Privacy Policy
Privacy Policy
Last Updated:
Effective Date:
This Privacy Policy (“Policy”) describes how FATESPUN, Inc. (“FATESPUN,” “we,” “our,” or “us”) collects, uses, discloses, retains, transfers, and protects Personal Information in connection with our website, applications, digital products, and AI-generated interpretive services (collectively, the “Services”).
This Policy is intended to comply with applicable privacy and data protection laws, including:
* The California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA)
* The Virginia Consumer Data Protection Act (VCDPA)
* The Colorado Privacy Act (CPA)
* The Connecticut Data Privacy Act (CTDPA)
* The Utah Consumer Privacy Act (UCPA)
* EU and UK General Data Protection Regulation (GDPR/UK GDPR)
* U.S. Federal Trade Commission Act (FTC Act)
* Children’s Online Privacy Protection Act (COPPA)
By accessing or using our Services, you acknowledge and agree to this Policy.
1. Definitions
For purposes of this Policy:
“Personal Information”
Information that identifies, relates to, describes, or could reasonably be linked to an identified or identifiable natural person.
“Sensitive Personal Information”
Has the meaning assigned under CPRA and GDPR (e.g., precise geolocation, biometric identifiers).
We do not intentionally collect Sensitive Personal Information.
“Processing”
Any operation performed on Personal Information, such as collection, storage, use, disclosure, retention, deletion, or transfer.
“Applicable Law”
All privacy, data protection, and consumer rights laws that govern the Processing of Personal Information.
“Consumer,” “Data Subject,” or “User”
An individual who accesses or uses the Services.
2. Scope of This Policy
This Policy applies to:
* Visitors of [www.myfatespun.com]
* Purchasers of FATESPUN’s AI-generated reports
* Individuals who communicate with us
This Policy does not apply to:
* Fully anonymized, aggregated, or de-identified data
* Employee or contractor data
3. Categories of Personal Information We Collect
We collect the following categories of Personal Information:
A. Information You Provide Directly
* Full name
* Birth date
* Email address
* Optional birth time and birth city
* Payment confirmation (via payment processors)
* Customer support communications
B. Automatically Collected Information
* IP address
* Device identifiers
* Browser attributes (user agent, version)
* Referring URLs
* Usage logs and time stamps
* Approximate geolocation (inferred from IP)
* Cookie and tracking technology data
C. Information from Service Providers
* Payment processors (transaction confirmation)
* Email delivery partners (delivery status)
We do not purchase third-party marketing lists or profile data.
4. Purposes of Processing
We Process Personal Information for the following purposes:
1. Delivering AI-generated reports and digital products
2. Responding to inquiries and support requests
3. Operating, maintaining, and enhancing the Services
4. Authenticating transactions
5. Preventing fraud, abuse, or security incidents
6. Complying with legal obligations
7. Analyzing Service performance (non-personalized analytics only)
8. Improving the accuracy and functionality of our AI systems
Using anonymized data only
We do not use Personal Information for automated decision-making with legal or significant effects.
5. Legal Basis for Processing (GDPR/EEA/UK)
We rely on the following lawful bases:
* Contract Necessity: Providing purchased reports
* Consent: Optional information (birth time/city) and marketing communications
* Legitimate Interests: Security, fraud prevention, non-personalized analytics
* Legal Obligation: Compliance with tax, accounting, and regulatory requirements
Users may withdraw consent at any time.
6. How We Share Personal Information
We may disclose Personal Information to:
Service Providers (Processors)
* Cloud hosting (AWS, Google Cloud)
* Email delivery services (SendGrid, Mailgun)
* Payment processors (Stripe, PayPal)
* Analytics partners (non-identifying data)
Legal and Regulatory Authorities
When required to comply with applicable law, regulation, or court order.
Business Transfers
In the event of a merger, acquisition, or asset transfer.
7. No Sale or Sharing of Personal Information
FATESPUN does not sell or share Personal Information as defined by CCPA/CPRA.
Specifically:
* No exchange of data for monetary value
* No transfer for targeted or behavioral advertising
* No sharing with third parties for their independent marketing purposes
Therefore, the right to opt-out of sale or sharing is not applicable.
If practices change, FATESPUN will implement a compliant “Do Not Sell or Share My Personal Information” mechanism.
8. Cross-Border Data Transfers
If you access the Services from outside the U.S., your Personal Information may be transferred to the United States.
For EU/UK data subjects, transfers rely on:
* Standard Contractual Clauses (SCCs)
* Adequate safeguards recognized under GDPR
9. Data Retention
We retain data only for as long as reasonably necessary to fulfill the purposes described herein.
| Category | Retention Period |
| Account & profile data | Until user deletion or 24 months of inactivity |
| Birth time/city | Until deletion request |
| Order records | 7 years (legal & tax compliance) |
| Logs | 30–90 days |
| Backups | Rolling cycle, up to 30 days |
<<홈페이지엔 올바른 표 형식으로>>
After expiration, information is deleted or irreversibly anonymized.
10. Consumer Rights (U.S. State Privacy Laws)
A. California (CCPA/CPRA)
California residents may exercise the following rights:
* Right to Know
* Right to Access
* Right to Delete
* Right to Correct
* Right to Non-Discrimination
* Right to Limit Sensitive Personal Information (not applicable)
Because we do not sell or share Personal Information, opt-out rights are not applicable.
B. Colorado, Virginia, Connecticut, Utah
Residents of these states may:
* Access
* Delete
* Correct
* Opt-out of targeted advertising (not applicable at FATESPUN)
Submit requests: [메일]
11. GDPR Rights (EU/UK)
EU/UK users may:
* Access their data
* Correct inaccuracies
* Request deletion (“right to be forgotten”)
* Restrict Processing
* Object to Processing
* Request data portability
* Withdraw consent
Requests: [메일]
12. Verification of Consumer Requests
Before responding to any consumer rights request, FATESPUN will verify identity using:
* Email confirmation
* Ordinal transaction data
* Additional verification steps when required by law
Authorized agents may act on behalf of users with proper documentation.
13. Children’s Privacy
We do not knowingly collect Personal Information from children under age 13.
If you believe a child has provided information, contact us immediately.
14. Security Measures
We employ administrative, technical, and physical safeguards, including:
* Encryption in transit (TLS)
* Access controls and authentication
* Role-based access restrictions
* Logging and monitoring
* Data minimization practices
No security method is completely infallible.
15. Changes to This Policy
We may update this Policy to reflect changes in practices, legal requirements, or regulatory guidance.
Changes will be posted with an updated “Last Updated” date.
16. Contact Information
For questions or requests regarding this Policy:
[메일]
Attn: Privacy Officer
FATESPUN, Inc.
Last Updated:
Effective Date:
This Privacy Policy (“Policy”) describes how FATESPUN, Inc. (“FATESPUN,” “we,” “our,” or “us”) collects, uses, discloses, retains, transfers, and protects Personal Information in connection with our website, applications, digital products, and AI-generated interpretive services (collectively, the “Services”).
This Policy is intended to comply with applicable privacy and data protection laws, including:
* The California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA)
* The Virginia Consumer Data Protection Act (VCDPA)
* The Colorado Privacy Act (CPA)
* The Connecticut Data Privacy Act (CTDPA)
* The Utah Consumer Privacy Act (UCPA)
* EU and UK General Data Protection Regulation (GDPR/UK GDPR)
* U.S. Federal Trade Commission Act (FTC Act)
* Children’s Online Privacy Protection Act (COPPA)
By accessing or using our Services, you acknowledge and agree to this Policy.
1. Definitions
For purposes of this Policy:
“Personal Information”
Information that identifies, relates to, describes, or could reasonably be linked to an identified or identifiable natural person.
“Sensitive Personal Information”
Has the meaning assigned under CPRA and GDPR (e.g., precise geolocation, biometric identifiers).
We do not intentionally collect Sensitive Personal Information.
“Processing”
Any operation performed on Personal Information, such as collection, storage, use, disclosure, retention, deletion, or transfer.
“Applicable Law”
All privacy, data protection, and consumer rights laws that govern the Processing of Personal Information.
“Consumer,” “Data Subject,” or “User”
An individual who accesses or uses the Services.
2. Scope of This Policy
This Policy applies to:
* Visitors of [www.myfatespun.com]
* Purchasers of FATESPUN’s AI-generated reports
* Individuals who communicate with us
This Policy does not apply to:
* Fully anonymized, aggregated, or de-identified data
* Employee or contractor data
3. Categories of Personal Information We Collect
We collect the following categories of Personal Information:
A. Information You Provide Directly
* Full name
* Birth date
* Email address
* Optional birth time and birth city
* Payment confirmation (via payment processors)
* Customer support communications
B. Automatically Collected Information
* IP address
* Device identifiers
* Browser attributes (user agent, version)
* Referring URLs
* Usage logs and time stamps
* Approximate geolocation (inferred from IP)
* Cookie and tracking technology data
C. Information from Service Providers
* Payment processors (transaction confirmation)
* Email delivery partners (delivery status)
We do not purchase third-party marketing lists or profile data.
4. Purposes of Processing
We Process Personal Information for the following purposes:
1. Delivering AI-generated reports and digital products
2. Responding to inquiries and support requests
3. Operating, maintaining, and enhancing the Services
4. Authenticating transactions
5. Preventing fraud, abuse, or security incidents
6. Complying with legal obligations
7. Analyzing Service performance (non-personalized analytics only)
8. Improving the accuracy and functionality of our AI systems
Using anonymized data only
We do not use Personal Information for automated decision-making with legal or significant effects.
5. Legal Basis for Processing (GDPR/EEA/UK)
We rely on the following lawful bases:
* Contract Necessity: Providing purchased reports
* Consent: Optional information (birth time/city) and marketing communications
* Legitimate Interests: Security, fraud prevention, non-personalized analytics
* Legal Obligation: Compliance with tax, accounting, and regulatory requirements
Users may withdraw consent at any time.
6. How We Share Personal Information
We may disclose Personal Information to:
Service Providers (Processors)
* Cloud hosting (AWS, Google Cloud)
* Email delivery services (SendGrid, Mailgun)
* Payment processors (Stripe, PayPal)
* Analytics partners (non-identifying data)
Legal and Regulatory Authorities
When required to comply with applicable law, regulation, or court order.
Business Transfers
In the event of a merger, acquisition, or asset transfer.
7. No Sale or Sharing of Personal Information
FATESPUN does not sell or share Personal Information as defined by CCPA/CPRA.
Specifically:
* No exchange of data for monetary value
* No transfer for targeted or behavioral advertising
* No sharing with third parties for their independent marketing purposes
Therefore, the right to opt-out of sale or sharing is not applicable.
If practices change, FATESPUN will implement a compliant “Do Not Sell or Share My Personal Information” mechanism.
8. Cross-Border Data Transfers
If you access the Services from outside the U.S., your Personal Information may be transferred to the United States.
For EU/UK data subjects, transfers rely on:
* Standard Contractual Clauses (SCCs)
* Adequate safeguards recognized under GDPR
9. Data Retention
We retain data only for as long as reasonably necessary to fulfill the purposes described herein.
| Category | Retention Period |
| Account & profile data | Until user deletion or 24 months of inactivity |
| Birth time/city | Until deletion request |
| Order records | 7 years (legal & tax compliance) |
| Logs | 30–90 days |
| Backups | Rolling cycle, up to 30 days |
<<홈페이지엔 올바른 표 형식으로>>
After expiration, information is deleted or irreversibly anonymized.
10. Consumer Rights (U.S. State Privacy Laws)
A. California (CCPA/CPRA)
California residents may exercise the following rights:
* Right to Know
* Right to Access
* Right to Delete
* Right to Correct
* Right to Non-Discrimination
* Right to Limit Sensitive Personal Information (not applicable)
Because we do not sell or share Personal Information, opt-out rights are not applicable.
B. Colorado, Virginia, Connecticut, Utah
Residents of these states may:
* Access
* Delete
* Correct
* Opt-out of targeted advertising (not applicable at FATESPUN)
Submit requests: [메일]
11. GDPR Rights (EU/UK)
EU/UK users may:
* Access their data
* Correct inaccuracies
* Request deletion (“right to be forgotten”)
* Restrict Processing
* Object to Processing
* Request data portability
* Withdraw consent
Requests: [메일]
12. Verification of Consumer Requests
Before responding to any consumer rights request, FATESPUN will verify identity using:
* Email confirmation
* Ordinal transaction data
* Additional verification steps when required by law
Authorized agents may act on behalf of users with proper documentation.
13. Children’s Privacy
We do not knowingly collect Personal Information from children under age 13.
If you believe a child has provided information, contact us immediately.
14. Security Measures
We employ administrative, technical, and physical safeguards, including:
* Encryption in transit (TLS)
* Access controls and authentication
* Role-based access restrictions
* Logging and monitoring
* Data minimization practices
No security method is completely infallible.
15. Changes to This Policy
We may update this Policy to reflect changes in practices, legal requirements, or regulatory guidance.
Changes will be posted with an updated “Last Updated” date.
16. Contact Information
For questions or requests regarding this Policy:
[메일]
Attn: Privacy Officer
FATESPUN, Inc.