Privacy Policy — Eternal Tarot Collective Ltd

 

 

Privacy Policy

Effective Date: 13 November 2025
Company: Eternal Tarot Collective Ltd
Registered Address:
Corner of Neof. Nikolaides Ave & Theod. Kolokotronis Str – Onisiforou Center, 2nd Floor, Agios Theodoros, Paphos 8011, Cyprus
Email: [email protected]

This Privacy Policy explains how Eternal Tarot Collective Ltd (“the Company”, “we”, “us”, “our”) collects, uses, shares, and protects your personal data when you access our websites, courses, subscriptions, community spaces, or purchase services offered through our platform (together, the “Service”).

We comply with the EU General Data Protection Regulation (GDPR) and extend the same level of protection to all users worldwide. This policy also incorporates required disclosures under the CCPA/CPRA for California residents.

By using our Service, you agree to the terms of this Privacy Policy.

1. Key Definitions

Service
Websites, digital courses, subscriptions, community features, and any online content operated by the Company. This includes content hosted on Kajabi and other authorised platforms.

Personal Data
Any information that identifies or can be linked to an individual.

Account
A unique profile created to access parts of the Service.

Data Controller
The entity that determines the purpose and means of processing personal data.

Data Processor
A third party that processes personal data on behalf of a controller.

Service Providers
Third-party companies that help us deliver our Service, such as Kajabi or Stripe.

Licensed Practitioner (Lieselle)
An independent practitioner operating under a licensing agreement with Eternal Tarot Collective Ltd. She performs certain services (such as intuitive readings) as an independent data controller.

2. Who Controls Your Data

Because our products include both digital programs and licensed intuitive services, data responsibility is shared as follows:

2.1 Eternal Tarot Collective Ltd — Primary Data Controller

We control the data associated with:

  • Your account
  • Course access and progress
  • Subscriptions (including Inner Compass)
  • Purchases, payment confirmations, billing-related data
  • All marketing communications
  • Community participation
  • Website analytics and behavioural data
  • Customer support messaging

2.2 Licensed Practitioner (Lieselle) — Independent Data Controller

When you purchase a personalised 1:1 intuitive or tarot reading delivered by Lieselle, she independently controls:

  • Any personal information you submit directly for your reading
  • Any intuitive insights, notes, impressions, or spiritual information she generates
  • Any communication directly between you and her regarding the reading
  • Any follow-up content she provides as part of the reading

2.3 Joint Controllership (Limited to Fulfilling Your Reading)

When you purchase a reading through our website:

  • Eternal Tarot collects your contact and order information; and
  • Eternal Tarot transmits the necessary details to Lieselle so she can fulfil the service.

In this limited context, both parties jointly determine the purpose of transferring your data for fulfilment.

Data protection requests related to reading-specific data may be sent directly to:
[email protected]

All other requests should be sent to:
[email protected]

3. Personal Data We Collect

3.1 Data You Provide Directly

When you create an account, purchase a course or subscription, join the community, request a reading, download content, or contact us, we may collect:

  • Identification and contact data: name, email address, postal address, country, phone number.
  • Account data: login details (email and hashed password), profile information, community display name.
  • Purchase and billing data: products/services purchased, currency, transaction amounts, payment status, limited billing details as provided by our payment processors. We do not store full card numbers or security codes.
  • Content and communication data: messages you send us, support requests, survey responses, testimonials, and preferences you choose to disclose.
  • Reading-related data: information you share with Lieselle to prepare or deliver your reading (this is controlled by her independent entity).

3.2 Data Collected Automatically

When you access the Service, we may automatically collect:

  • Usage and technical data: IP address, browser type and version, device type, operating system, time zone, pages visited, time spent on pages, clickstream data, referring URLs.
  • Cookie and tracking data: data from cookies, pixels, tags, and similar technologies used to remember your preferences, improve performance, and measure the effectiveness of our pages and campaigns.

4. Cookies and Similar Technologies

We use cookies and similar tools to:

  • Keep you logged in and secure your account.
  • Remember your preferences (for example, language or cookie settings).
  • Analyse how visitors use our pages and where they drop off.
  • Measure the performance of our marketing and funnels.

You can control cookies through your browser settings and through any consent banner we provide. Some cookies are essential for the site to function; if you block them, parts of the Service may not work correctly.

5. How We Use Your Personal Data

We use your Personal Data to:

  • Provide access to courses, meditations, and digital content.
  • Manage your account and subscription.
  • Deliver purchased readings (through joint fulfilment with Lieselle).
  • Send service-related updates and transactional communications.
  • Respond to questions, support requests, or feedback.
  • Personalise your experience and recommend relevant content.
  • Protect the security and integrity of our platform.
  • Analyse usage and improve our offerings through analytics.
  • Comply with legal and regulatory obligations.

We do not use reading-related information for marketing or profiling.

6. Legal Basis for Processing (GDPR)

Where EU/EEA/UK data protection law applies, we rely on one or more of the following legal bases:

  • Performance of a contract: to provide courses, subscriptions, readings, and community access you have purchased or requested.
  • Consent: for certain email marketing, cookies (where required), and other processing where we ask for your clear agreement.
  • Legitimate interests: for analytics, security, fraud prevention, service improvement, and reasonable personalisation, provided your rights and freedoms do not override these interests.
  • Legal obligation: to comply with accounting, tax, and other legal requirements.

7. How We Share Your Personal Data

We do not sell your personal data. We may share it as follows:

7.1 Service Providers (Processors)

We share data with third parties who process it on our behalf to deliver the Service, such as:

  • Website and course hosting platforms (e.g. Kajabi).
  • Payment processors (e.g. Stripe, Kajabi Payments).
  • Email delivery and marketing tools.
  • Analytics and reporting tools.
  • IT, security, and support providers.

7.2 Licensed Practitioner (Lieselle)

We share limited personal data with Lieselle when necessary to fulfil a reading you have purchased. This typically includes your name, contact details, and relevant booking information.

7.3 Business Transfers

If we undergo a merger, acquisition, or sale of assets, your personal data may be transferred as part of that transaction, subject to appropriate safeguards.

7.4 Legal Requirements

We may disclose personal data where required to comply with applicable law, lawful requests, court orders, or to protect our rights, property, or safety (or those of others).

8. International Transfers

Our main establishment is in Cyprus, but many of our service providers are located in other countries, including outside the European Economic Area (EEA), for example in the United States.

When we transfer personal data internationally, we:

  • Use countries with an adequacy decision from the European Commission where possible; or
  • Put in place Standard Contractual Clauses (SCCs) or equivalent safeguards with our service providers; and
  • Take reasonable steps to ensure your data remains protected to a standard essentially equivalent to that under EU law.

9. Data Retention

We keep your personal data only for as long as necessary for the purposes described in this Privacy Policy, including to comply with legal, accounting, or reporting requirements.

In general:

  • Account, purchase, and billing records: retained for the period required by applicable tax and accounting laws.
  • Marketing data: kept while you remain subscribed and for a reasonable period after your last interaction, unless you withdraw consent earlier.
  • Support and communication data: kept as long as needed to handle your request and for a reasonable period afterwards.
  • Reading-related data: retained under the responsibility and policies of the independent controller, Lieselle.

We may anonymise data so it can no longer be linked to you and retain it for longer for statistical or analytical purposes.

10. Security

We use appropriate technical and organisational measures to protect your personal data against loss, misuse, unauthorised access, alteration, and disclosure. No system is completely secure, but we select processors that maintain industry-standard security and limit access to those who need it for legitimate purposes.

11. Your Rights

Where applicable law (such as GDPR or similar regimes) grants you rights, you may have the right to:

  • Request access to the personal data we hold about you.
  • Request correction of inaccurate or incomplete data.
  • Request deletion of your personal data in certain circumstances.
  • Request restriction of processing in certain circumstances.
  • Object to processing based on legitimate interests, including profiling.
  • Object at any time to direct marketing.
  • Request data portability where technically feasible.
  • Withdraw consent where we rely on consent (without affecting earlier processing).

To exercise these rights, contact us at [email protected]. We may need to verify your identity before responding.

For reading-specific data processed by Lieselle, you may contact:
[email protected]

You also have the right to lodge a complaint with your local data protection authority. Since we are based in Cyprus, our lead authority is the Office of the Commissioner for Personal Data Protection in Cyprus.

12. Marketing Communications

You can control marketing communications by:

  • Clicking “unsubscribe” at the bottom of our emails; or
  • Contacting [email protected] and asking to be removed from marketing lists.

We may still send you non-marketing messages (for example, about your account, purchases, or material changes to our policies).

13. Children’s Privacy

Our Service is intended for adults. You must be at least 18 years old to purchase courses, subscriptions, or readings.

We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it where required by law.

14. Additional Information for California Residents

If you are a resident of California, you may have additional rights under California privacy law (such as CCPA/CPRA), including rights to access, deletion, and non-discrimination for exercising those rights.

We do not sell personal information as that term is defined under California law. We may share data with service providers and contractors to operate the Service, under contracts that restrict how they use your data.

To exercise your California rights, you can contact us at [email protected]. We will take reasonable steps to verify your identity before acting on such requests.

15. Third-Party Links

Our Service may contain links to websites or services that we do not control. We are not responsible for their content, privacy policies, or practices. We encourage you to review the privacy policy of every site you visit.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do:

  • We will post the updated version on our website; and
  • Update the “Effective Date” at the top.

Where changes are material, we may also notify you by email or via a notice on the Service. Your continued use of the Service after changes take effect means you accept the updated policy.

17. Contact Us

If you have any questions about this Privacy Policy or how we use your personal data, you can contact us at:

Eternal Tarot Collective Ltd
Corner of Neof. Nikolaides Ave & Theod. Kolokotronis Str – Onisiforou Center, 2nd Floor, Agios Theodoros, Paphos 8011, Cyprus
Email: [email protected]

For questions relating specifically to personal data processed in connection with individual readings, you may contact:
[email protected]

 

 

Â