Privacy Policy for Vesikaa
1. Overview
Vesikaa (“Vesikaa,” “we,” “our,” or “us”) is a tarot reading and reflection application. We designed Vesikaa to be local-first: your readings, journal entries, and reflections live primarily on your device. This Privacy Policy explains what data we collect, how we use it, who we share it with, and the choices you have. It applies to the Vesikaa mobile application and the website at vesikaa.com.
If you do not agree with this Privacy Policy, please do not use Vesikaa.
2. Who We Are and How to Contact Us
Vesikaa is operated by an independent developer. You can reach us at:
- Privacy questions: privacy@vesikaa.com
- General support: support@vesikaa.com
- In app: Settings → Help & Support → Send Feedback
3. Information We Collect
We collect only what we need to make Vesikaa work, keep it stable, and offer the features you choose to use.
3.1 Account and Identity Data
Vesikaa requires you to create an account or sign in to use the app. You can sign in with Sign in with Apple, Google Sign-In, or an email and password. When you sign in, we collect:
- A Firebase user ID (a stable identifier we use to associate your readings, journals, and entitlements with you)
- Your email address (or, if you choose Sign in with Apple’s private relay option, the relay address Apple provides)
- Your display name, if you provide one
Sign in with Apple allows you to share a private relay email instead of your real one; we honor that choice and never attempt to resolve the relay address.
3.2 Reading and Reflection Data
When you use Vesikaa, we store on your device — and, if you sign in, back up to our cloud database — the following:
- Daily draws: which card was drawn, the deck used, whether it was reversed, the date, and the time you revealed it
- Yearly draws and spread readings: card identifiers, deck identifiers, positions, and timestamps
- Journal entries: your written reflections (see Section 5 on encryption)
- Card mastery and progression data: which cards you have seen, study progress, and soul-points totals
- Soul Sign archetype: a derived identity classification (e.g., House of Cups) computed from your draw patterns
3.3 Preferences and Settings
- Active deck selection, animation preferences, notification preferences, gyroscope toggle, onboarding completion flag
- Birthday (optional, used only to compute your personal yearly draw cycle — stored in a private subdocument readable only by you)
3.4 Device and Diagnostic Data
To debug crashes and improve stability, we collect:
- Crash logs, stack traces, and the device state at the time of a crash (via Firebase Crashlytics and Sentry)
- Device model, operating system version, and app version
- Anonymous breadcrumbs of app events (e.g., screen navigated, deck switched) — these do not contain journal content
3.5 Usage Analytics
We use Firebase Analytics to understand which features are used. Events we record include:
- Daily draw completed (card name, reversed status, deck used)
- Card revealed (card name, animation duration)
- Journal saved (entry length and whether a card was attached — never the entry text)
- Deck switched (from/to deck identifiers)
- Settings changed (setting name and new value)
- Feedback sent
- Data exported or imported
Analytics are disabled in debug builds and never include the contents of your journal entries.
3.6 Motion Sensor Data
If you enable the gyroscope reveal, Vesikaa reads your device’s accelerometer to detect a face-down/face-up gesture. This data is processed live and is never stored, logged, or transmitted off your device.
3.7 Notifications
If you opt in to daily-draw reminders, journal reminders, or Soul House reveal reminders, Vesikaa schedules local notifications on your device. We do not currently send push notifications from our servers.
3.8 Soul House (Social) Data
Soul House is an optional feature that lets a small group of friends share daily readings. If you create or join a Soul House, the following becomes visible to other members of that house:
- Your display name
- Your Soul Sign archetype
- Your profile photo URL, if you have one set
- Any daily card you choose to share to the house, including the card identifier, deck, reversed status, optional short note, and the time you shared it
- Your snooze (resting) status
Soul Houses are joined via invite code only and are capped at six members. Backend-managed Cloud Functions perform house create/join/leave/freeze/share/reveal actions; the invite-code lookup table is not readable by clients.
3.9 Payments and Purchases
When in-app purchases are enabled in a future release (deck purchases, the Practice subscription, the Founders Pass):
- Payments will be processed by the Apple App Store. We never see or store your payment card details.
- A receipt of your purchase and the resulting entitlement (e.g., “owns deck X,” “subscription expires on date Y”) will be stored in our cloud database to unlock content across your devices.
- We may use a third-party subscription management service (such as RevenueCat) to validate App Store receipts. If used, that provider will receive your App Store transaction identifier; it will not receive your name, email, or journal content.
If you submit Beta feedback through TestFlight, that feedback is handled by Apple under Apple’s privacy policy.
3.10 Information We Do Not Collect
For clarity, Vesikaa does not:
- Access your camera, microphone, photos, contacts, location, or clipboard
- Use the Advertising Identifier (IDFA) or any cross-app tracking identifier
- Show advertisements or share data with advertising networks or data brokers
- Sell your personal information
4. How We Use Your Information
We use the data described above to:
- Provide the core reading, journaling, and reflection experience
- Restore your readings and journals when you sign in on a new device
- Keep your Soul House group in sync
- Diagnose crashes and fix bugs
- Understand which features are valuable, in aggregate
- Communicate with you about support requests you initiate
- Comply with legal obligations
We do not use your data for advertising, profiling for advertising, automated decision-making with legal effects, or training third-party AI models.
5. Journal Encryption (Cloud Backup)
Journal entries are particularly personal, so we treat them differently from the rest of your data.
- Journals always live first on your device, in our local database.
- If you sign in and enable cloud journal backup (a paid feature), each journal entry is encrypted on your device using AES-256-GCM before it is uploaded. Our servers store only the ciphertext, the nonce, and metadata such as the date and the card it relates to.
- The encryption key is generated on your device and stored in your device’s secure storage (iOS Keychain / Android Keystore). We never receive or have access to your encryption key, which means we cannot read your journal entries, recover them, or hand them over in response to a legal request in a readable form.
- You can export a recovery key from Settings to restore your journals to another device. If you lose both your device and your recovery key, your encrypted journals cannot be decrypted by anyone, including us. This is by design.
6. Third-Party Services
We rely on a small number of vendors to operate Vesikaa. Each vendor receives only the data necessary to perform its function and is contractually required to protect that data.
| Service | Operator | Purpose | Data Shared |
|---|---|---|---|
| Firebase Authentication | Google LLC | Account sign-in | Email, name, provider tokens |
| Cloud Firestore | Google LLC | User data backup, Soul House sync | Reading metadata, encrypted journal blobs, preferences |
| Firebase Cloud Functions | Google LLC | Soul House create/join/leave logic | Soul House mutation payloads |
| Firebase Analytics | Google LLC | Usage analytics | Anonymized event names and parameters |
| Firebase Crashlytics | Google LLC | Crash reporting | Crash logs, anonymous user ID |
| Sentry | Functional Software, Inc. | Error tracking | Exceptions, breadcrumbs, anonymous user ID |
| Sign in with Apple | Apple Inc. | Optional sign-in | Email (or private relay), name |
| Google Sign-In | Google LLC | Optional sign-in | Email, profile, identity token |
| Cloudflare R2 | Cloudflare, Inc. | Deck art delivery | None about you; deck binaries only |
| Apple App Store | Apple Inc. | In-app purchases | Payment data (handled by Apple) |
| RevenueCat (planned) | RevenueCat, Inc. | Receipt validation | App Store transaction identifiers |
| Google Fonts | Google LLC | Font delivery | Standard HTTP request metadata |
Each provider operates under its own privacy policy. We encourage you to review them:
- Google / Firebase: https://policies.google.com/privacy
- Apple: https://www.apple.com/legal/privacy/
- Sentry: https://sentry.io/privacy/
- Cloudflare: https://www.cloudflare.com/privacypolicy/
- RevenueCat: https://www.revenuecat.com/privacy/
7. Data Retention
- Local data (readings, journals, preferences): stored on your device until you delete it, uninstall the app, or sign out and clear data.
- Cloud-backed reading and preference data: retained while your account is active. Deleted within 30 days of account deletion, except where we are legally required to retain it.
- Encrypted journal blobs: retained while your account is active. Deleted within 30 days of account deletion. Because we cannot decrypt them, deletion is the only operation we can meaningfully perform.
- Soul House data: retained while the house exists; deleted within 30 days of house deletion. Your individual shared draws are removed from the house feed when you leave.
- Analytics events (Firebase Analytics): retained for 14 months by default.
- Crash and error reports (Crashlytics and Sentry): retained for 90 days by default.
8. Your Rights and Choices
Depending on where you live, you may have rights under the GDPR (EU/UK), CCPA/CPRA (California), or other privacy laws, including:
- Access: request a copy of the personal data we hold about you
- Correction: ask us to correct inaccurate data
- Deletion: request deletion of your account and associated data
- Portability: receive a machine-readable copy of your data
- Restriction or objection: limit how we process certain data
- Withdrawal of consent: revoke any consent you previously granted
You can exercise the access and deletion rights directly inside Vesikaa via Settings → Data → Export Data and Settings → Data → Delete Account. For any other request, contact privacy@vesikaa.com and we will respond within 30 days.
California residents: we do not “sell” or “share” personal information for cross-context behavioral advertising as those terms are defined under the CCPA/CPRA.
9. Security
We protect your data with industry-standard measures:
- All network traffic is encrypted in transit using HTTPS/TLS
- Journal cloud backups are end-to-end encrypted with AES-256-GCM before leaving your device
- Encryption keys are stored in your device’s hardware-backed secure storage (iOS Keychain / Android Keystore)
- Access to our cloud infrastructure is restricted, audited, and scoped to the minimum necessary
No system is perfectly secure. We will notify affected users without undue delay if we discover a breach involving their personal data, in accordance with applicable law.
10. Children’s Privacy
Vesikaa is intended for users 13 years of age and older. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, please contact privacy@vesikaa.com and we will delete it promptly.
The App Store age rating reflects this audience. Soul House social features should not be used by anyone under 13.
11. International Users
Vesikaa is operated from the United States. If you use Vesikaa from outside the United States, your information will be transferred to and processed in the United States and other countries where our service providers operate. These countries may have different data-protection laws than your country of residence. By using Vesikaa, you consent to this transfer.
Where required by law (including for users in the EU/UK), we rely on appropriate safeguards such as Standard Contractual Clauses for these transfers.
12. Beta Testing (TestFlight)
If you are participating in the Vesikaa beta program through TestFlight, additional information may be visible to Apple under Apple’s TestFlight privacy practices, including your TestFlight email address and any crash reports or screenshots you submit through TestFlight. We may also collect anonymized feedback you send through TestFlight to improve the app. Beta participation is voluntary and can be ended at any time by removing the beta build from your device.
13. Changes to This Policy
We may update this Privacy Policy from time to time. When we make material changes, we will:
- Update the “Last Updated” date above
- Notify you through an in-app notice the next time you open Vesikaa, before the change takes effect
Continued use of Vesikaa after a change becomes effective constitutes your acceptance of the updated policy.
14. Contact
For any privacy-related question, request, or complaint:
- Email: privacy@vesikaa.com
- General support: support@vesikaa.com
If you are in the EU/UK and believe we have not addressed your concern adequately, you have the right to lodge a complaint with your local data protection authority.