Last updated: 22.06.2026
Owner: InnOneWeb OÜ
Registration No.: 16826593
Address: Harju maakond, Tallinn, Kesklinna linnaosa, Sakala tn 7-2, 10141, Estonia
Email: support@tarotico.com
Website: www.tarotico.com
Brand: TAROTICO — an online platform for tarot, symbolic spreads, metaphysical interpretations, and self-reflection tools
1. Introduction
This Privacy Policy explains how InnOneWeb OÜ (“we”, “us”, “our”) collects, uses, stores, and protects your personal data when you use the TAROTICO platform (“Platform”), including the website, mobile versions, user accounts, free and paid services, digital spreads, AI interpretations, and related features.
We are committed to protecting your privacy and process personal data in accordance with the General Data Protection Regulation (GDPR), Estonian law, and applicable international data protection standards.
This Privacy Policy should be read together with our Terms of Use, Cookie Policy, and AI / Spiritual Disclaimer.
2. Data We Collect
We collect only information that is necessary to provide, secure, maintain, and improve the TAROTICO services.
We may collect the following categories of data:
a) Account Data
This may include:
name or username;
email address;
password in a protected, hashed, or encrypted form;
language and user preferences;
information related to your account.
b) Subscription and Payment Data
This may include:
selected subscription plan;
subscription status;
information about an active or expired free trial;
payment history;
information about purchased packages or paid features;
technical data necessary for payment processing.
Payments are processed through external payment service providers, such as Stripe or other providers that may be available on the Platform.
TAROTICO does not store full bank card details, card numbers, or CVV codes.
c) Reading, Question, and Interpretation Data
When you use Tarotico, we may process and store data related to your readings and interpretations, including:
questions or themes entered by you;
selected types of spreads;
drawn cards, runes, Bach flowers, symbols, or other elements;
generated interpretations;
history of completed readings;
date and time of use;
related technical and user records.
This data is used so that we can provide the service, save your history in your account, give you access to previous readings, improve platform functionality, prevent abuse, and resolve technical issues.
d) Usage Data
We may collect information about how you use the Platform, such as:
which pages you visit;
which features you use;
which types of spreads you select;
frequency of use;
interactions with the interface;
preferences related to language, region, or settings.
This data helps us improve the service, user experience, and technical stability of the Platform.
e) Technical Data
We may collect technical information such as:
IP address;
browser type;
device;
operating system;
approximate location based on IP address;
language settings;
security logs;
technical errors;
session and access data.
This data is used for security, abuse prevention, technical support, localization, and platform improvement.
f) Communication Data
If you contact us, we may process:
your email address;
message content;
feedback;
support requests;
correspondence related to your account, payments, or use of the service.
g) Cookie and Similar Technology Data
We may process data collected through cookies, pixels, tags, local storage, session storage, and similar technologies.
This may include:
IP address;
device and browser information;
website behavior;
preferences;
traffic sources;
interactions with marketing campaigns;
conversion data, where advertising tools are enabled.
More information is available in our Cookie Policy.
3. Sensitive Data
TAROTICO does not require users to enter sensitive personal data in order to use the Platform.
Users should not enter the following into questions, notes, readings, or interpretation fields:
medical information;
health-related data;
financial data;
legal case details or information about legal disputes;
identification numbers;
passwords;
full bank card details;
personal data of other persons without their consent;
other highly confidential or sensitive information.
If you voluntarily enter such information into the Platform, it may be processed as part of the service you use, but we do not require it and do not recommend providing it.
4. How We Use Your Data
We use personal data for the following purposes:
creating and maintaining your account;
providing access to free and paid services;
activating and managing a free trial;
managing subscriptions, packages, and paid features;
processing payments through external providers;
saving and displaying reading history where this feature is available;
generating and providing interpretations;
providing technical support;
responding to inquiries and messages;
improving the quality, functionality, and personalization of the Platform;
analyzing usage and technical performance;
preventing fraud, abuse, spam, or unauthorized access;
sending important messages related to your account, subscription, or service;
sending marketing messages only where we have a legal basis or consent to do so;
complying with legal, accounting, tax, and regulatory obligations.
We do not sell your personal data.
We do not provide your personal data to third parties for their own marketing purposes without a legal basis or your consent.
5. Legal Basis for Processing
We process personal data on the following legal bases:
Contractual Performance
Where processing is necessary to provide the services you requested, including your account, access to readings, subscriptions, packages, payments, and interpretation history.
Legal Obligation
Where we are required to store or process data for accounting, tax, legal, regulatory, or other statutory purposes.
Legitimate Interest
Where processing is necessary to protect the Platform, prevent abuse, improve the service, provide technical support, maintain security, analyze errors, or protect our rights and interests.
Consent
Where you subscribe to a newsletter, allow analytics, personalization, or marketing cookies, or where the law requires explicit consent for a specific type of processing.
You may withdraw your consent at any time where processing is based on consent.
6. Cookies, Analytics, and Marketing Tools
TAROTICO uses cookies and similar technologies for website operation, security, remembering preferences, traffic analysis, improving user experience, and marketing activities.
We may use the following categories of cookies:
essential cookies;
analytics cookies;
performance cookies;
personalization cookies;
marketing cookies.
Analytics and marketing tools may include services such as Google Analytics, Google Ads, Google Tag Manager, Google Marketing Platform, Meta, Facebook, Instagram, Pinterest, or other similar tools, if enabled on the Platform.
Where required by law, non-essential cookies and similar technologies are used only after your consent through the cookie banner or preferences panel.
You may accept, reject, or manage cookies by category where this option is available on the website.
More information is available in our Cookie Policy.
7. Payments and External Providers
All payments, subscriptions, and paid features are processed through external payment service providers, such as Stripe or other providers that may be available on the Platform.
These providers may process payment data, transaction data, security data, and information necessary to prevent fraud, authenticate payments, manage subscriptions, and comply with legal requirements.
TAROTICO does not store full bank card details, card numbers, or CVV codes.
Payment providers process information according to their own privacy policies, terms, and security standards.
8. Service Providers and Third Parties
We may share limited personal data with trusted service providers where this is necessary for the operation of the Platform.
Such providers may include:
hosting and infrastructure providers;
payment providers;
email service providers;
analytics tools;
advertising and marketing measurement tools;
security and abuse prevention services;
technical support services;
communication service providers.
These providers have access only to the data necessary to perform the relevant service and are required to process it in accordance with applicable data protection laws.
9. Storage and Retention
We store personal data only for as long as necessary for the purposes described in this Privacy Policy, unless a longer period is required or permitted by law.
Indicative retention periods:
account data — while you have an active account;
reading and interpretation history — while your account is active or until you delete individual records, where this feature is available;
subscription and payment records — as necessary for accounting, tax, legal, and regulatory purposes;
accounting records — according to applicable statutory retention periods;
marketing data — until you unsubscribe, object, or withdraw your consent;
technical logs and security data — for a limited period necessary for security, abuse prevention, technical maintenance, or dispute resolution.
When you delete a reading history record, it is removed from your visible user history where this feature is available. Certain technical, accounting, legal, or archival information may be retained for a limited period where necessary for security, abuse prevention, legal compliance, dispute resolution, or platform maintenance.
10. International Data Transfers
Data may be processed in the European Union, the European Economic Area, or other countries, depending on the service providers used.
Where personal data is transferred outside the EU/EEA, we apply appropriate safeguards where required by law, such as standard contractual clauses or other recognized data protection mechanisms.
11. Your Rights under GDPR
Under applicable law, you have the right to:
request access to your personal data;
request correction of inaccurate or incomplete data;
request deletion of personal data where legal grounds apply;
request restriction of processing in certain cases;
receive a copy of your data in a structured, commonly used, machine-readable format;
object to processing based on legitimate interest;
object to direct marketing;
withdraw consent at any time;
lodge a complaint with a competent supervisory authority.
To exercise these rights, you may contact us at:
We may request additional information to verify your identity before fulfilling a request related to personal data.
12. Data of Users Outside the EU
If you use TAROTICO outside the European Union, including from the United Kingdom, the United States, Canada, or Australia, we may apply additional privacy standards where applicable.
This may include:
UK GDPR / Data Protection Act 2018;
applicable privacy laws in the United States, including CCPA/CPRA where applicable;
PIPEDA in Canada where applicable;
Privacy Act 1988 in Australia where applicable.
All requests for access, correction, deletion, or other personal-data-related requests may be sent to:
13. Email Communications
We may send you emails related to:
account creation and management;
access to the service;
subscriptions, payments, and paid features;
important technical or administrative notices;
account security;
changes to terms, policies, or features;
responses to your inquiries;
marketing messages, newsletters, or updates where we have a legal basis or consent to do so.
If you subscribe to a newsletter or marketing communications, you may unsubscribe at any time through the unsubscribe link in the email or by contacting us.
Administrative, payment-related, legal, or technical messages related to your account or service may continue to be sent where necessary for providing the service or complying with legal requirements.
14. Data Security
We use appropriate technical and organizational measures to protect personal data, including:
SSL encryption through HTTPS;
hashing or secure storage of passwords;
access control;
measures against unauthorized access;
monitoring and improving security;
limiting access to data only to persons and providers who need it.
Although we make reasonable efforts to protect personal data, no data transmission or storage system can be guaranteed to be completely secure.
15. Privacy of Minors
TAROTICO is intended only for individuals who are at least 18 years old.
We do not knowingly collect personal data from minors. If you believe that a minor has provided personal data through the Platform, please contact us at support@tarotico.com so that we can take appropriate steps to delete such data.
16. Automated Interpretations and AI Content
TAROTICO may use automated systems and artificial intelligence to generate symbolic, metaphysical, spiritual, or reflective interpretations based on the spreads, cards, symbols, runes, Bach flowers, questions, or themes selected by you.
These interpretations are intended for self-reflection, personal insight, and entertainment-educational purposes. They do not constitute medical, psychological, legal, financial, or other professional advice.
For more information about the nature of the interpretations, please read our Terms of Use and AI / Spiritual Disclaimer.
17. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in legislation, the Platform, services, technologies, providers, cookies, marketing tools, or our personal data processing practices.
Each updated version will be published on this page with a new “Last updated” date.
In the event of significant changes, we may notify users by email, platform notice, or another appropriate method.
18. Contact
If you have any questions about this Privacy Policy or how we process personal data, you can contact us at:
InnOneWeb OÜ
Registration No.: 16826593
Address: Harju maakond, Tallinn, Kesklinna linnaosa, Sakala tn 7-2, 10141, Estonia
Email: support@tarotico.com
Website: www.tarotico.com