Privacy Policy

This Privacy Policy applies to 命箋 (Destiny Slip) (the “Application”), developed and operated by Taiwolskit (the “Service Provider” or “we”). We believe users deserve maximum control over their own data; the Application is therefore designed around the principle of “don’t upload unless we have to, and when we do, encrypt end-to-end”.

1. Company

The Application is published by Taiwolskit (Taiwan Wolves Kids). For any questions about this policy, please email [email protected].

2. Data We Collect

• Account data: created through Firebase Authentication. Depending on the sign-in method you choose, this may include your email, Apple ID, or Google ID. We never store plaintext passwords; credentials are managed by Firebase under its standard security controls.
• Charting input (birth date / time / place): processed entirely on-device. Birth-time, birth-place and coordinates remain in the local database on your device.
• Client / chart / history records: stored locally by default. Records are uploaded only when (a) you hold an active Personal subscription and (b) you have explicitly enabled Cloud Sync in Settings. Uploaded payloads are encrypted on the device with AES-256-GCM end-to-end encryption. The encryption key is generated on-device and held only in the device’s Secure Enclave / Keystore. The server cannot read the contents of your charts.
• Subscription & purchase data: handled by RevenueCat. We never see your card details; we only learn whether your subscription is active and on which platform.
• Advertising data (free tier): Google AdMob serves banner ads. You can choose personalized or non-personalized advertising via your device settings.
• Crash and analytics data: Firebase Crashlytics and Firebase Analytics collect anonymous crash stacks and feature-usage telemetry to improve stability. They do not collect chart contents.

3. Data We NEVER Upload

The following data is computed and stored only on your device and never leaves it:

• All chart calculation results (Bazi, Zi Wei Dou Shu, Liu Yao, Qi Men, Liu Ren, Xuan Kong Fei Xing, etc.)
• The birth time, birth place, and coordinates you enter
• Device location (the Application does not request GPS access)

With Cloud Sync disabled, no astrological data created in the Application is ever transmitted to Taiwolskit or any third party.

4. Third-Party Services

• Firebase Authentication / Crashlytics / Analytics — authentication, crash reporting, anonymous usage analytics.
• RevenueCat — subscription state management.
• Google AdMob — banner ads on the free tier.
• Cloudflare R2 — encrypted-snapshot storage for Personal-tier Cloud Sync (ciphertext only).
• OpenStreetMap Nominatim — when you search for a birthplace, the search string is sent to Nominatim to resolve a place name and coordinates. Nominatim never receives your account or chart data.

v1.0 does not include AI chart interpretation and therefore transmits no data to large-language-model providers. AI-related data-processing terms will be added when AI features ship in v2.0, with prior notice.

5. Your Rights

• Access & correction: view and edit all astrological data inside the Application; change your account email in Settings.
• Disable Cloud Sync: turn it off at any time in Settings. Server-side encrypted snapshots are deleted within 30 days; local data is unaffected.
• Delete account: request deletion in Settings. All R2 encrypted snapshots tied to your account are removed within 30 days and your Firebase Auth account is immediately disabled.
• Object / restrict processing: opt out of personalized ads or disable Crashlytics / Analytics reporting.

To exercise any of these rights, use the in-app controls or email [email protected]. We respond within 30 days.

6. Data Retention

• After sign-out: local data remains on your device. Uninstalling the Application clears it.
• After account deletion: R2 encrypted snapshots are erased within 30 days; your Firebase account is disabled immediately. Crashlytics / Analytics anonymous data follows Google’s default retention.

7. Children’s Privacy

The Application is not directed to children under 13 and we do not knowingly collect personal information from them. If you believe a minor in your care has created an account, please email [email protected].

8. Security

Cloud Sync uses AES-256-GCM end-to-end encryption with keys held only on your device; neither Taiwolskit nor Cloudflare can decrypt your chart contents. All transport between device and server uses TLS 1.3. Even in the event of a server breach, leaked content remains ciphertext. That said, no method of transmission or electronic storage is 100% secure; in the event of an incident affecting your personal information we will notify you as required by applicable law.

9. International Data Transfers

Cloudflare R2 and Firebase are globally distributed. Encrypted snapshots may be stored in data centers outside Taiwan. Because payloads are end-to-end encrypted before they leave the device, cross-border storage cannot expose their contents.

10. Changes

This Privacy Policy may be updated from time to time. Material changes will be surfaced prominently in the Application. Continued use constitutes consent to the updated version.

11. Contact

For any privacy questions or to exercise your rights, please email [email protected].