination for exercising your privacy rights
• ✦Limit the use of sensitive personal information

To exercise these rights, contact us at privacy@zenithalign.com or call our toll-free number. We will respond within 45 days.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify you of material changes by:

• ✦Posting a prominent notice within the app
• ✦Sending an email notification to your registered address
• ✦Updating the “Last Updated” date at the top of this page

Your continued use of the Service after the effective date of the revised policy constitutes your acceptance of the changes.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: