Privacy Policy

This Privacy Policy explains how PAWCODE SRL ("we", "us", "Zodiqo") collects, uses and protects personal data when you use the Zodiqo mobile application (the "App") or visit zodiqo.com (the "Site"). We act as the data controller for the personal data processed through the App and the Site.

1. Who we are

PAWCODE SRL, a company registered in Romania.
Registered office: Strada Verzișori, Nr. 6, Bl. D, Ap. B118, Sector 4, București, România.
Tax ID (CUI): 54362611 · Trade Register: J2026020594004.
Privacy contact: privacy@zodiqo.com.

2. Data we collect

We collect only the data we need to provide our service:

• Astrological profile data — birth date, birth time and birth location (city / coordinates). This is required to calculate your natal chart and transits.
• Account data — if you create an account: display name, email address, profile photo (optional), Sign in with Apple identifier or similar sign-in provider identifier.
• Charts of people you add — names and birth data you enter for friends, family or partners so that you can run synastry comparisons. You must have a legitimate reason to enter someone else's data.
• Usage and device data — anonymised technical information such as device model, OS version, app version, crash reports, coarse locale and diagnostic events. Used only to keep the app stable and improve it.
• Communications — if you contact us by email or through the in-app support link, we keep the message and any information you include in it.
• Coarse current location — city‑level, and only if you grant the location permission. Used for features that depend on where you are now, such as sky‑tonight. You can deny or revoke this permission at any time in your device settings.
• Voice audio — only while you are actively using voice chat with Kosmos. Audio is streamed in real time to our AI provider over an encrypted connection. We do not record or store the audio on our own servers.
• Profile photos — if you choose to upload a photo as your avatar, or as the avatar of a saved person you add for synastry, we store and serve that image so it can be shown in the app. You can remove or replace a photo at any time.
• Social connections — if you send or accept a friend request on Zodiqo, we store the fact that your account and the other account are connected. You can remove or block other users at any time, which updates or ends the connection.
• Public share links — when you choose to share a chart or a synastry result publicly, we generate a unique random link token. Anyone with that link can view the shared content (without logging in) until the link expires or you disable it.
• Biometric credentials (stored on your device only) — if you enable Face ID or Touch ID for sign‑in, we store your email and password in the secure element of your device (iOS Keychain) so you can unlock the app locally. This information never leaves your device and is not sent to our servers.

We do not ask for contacts, financial information, precise continuous GPS tracking, health data, or special categories of personal data under Article 9 GDPR. If such information ends up in content you choose to enter (for example in a personal note or in a photo you upload), we process it only to provide the Service.

3. How we use your data

• Calculating natal charts, transits and synastry.
• Generating AI‑assisted interpretations and cosmic guidance personalised to your chart.
• Enabling voice conversations with Kosmos, our in‑app AI assistant.
• Creating, operating and securing your account.
• Keeping the app stable and diagnosing technical issues.
• Responding to support requests and privacy requests.
• Complying with applicable legal obligations.

We do not use your astrological data for advertising. We do not sell your personal data to third parties.

4. Legal basis for processing

Under the EU General Data Protection Regulation (GDPR), we rely on:

• Performance of a contract (Article 6(1)(b)) — to deliver the features you sign up for, such as computing your chart.
• Legitimate interests (Article 6(1)(f)) — to keep the app secure, prevent abuse and improve the product.
• Consent (Article 6(1)(a)) — for optional features such as push notifications or analytics, where required.
• Legal obligation (Article 6(1)(c)) — where we have to keep records for tax, accounting or regulatory reasons.

5. How we store and protect your data

Your data is stored in managed cloud infrastructure and protected by industry‑standard security controls, including encryption in transit (TLS) and access controls restricted to authorised personnel. Depending on the providers we use, your data may be stored and processed in the European Union, the United States, or other jurisdictions where our providers operate. Where practical, we keep chart data on your device so it is available to you offline. No method of electronic storage or transmission is ever fully secure, and while we apply reasonable safeguards we cannot guarantee absolute security.

6. Third‑party services (sub‑processors)

We use a small number of trusted providers to run Zodiqo:

• Cloud hosting and database — to store your account and chart data.
• Authentication providers — such as Sign in with Apple, to let you sign in without having to manage a separate password.
• AI providers — to power personalized chart insights and the in‑app voice chat with Kosmos. We send the minimum astrological data reasonably necessary to generate a result. Voice audio is streamed directly from your device to the AI provider over an encrypted connection and is not stored on our own servers.
• Geocoding — to convert place names you enter (such as your birth city) into coordinates used for astrological calculations.

All providers are bound by data processing agreements and use your data only to provide the service to us. We keep a current list of sub‑processors internally and update this policy when we add or change providers. You can request the latest list at privacy@zodiqo.com.

7. Discoverability and public content

By default, other Zodiqo users can find your profile by searching for your username and can send you a friend request. You can control whether your profile is discoverable by username from within the app (Settings → Privacy). Invite pages that you generate are publicly accessible by design: anyone with the invite link can see your display name and avatar on the page that prompts them to join.

Shared chart and synastry links are public: anyone with the link can view the content you chose to share without logging in, until the link expires or you disable it. Only the specific content you choose to share is exposed in this way — the rest of your account remains private. You can revoke any share link at any time from within the app.

8. International transfers

Some of our providers (for example AI interpretation providers) may process data outside the European Economic Area. When this happens, we rely on appropriate safeguards, such as the European Commission's Standard Contractual Clauses, to protect your data.

9. Data retention

We retain your personal data for as long as your account is active or as reasonably needed to provide the Service. When you delete your account, we begin removing the personal data linked to your account and aim to complete deletion within a reasonable period, typically within 30 days.

Some information may persist beyond that period for reasons outside the immediate deletion flow, including:

• compliance with legal, accounting, tax or reporting obligations;
• resolving disputes, enforcing our agreements, or preventing fraud and abuse;
• removal from routine system backups and logs in the ordinary course of their rotation;
• retention cycles of our sub‑processors over which we do not have real‑time control.

Where personal data cannot be immediately deleted, we limit access to it and, where practical, anonymise it so that it can no longer be linked to you.

10. Your rights

Under GDPR (Articles 15–22) you have the right to:

• Access the personal data we hold about you.
• Correct inaccurate or incomplete data.
• Delete your data ("right to be forgotten").
• Restrict or object to processing.
• Receive your data in a portable format.
• Withdraw consent at any time, where processing is based on consent.
• Lodge a complaint with your local supervisory authority. In Romania this is the National Supervisory Authority for Personal Data Processing (ANSPDCP, dataprotection.ro).

To exercise any of these rights, write to privacy@zodiqo.com. We respond within 30 days.

11. Account and data deletion

You can request deletion of your Zodiqo account at any time, either from within the App (Settings → Delete Account) or by emailing privacy@zodiqo.com from the address on file. When you do, we initiate the removal of personal data linked to your account as described in Section 9 above.

12. Children and minors

Zodiqo is not intended for users under the age of 16. You must be at least 16 years old to create an account or otherwise use the Service. We do not knowingly collect personal data from anyone under 16. If you believe a minor under 16 has provided us with personal data, please contact privacy@zodiqo.com and we will take reasonable steps to delete it.

Where local law sets a higher age of digital consent than 16, the higher age applies. Where local law sets a lower age (for example, the United States, where the COPPA age floor is 13), we still require users to meet our 16‑year minimum.

13. Cookies and similar technologies

The Site (zodiqo.com) uses only technically necessary storage and does not set advertising or tracking cookies. The App uses local device storage to keep your data available offline.

14. Changes to this policy

If we make material changes to this policy, we will post the updated version here and, where appropriate, notify you in the App. The "Last updated" date at the top of the page always reflects the current version.

15. Contact

Privacy questions and requests: privacy@zodiqo.com.
General contact: contact@zodiqo.com.
Postal address: PAWCODE SRL, Strada Verzișori, Nr. 6, Bl. D, Ap. B118, Sector 4, București, România.