TarotYo - Privacy Policy

Effective date: May 31, 2026

Willee Project (hereinafter the "Developer") values the personal information of users of TarotYo (hereinafter the "App") and complies with applicable laws, including Korea's Personal Information Protection Act (PIPA) and the EU General Data Protection Regulation (GDPR). This policy explains what information the App processes and how.

1. Personal Information Controller (Data Controller)

Developer (Controller): Willee Project
Contact email: hanworld@willee.net

2. Key Summary

The App has no sign-up and does not operate its own servers. It does not directly collect personally identifying information such as your name, email, or phone number.
App settings are stored only on the user's device.
The only path by which data is transmitted externally is advertising (Google AdMob).

3. Information We Process

3.1 Settings information stored only on the device

The following information is stored only inside the user's device (local storage) and is not transmitted externally. It is deleted together with the App when the App is uninstalled.

The selected card back design
Language setting
Whether the About guide has been acknowledged

3.2 Questions entered by the user

The question entered during the card-drawing process is used only to create the prompt within the device. The App does not store it or transmit it externally. If the user pastes the prompt into an external service such as ChatGPT and uses it themselves, that service's privacy policy applies.

3.3 Information processed through advertising (Google AdMob)

To provide the App free of charge, the App uses Google AdMob banner ads. To serve and measure ads and to prevent click fraud, Google may process the following information.

Advertising identifier (Android Advertising ID, AAID)
Device information (model, operating system version, language, etc.)
IP address and approximate location
Ad interaction information

This information is processed by Google as an independent controller/processor in accordance with its own policies.

Google Privacy Policy: https://policies.google.com/privacy
How Google uses data from partners' sites and apps: https://policies.google.com/technologies/partner-sites

4. Purposes of Processing

Serving and measuring ads to provide a free service
Providing App features (saving settings, displaying language, etc.)
Maintaining service quality and preventing fraudulent use (advertising partners)

5. Legal Bases for Processing (GDPR Article 6)

For users in the European Economic Area (EEA):

Consent (Article 6(1)(a)): Ad personalization and use of advertising identifiers. On first launch, consent is requested through a consent management platform (Google UMP), and consent may be withdrawn at any time.
Legitimate interests (Article 6(1)(f)): Serving non-personalized ads, security, and prevention of fraudulent use.
Storing local settings on the device serves to provide the service the user has requested.

6. Third-Party Provision and Advertising Partners

The App does not sell personal information. The following partner is involved in providing advertising.

Google AdMob / Google advertising partners — Serving and measuring ads

EEA users can review the list of advertising partners and the purposes of processing on the consent screen shown on first launch.

7. International Data Transfers

Google may transfer users' information outside the EEA or the user's country of residence (for example, to the United States) for processing. In such cases, Google applies lawful safeguards such as the EU Standard Contractual Clauses (SCC). For details, please refer to the Google Privacy Policy above.

8. Retention Period

The App does not store personal information on its own. Local settings on the device remain on the device until the user uninstalls the App.
The retention period for information processed through advertising follows Google's policies.

9. Rights of Users (Data Subjects)

Users have the following rights under applicable law. For users to whom the GDPR applies, these include the right of access, the right to rectification, the right to erasure ("right to be forgotten"), the right to restriction of processing, the right to object, the right to data portability, and the right to withdraw consent.

Changing/withdrawing consent to ad personalization: You can change this at any time under the App's Settings > Manage Ad Consent.
Resetting/deleting the advertising identifier: You can reset or delete the advertising ID in your device settings (Android: Settings > Privacy > Ads).
To exercise other rights or to make an inquiry: hanworld@willee.net

10. Additional Rights for EEA Users

EEA users have the right to lodge a complaint with the supervisory authority (Data Protection Authority) in their country of residence if they believe that the processing of their personal information infringes the GDPR.

11. Children's Personal Information

The App is not primarily intended for children under the age of 16 (or the age set by the laws of the user's country of residence), and it does not knowingly collect children's personal information.

12. Changes to This Policy

This policy may be revised in line with changes in law or in the service, and any significant changes will be announced through the App or the website.

13. Contact

For inquiries regarding the processing of personal information, please contact us below.

Email: hanworld@willee.net

Effective date: May 31, 2026