Privacy Policy
How we collect, use, and protect your information
Last Updated: April 5, 2026
1. Information We Collect
Personal Information You Provide
We collect information you voluntarily provide when:
- Creating an account or using our Sacred Reading service
- Making purchases through our WooCommerce store
- Contacting us via email or contact forms
- Subscribing to our newsletter or communications
- Completing surveys or feedback forms
This may include:
- Name, email address, and contact information
- Shipping address for product orders
- Birth date, time, and location for Sacred Reading analysis
- Payment information (processed securely through Stripe)
- Account preferences and reading history
Automatically Collected Information
When you visit our website, we automatically collect:
- Browser type, operating system, and IP address
- Pages visited, time spent on pages, and browsing patterns
- Referring URL and links clicked
- Device identifiers (on mobile devices)
- General geographic location (not precise)
Data from Third Parties
We may receive information about you from:
- Shopify (if migrating from previous platform)
- Payment processors and fraud prevention services
- Analytics providers and advertising networks
2. How We Use Your Information
We use your information for the following purposes:
Service Delivery & Operations
- Processing orders and payments
- Generating personalized Sacred Readings using BaZi and Five Elements analysis
- Delivering products and services
- Managing your account and authentication
- Providing customer support and technical assistance
Communications
- Sending order confirmations and shipping notifications
- Responding to your inquiries
- Sending promotional emails and newsletters (with your consent)
- Announcing product updates and special offers
Analytics & Improvements
- Analyzing usage patterns to improve our website and services
- Understanding user preferences and behavior
- Conducting research and statistical analysis
- Optimizing marketing campaigns and user experience
Legal & Safety
- Complying with legal obligations
- Preventing fraud and abuse
- Protecting our rights and the security of our services
- Enforcing our Terms of Service
Note: We do not sell or rent your personal information to third parties for marketing purposes. Your information is sacred to us.
3. Cookies & Tracking Technologies
We use cookies and similar technologies to enhance your experience:
Types of Cookies
- Essential: Required for website functionality, authentication, and security
- Performance: Help us understand how you use our site (analytics)
- Functional: Remember your preferences and settings
- Marketing: Track your interest in our products and measure campaign effectiveness
Cookie Management
Most browsers allow you to control cookies through settings. You may refuse or delete cookies, but this may limit your ability to use certain features of our website.
Tracking Technologies
We use:
- Pixels & Web Beacons: For tracking conversions and user interactions
- Analytics Scripts: To measure page performance and user flow
- Session Tracking: To maintain your login state and shopping cart
4. Third-Party Services & Integrations
We use several third-party services to deliver our products and services. Each has its own privacy practices:
Payment Processing (Stripe)
Stripe handles all payment processing securely. We do not store full credit card numbers on our servers. Stripe is PCI-DSS compliant and GDPR-certified.
Backend & Database (Supabase)
Supabase hosts our database and backend services, including Sacred Reading records and user accounts.
Analytics (PostHog)
PostHog provides product analytics to help us understand user behavior and improve our services. PostHog respects privacy and does not sell data.
E-Commerce Platform (WooCommerce)
WooCommerce manages our product catalog, inventory, and orders.
Hosting & CDN
Your information is hosted on secure servers with industry-standard encryption.
Important: We carefully select third-party services that respect privacy and comply with GDPR and CCPA. You are not responsible for their practices, but we encourage you to review their privacy policies.
5. Data Retention & Deletion
How Long We Keep Your Data
- Account Data: Retained as long as your account is active, plus 2 years for legal compliance
- Order Information: Retained for 7 years (tax, accounting, and regulatory requirements)
- Sacred Readings: Retained indefinitely unless you request deletion
- Analytics Data: Retained for 12 months
- Marketing Communications: Retained until you unsubscribe
Account Deletion
You may request to delete your account at any time. Upon deletion:
- Your profile and personal information will be removed
- You will no longer receive marketing communications
- Order history may be retained for legal compliance (anonymized)
- Sacred Readings will be deleted unless you request otherwise
To request account deletion, contact us at [email protected].
6. Your Rights & Choices
GDPR Rights (EU Residents)
If you are located in the European Union, you have the following rights:
- Right to Access: Request a copy of your personal data
- Right to Correction: Request corrections to inaccurate data
- Right to Erasure: Request deletion of your data (subject to legal obligations)
- Right to Restriction: Restrict processing of your data
- Right to Portability: Receive your data in a machine-readable format
- Right to Object: Object to automated decision-making or marketing processing
- Right to Withdraw Consent: Withdraw consent for data processing at any time
CCPA Rights (California Residents)
If you are a California resident, you have the following rights:
- Right to Know: What personal information we collect, use, share, and sell
- Right to Delete: Request deletion of personal information collected from you
- Right to Opt-Out: Opt-out of the sale or sharing of your personal information
- Right to Correct: Request corrections to inaccurate personal information
- Right to Non-Discrimination: We will not discriminate against you for exercising your rights
Communication Preferences
- Unsubscribe from marketing emails by clicking the link in any email
- Manage notification preferences in your account settings
- Request do-not-track compliance (supported in most browsers)
Exercising Your Rights
To exercise any of these rights, please contact us with your request and identifying information. We will respond within 30 days (or as required by law).
7. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:
Zen & Destiny
Email: [email protected]
Website: https://zenanddestiny.com/
We take your privacy seriously and will respond to your inquiry within 30 days.
Data Protection Officer
For GDPR inquiries and data protection concerns, you may also contact our Data Protection Officer or submit a complaint to your local data protection authority.
Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated policy on our website with a new "Last Updated" date. Your continued use of our services constitutes your acceptance of the updated Privacy Policy.