Zodiac
Zodiac

Privacy Policy

Last Updated: December 03, 2025

Your privacy is important to us. This Privacy Policy outlines how we collect, use, and protect your personal information when you use the Zodiac application and services.

2.1 Overview

This Privacy Policy explains how Zodiac collects, uses, and protects your personal data. We comply with GDPR, CCPA (where applicable), and other data protection laws.

Data Controller: Tanțău Ștefan-Nicolas, Bucharest, Romania. Contact: contact@zodiacdatingapp.com.

2.2 What Data We Collect

We collect data to provide acceptance and functionality of the Service. This includes:

  • Account Info: Email or account ID via Apple/Google Sign‑In.
  • Verification Data (Ephemeral): Facial scan data used strictly for liveness checks and anti-bot verification.
  • User Content: Profile photos, bio, birth data (Date, Time, Place) [Mandatory for astrology features].
  • Precise Location (GPS): Collected for matchmaking purposes.
  • Device & Identifiers: Advertising Identifier (IDFA), Device ID, usage analytics.
  • Chat Metadata: Timestamp and encryption metadata.
  • Messages: Securely stored (End-to-End Encrypted).

2.3 Biometric Verification (Face Check)

To ensure user safety and prevent fake profiles, we use a "Face Check" feature (optional—toggle in settings).

How it works:

The app uses your camera to detect movements and verify you are a real person.

Data Handling:

This process happens locally on your device. We do not upload, store, or retain your biometric face scan on any server. By enabling the Face Check feature, you explicitly consent to the on-device capture and processing required. You may disable this feature at any time.

Retention:

The data is discarded immediately after the verification status (Verified/Not Verified) is determined.

2.4 How Data Is Used

We use data to:

  • Provide core features (horoscopes, matchmaking, messaging).
  • Authenticate and verify users (Anti-Fraud).
  • Process subscriptions.
  • Display relevant advertising (via Google AdMob).
  • Improve performance and stability.
FeatureLegal Basis (GDPR Art. 6)
Matchmaking/HoroscopesContractual necessity (b)—essential for service.
Biometrics/FraudLegitimate interests (f)—security (LIA available on request).
AdsConsent (a)—explicit, withdrawable.
AnalyticsLegitimate interests (f)—anonymized improvement (opt-out via settings).

2.5 External Processors

We share user data with third-party service providers (e.g., Firebase, Supabase, Google AdMob, Crashlytics, RevenueCat) solely for the purposes described above. These service providers are contractually obligated to protect user data in accordance with applicable privacy laws and no less protectively than described in this privacy policy.

  • Hosting & storage: Firebase, Supabase
  • Subscriptions: RevenueCat
  • Advertising: Google AdMob
  • Analytics: Google Analytics, Crashlytics

2.6 Message Security (E2EE)

Your private messages are protected by End-to-End Encryption (E2EE). This means only you and the recipient can read the messages. Encryption keys for E2EE chat are generated on the device and are not backed up or synced. If a user switches devices without a key transfer mechanism, chat history may not be recoverable. Zodiac and our AI tools do not have access to the content of your private chats.

2.7 Data Retention

We retain data only as long as necessary:

  • Verification Data: Deleted instantly (not stored).
  • Messages/Account: Retained until you delete your account.
  • Analytics/Ad Data: Retained for 14 months (or as defined by Google Analytics/AdMob settings) to analyze long-term trends, after which it is automatically deleted or anonymized.

2.8 User Rights (GDPR)

You have the right to Access, Export, Delete, or Correct your data. You may export or delete your data directly in the App settings (portability: JSON/CSV format, delivered within 30 days). For CCPA: Opt out of sales via settings or email. Complain to us or Romanian authority (ANSPDCP.ro).

2.9 Children's Privacy

The Service is strictly for users 18 years and older. We do not knowingly collect personal data from minors. If we discover a minor's account, we will immediately delete it and notify guardians if required.

2.10 Data Breaches

We notify the relevant authority (e.g., ANSPDCP) within 72 hours of becoming aware of a breach if it poses a risk. Users will be notified (via email/push) if high-risk to rights/freedoms.

2.11 Law Enforcement

We disclose data only on valid legal order (e.g., court warrant). We'll notify you unless prohibited, and challenge improper requests where possible.

2.12 Precise Location

We collect precise GPS location to find nearby matches. Location access is optional and requested only when required for matchmaking. Users may disable location access at any time via device settings.

2.13 Advertising & Tracking (ATT)

We may use the device’s advertising identifier (IDFA) to deliver personalized advertising. iOS users will be prompted via the App Tracking Transparency (ATT) prompt to allow or disallow tracking. Users may opt out of personalized ads at any time via their device settings.

If you have any questions about this Privacy Policy or how we handle your data, please contact us at contact@zodiacdatingapp.com.