This Privacy Policy explains how your personal data is collected, used,
and protected when you use the TaoVerse mobile application and related
services (together, the "Service"). We are committed to
protecting your privacy and handling your data transparently and lawfully,
including in accordance with the EU/UK General Data Protection Regulation
(GDPR) and the California Consumer Privacy Act as amended
by the CPRA (CCPA/CPRA).
Please read this Policy together with our
Terms of Use.
1. Who We Are (Data Controller)
The Service is operated by the independent developer of TaoVerse
(the "Developer", "we", "us", or "our"), who acts as the
data controller for personal data processed through the
Service. For any privacy request or question, contact us at:
ahqsgmm@qq.com
2. Summary — Our Privacy Commitments
We do not track you. TaoVerse contains
no advertising, no third-party analytics, and no tracking or
advertising identifiers. We do not sell or "share" your personal
information (as those terms are defined under the CCPA/CPRA), and we do not
use your data for cross-context behavioral advertising.
3. Personal Data We Collect
We collect only the data needed to operate the Service:
a) Data you provide directly
- Account data: your email address, a display name you
choose, and a password (which is stored only in hashed form).
- Sign-in with Apple / Google: if you use a third-party
login, we receive your email address and name from that provider to
create your account. If you use Apple's "Hide My Email", we receive
only the relay address Apple provides.
- User-generated content: journal entries and reflections,
interactive-story ("Odyssey") choices, bookmarks, and similar content
you create in the app.
b) Data generated by your use of the Service
- Practice & progress data: meditation/practice
sessions completed, minutes practiced, daily check-ins, streaks,
"Cultivation Points", ranks, and plan progress.
- Inferred preferences: a non-clinical "philosophical
archetype" derived from your in-app story choices, used purely for
in-app personalization and entertainment.
- App preferences: notification and reminder settings.
c) Technical data
- Limited device data: your operating-system version,
app version, and platform (iOS/Android), sent with requests for
compatibility and security. We do not collect your
device ID, advertising ID (IDFA/GAID), or precise location.
4. How We Use Your Data & Legal Bases (GDPR)
We process your personal data for the following purposes and on the
following legal bases:
- To provide the Service (accounts, sign-in, saving your
progress and content) — performance of a contract (Art. 6(1)(b)).
- To process subscriptions and purchases — performance
of a contract and compliance with legal obligations
(Art. 6(1)(b) and (c)).
- To send you optional reminders/notifications you enable
— your consent (Art. 6(1)(a)), which you may withdraw at any time
in the app settings or your device settings.
- To secure the Service and prevent abuse — our
legitimate interests (Art. 6(1)(f)) in keeping the Service safe.
- To respond to your requests and comply with law —
legitimate interests and legal obligations.
We record whether you have accepted our Terms and this Policy to
demonstrate consent and compliance.
5. AI "Sage Mentor" Feature
When you use the optional
Sage Mentor feature, a small set
of
keywords derived from your most recent journal entry,
together with your cultivation rank, is sent to our server to generate an
AI-produced reflection.
Please do not include sensitive personal
information (such as health, financial, or identifying details) in
journal entries you submit to this feature. AI-generated reflections are for
inspiration and self-reflection only and are not professional advice. See
the
Terms of Use for the full AI disclaimer.
6. What We Do Not Collect
- No health, medical, biometric, or fitness sensor data (no HealthKit /
Google Fit integration).
- No precise or background location.
- No access to your camera, microphone, photos, or contacts.
- No advertising identifiers, and no third-party analytics or tracking.
7. How We Share Data (Processors & Third Parties)
We do not sell your personal data. We share data only with the limited
service providers needed to run the Service, who process it on our behalf:
- Apple & Google — process in-app purchases and
subscriptions and provide optional sign-in. Payment card details are
handled entirely by Apple/Google; we never receive them.
- RevenueCat, Inc. — manages subscription entitlements
and receipt validation on our behalf.
- Our hosting/backend provider — stores your account and
practice data on secure servers located in Singapore.
Each provider processes data under its own privacy terms. We may also
disclose data where required by law or to protect our legal rights.
8. International Data Transfers
Our servers are located in Singapore, and our providers may
process data in other countries. If you are in the European Economic Area,
the UK, or Switzerland, transfers of your data outside your region are
protected by appropriate safeguards, such as the European Commission's
Standard Contractual Clauses, or another lawful transfer
mechanism. You may request a copy of the relevant safeguards using the
contact details below.
9. Data Retention
We keep your personal data for as long as your account is active. When you
delete your account, we permanently delete or irreversibly anonymize your
personal data, except where we must retain limited records to comply with
legal, tax, or accounting obligations (for example, transaction records),
or to resolve disputes and enforce our agreements.
10. Your Rights
Depending on where you live, you may have the right to:
- access the personal data we hold about you;
- correct inaccurate data;
- delete your data ("right to be forgotten");
- restrict or object to certain processing;
- data portability (receive your data in a portable format);
- withdraw consent at any time, without affecting prior processing.
How to exercise your rights: you can delete your account
directly in Settings > Delete Account, or email us at
ahqsgmm@qq.com. We respond within the
timeframes required by law. You will not be discriminated against for
exercising your rights.
California residents (CCPA/CPRA)
We do not sell or share your personal information and do
not use it for cross-context behavioral advertising. California residents
have the rights to know, delete, and correct their personal information,
and the right not to be discriminated against for exercising these rights.
EEA/UK residents
You have the right to lodge a complaint with your local data protection
authority if you believe your data has been handled unlawfully.
11. Children's Privacy
The Service is intended for users aged 16 and older. We do
not knowingly collect personal data from anyone under 16. If you believe a
child under 16 has provided us personal data, contact us and we will delete
it promptly.
12. Data Security
We use industry-standard measures to protect your data, including encryption
in transit (HTTPS/TLS), secure on-device storage of authentication tokens
(Keychain/Keystore), and server-side password hashing. No method of
transmission or storage is completely secure, but we work continuously to
safeguard your information.
13. Changes to This Policy
We may update this Policy from time to time. If we make material changes, we
will update the "Last updated" date above and, where appropriate, notify you
in the app. Your continued use of the Service after changes take effect
constitutes acceptance of the updated Policy.
14. Contact Us
For any privacy question or to exercise your rights, contact us at
ahqsgmm@qq.com.