FATEWEAVE – PRIVACY POLICY

Who we are

Our website address is: https://fateweave.app.
Published by: QTC Central Europe Kft. 
Address: Szövő u. 100., 9700 Szombathely, Hungary
Contact: app@fateweave.app

FateWeave App

  1. INTRODUCTION

This Privacy Policy describes how QTC Central Europe Kft. (“Company”, “we”, “our”, or “us”) collects, uses, stores, and shares information when you use the FateWeave mobile application (“App”) on iOS.

By using the App, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with any part of this Policy, do not use the App.

This Policy applies exclusively to the FateWeave iOS application. It does not apply to our website or any third-party services linked from the App.

  1. DATA CONTROLLER

The data controller responsible for your personal data under this Privacy Policy is:

QTC Central Europe Kft.
Szövő u. 100., 9700 Szombathely, Hungary
app@fateweave.app

  1. WHAT DATA WE COLLECT AND WHY

3.1 Anonymous User Identifier

When you first launch the App, a unique anonymous identifier (UUID) is automatically generated and stored securely in your device’s Keychain. This identifier is not linked to your name, Apple ID, email address, or any other identifying information. It is used solely to:

— Synchronize your subscription status and tier with our servers
— Track your daily analysis usage to enforce subscription limits
— Maintain your consumable credit balance across sessions

Legal basis (GDPR): Legitimate interest and performance of a service contract.

3.2 Palm Images

To perform an AI analysis, the App captures photographs of your left and right palm using your device camera. These images are:

— Resized and encoded on your device
— Transmitted over an encrypted HTTPS connection to our backend server (fateweave.app)
— Forwarded to a third-party AI model to generate your reading
— Not stored on our servers after the analysis response is returned

Images are temporarily stored on your device only until you confirm or discard the analysis. We do not retain palm images on our infrastructure.

Legal basis (GDPR): Explicit consent given at the time of initiating an analysis.

3.3 Astrological and Personal Data

You may optionally provide the following during onboarding:

— Sun sign, moon sign, and ascendant sign
— Birth year

This data is stored locally on your device using Apple’s standard app storage (AppStorage / UserDefaults). It is transmitted to our backend as part of the analysis request solely to improve the relevance of the AI-generated reading. It is not stored server-side beyond the scope of the analysis request.

Legal basis (GDPR): Consent and performance of the service you requested.

3.4 Reading History and Feedback

The text of AI-generated readings, your feedback ratings (positive, neutral, or negative), and prediction outcome assessments (success, partial, or failed) are stored locally on your device. This data does not leave your device unless you explicitly share it.

3.5 Usage and Subscription Data

The following data is synchronized with our servers to manage your subscription:

— Daily analysis count (reset each day)
— Subscription tier (Awakening, Constant Star, or Master Path)
— Consumable credit balance (available, purchased, consumed)

This data is associated with your anonymous user identifier only and contains no personally identifiable information.

3.6 Transaction Data

All payment transactions, including subscription purchases and consumable credit purchases, are processed exclusively by Apple through the App Store. We do not collect, store, or process your payment card details or billing information. Transaction receipts are validated through Apple’s StoreKit 2 system. Apple’s Privacy Policy governs the handling of payment data: https://www.apple.com/legal/privacy/

  1. CAMERA ACCESS

The App requests access to your device camera to capture palm images. Camera access is granted only when you actively initiate an analysis. The App does not access the camera in the background, does not record video, and does not transmit any camera data other than the palm images described in Section 3.2.

You may revoke camera permission at any time via your device Settings → Privacy & Security → Camera → FateWeave.

  1. PUSH NOTIFICATIONS

The App may request permission to send push notifications. This is entirely optional and does not affect core App functionality. You may grant or revoke this permission at any time via your device Settings → Notifications → FateWeave.

We do not use push notifications for advertising or promotional purposes without your consent.

  1. DATA SHARING AND THIRD PARTIES

We do not sell your personal data. We do not share your data with advertising networks or analytics providers.

Data is shared only in the following limited circumstances:

AI Processing Provider: Palm images, astrological data, birth year, and situation category are transmitted to our backend proxy and processed by a third-party AI model to generate your reading. This provider processes data on our behalf and is contractually prohibited from using it for any purpose other than fulfilling the analysis request. Data is not retained by the provider after the response is returned.

Apple Inc.: App Store purchases, subscription validation, and related transaction data are handled by Apple under their own Privacy Policy.

Legal or regulatory authorities: We may disclose data if required to do so by law, court order, or to protect our legal rights.

We do not use your data for targeted advertising, behavioral profiling, or any purpose beyond operating and improving the App.

  1. DATA RETENTION

Anonymous user identifier: Retained for as long as you have an active subscription or consumable balance, and for up to 12 months of inactivity thereafter, after which it is purged from our servers.

Usage and subscription data: Retained for the duration of your subscription and for 12 months after the last recorded activity.

Palm images: Not retained on our servers. Deleted immediately after the analysis response is generated.

Reading history and local app data: Stored on your device indefinitely until you delete the App or clear its data manually.

If you request deletion of your data, we will remove all server-side records associated with your anonymous user identifier within 30 days.

  1. DATA SECURITY

All data transmitted between the App and our servers uses TLS 1.2 or higher encryption. Your anonymous user identifier is stored in the iOS Keychain, which is the most secure storage available on iOS. Local app preferences are stored using Apple’s standard system APIs.

We implement appropriate technical and organizational measures to protect data against unauthorized access, loss, or alteration. No method of transmission over the internet is completely secure; we cannot guarantee absolute security.

  1. CHILDREN’S PRIVACY

The App is rated 17+ on the App Store and is not directed at children under the age of 13, or under the applicable age of digital consent in your jurisdiction. We do not knowingly collect personal data from children. If you believe a child has provided data through the App, contact us at app@fateweave.app and we will delete it promptly.

  1. YOUR RIGHTS UNDER GDPR

If you are located in the European Union or European Economic Area, you have the following rights regarding your personal data:

Right of access: You may request a copy of the data we hold about you.

Right to rectification: You may request correction of inaccurate data.

Right to erasure (“right to be forgotten”): You may request deletion of all personal data associated with your anonymous user identifier.

Right to restriction: You may request that we limit processing of your data in certain circumstances.

Right to data portability: You may request your data in a structured, machine-readable format.

Right to object: You may object to processing based on legitimate interests.

Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing before the withdrawal.

To exercise any of these rights, contact us at app@fateweave.app. We will respond within 30 days.

You also have the right to lodge a complaint with your local data protection authority. In Hungary, the competent authority is:

Nemzeti Adatvédelmi és Információszabadság Hatóság (NAIH)
naih.hu

  1. CALIFORNIA PRIVACY RIGHTS (CCPA)

If you are a California resident, you have the right to know what personal information we collect, to request deletion of your personal information, and to opt out of the sale of personal information. We do not sell personal information. To exercise your rights, contact app@fateweave.app.

  1. APPLE APP STORE PRIVACY NUTRITION LABEL

In accordance with App Store requirements, we disclose the following data types used by the App:

Data linked to you: None. The App does not collect data linked to your identity.

Data not linked to you:
— Usage Data (daily analysis count, subscription tier) — used for app functionality
— Identifiers (anonymous device UUID) — used for app functionality

Data used to track you: None. The App does not use data to track you across other apps or websites.

  1. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time. Material changes will be communicated through an in-app notice or an update to the App Store listing. Continued use of the App after the effective date of any changes constitutes acceptance of the updated Policy.

The current version is always available at: https://fateweave.app/privacy/

FateWeave Website

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

If you request a password reset, your IP address will be included in the reset email.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where your data is sent

Visitor comments may be checked through an automated spam detection service.