tarot4
HomePrivacy Policy

Legal

Privacy Policy

Last updated: March 2025

1. Introduction

tarot4.com ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website tarot4.com (the "Site"). Please read this policy carefully. If you disagree with its terms, please discontinue use of the Site.

This policy complies with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the California Privacy Rights Act (CPRA), and other applicable privacy laws.

2. Information We Collect

2.1 Information You Provide

  • Registration data — When you create a free account to access courses, we collect your name and email address.
  • Communications — When you contact us via our contact form, we collect your name, email address, and message content.
  • Marketing preferences — Your consent (or refusal) to receive marketing emails.

2.2 Automatically Collected Information

  • Usage data — Pages visited, time spent, referring URLs, browser type, device type, and IP address.
  • Cookies and similar technologies — See our Cookie Policy for full details.

2.3 Information We Do Not Collect

We do not collect payment card information directly. All payment processing is handled by Stripe, Inc., a PCI-DSS compliant processor. We do not collect sensitive personal information such as racial or ethnic origin, health data, or biometric data.

3. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA) and United Kingdom, we process your personal data under the following legal bases:

  • Contract performance — Processing necessary to provide our services.
  • Consent — Where you have given clear consent, such as for marketing emails or non-essential cookies.
  • Legitimate interests — Analysing site usage to improve our services, preventing fraud, and maintaining security.
  • Legal obligation — Where processing is required to comply with applicable law.

4. How We Use Your Information

  • To provide, operate, and maintain the Site and its features
  • To create and manage your account
  • To send transactional emails (account confirmation, password reset)
  • To send marketing emails, where you have given consent
  • To respond to your enquiries and support requests
  • To analyse usage patterns and improve the Site
  • To detect, prevent, and address technical issues and fraud
  • To comply with legal obligations

5. Marketing Communications

We will only send you marketing emails if you have explicitly opted in. You may withdraw your consent and unsubscribe at any time by:

  • Clicking the "Unsubscribe" link in any marketing email
  • Contacting us at privacy@tarot4.com

Withdrawing consent does not affect the lawfulness of processing before withdrawal. Transactional emails (such as course completion confirmations) are not marketing communications and may still be sent.

6. Sharing Your Information

We do not sell, rent, or trade your personal information to third parties. We may share information with:

  • Service providers — Trusted third parties who assist in operating our website (hosting, email delivery, analytics), bound by confidentiality obligations.
  • Payment processors — Stripe, Inc. for payment processing. Stripe's privacy policy is available at stripe.com/privacy.
  • Analytics providers — Anonymised/aggregated analytics data with providers such as Google Analytics (subject to your cookie consent).
  • Legal requirements — When required by law, court order, or governmental authority.

7. California Privacy Rights (CCPA/CPRA)

California residents have the following rights under the CCPA and CPRA:

  • Right to Know — You may request disclosure of the categories and specific pieces of personal information we have collected about you.
  • Right to Delete — You may request deletion of your personal information, subject to certain exceptions.
  • Right to Correct — You may request correction of inaccurate personal information.
  • Right to Opt-Out of Sale — We do not sell personal information. You may still submit an opt-out request at privacy@tarot4.com.
  • Right to Non-Discrimination — We will not discriminate against you for exercising your privacy rights.

To exercise any of these rights, contact us at privacy@tarot4.com. We will respond within 45 days. We may need to verify your identity before processing your request.

8. Your Rights Under GDPR

If you are located in the EEA or UK, you have the following rights:

  • Access — Request a copy of your personal data.
  • Rectification — Request correction of inaccurate data.
  • Erasure — Request deletion of your personal data ("right to be forgotten").
  • Restriction — Request restriction of processing in certain circumstances.
  • Data portability — Receive your data in a structured, machine-readable format.
  • Objection — Object to processing based on legitimate interests or for direct marketing.
  • Withdraw consent — Withdraw any previously given consent at any time.

To exercise these rights, contact privacy@tarot4.com. You also have the right to lodge a complaint with your local data protection authority.

9. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. We will delete or anonymise your data upon request, or when it is no longer necessary for the purposes collected, unless longer retention is required by law.

Contact form messages are retained for up to 2 years. Analytics data is retained in aggregated form.

10. International Data Transfers

Your information may be transferred to and processed in countries outside your own. Where we transfer data from the EEA to third countries, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

11. Children's Privacy

The Site is not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have inadvertently collected such information, please contact us immediately at privacy@tarot4.com and we will delete it promptly.

12. Security

We implement appropriate technical and organisational security measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

13. Third-Party Links

The Site may contain links to third-party websites. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites. We encourage you to review the privacy policy of every site you visit.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of the Site after any changes constitutes your acceptance of the new policy.

15. Contact Us

For any questions, concerns, or to exercise your rights, please contact us:

  • Email: privacy@tarot4.com
  • Website: tarot4.com/contact
Questions? Contact us