Privacy Policy

Effective: June 7, 2026

This Privacy Policy explains how Inara (“Inara”, “we”, “us”, or “our”) collects, uses, and shares information when you use our website at myinara.app and our mobile application (together, the “Service”). Inara is operated from Istanbul, Türkiye, and acts as the controller of your personal data. We know the Service touches on sensitive parts of your life: your birth details, your relationships, and the questions you ask. We treat that information with care.

1. Information We Collect

We collect information you provide directly, information collected automatically, and information from third parties.

Account information: name or display name and email address.
Birth details (sensitive): your date, time, and place of birth, used to calculate your birth chart and personalize readings.
Content you create: your questions, chat messages with Iris and with readers, voice-session audio and transcripts, journal notes, and tarot or reading inputs.
Information about other people: when you use features such as Lover Mode or Pair Reading, you may provide another person’s birth details or details about your relationship. Please share only what you have a lawful basis to share.
Purchase information: subscription status, credit balance, and transaction identifiers. Payments are processed by Apple; we do not receive your full payment-card details.
Device and usage data: device model, operating system, app version, language, time zone, IP address, crash logs, and interaction events.
Cookies and similar technologies on our website (see Section 8).

2. How We Use Information

We use the information we collect to:

Provide, maintain, and personalize the Service, including calculating your chart, generating guidance, and delivering reader sessions.
Process subscriptions, credits, and other purchases.
Communicate with you about your account, updates, and support requests.
Improve and develop the Service, understand how it is used, and ensure quality and safety.
Detect, prevent, and address fraud, abuse, and security incidents.
Comply with legal obligations and enforce our Terms of Service.

Where required by law, our legal bases for processing include performing our contract with you, your consent (including for sensitive data such as birth details), our legitimate interests in operating and improving the Service, and compliance with legal obligations. You can withdraw consent at any time, as described in Section 11.

3. Automated Processing and AI Providers

Parts of the Service are powered by automated systems. To generate guidance and process conversations, your content (such as your questions and messages) may be sent to and processed by third-party artificial-intelligence and large-language-model providers acting as our processors under contract. We instruct these providers to process your content only to deliver the Service.

We do not sell your personal information, and we do not permit our AI providers to use your content to train their general-purpose models for their own purposes. Automated responses may be inaccurate and are provided for personal reflection only.

4. Reader Interactions

When you start a session with a reader, the information needed for that session (for example, your display name, birth details, and the messages you send) is shared with that reader so they can respond. We ask both sides not to exchange off-platform contact details or move conversations off the Service. Readers do not receive your email address or payment information.

5. Sensitive Topics and Limits of the Service

The Service is for personal reflection and entertainment and is not a crisis, medical, or emergency service. Automated conversations are not routinely monitored by our staff, and requests for medical assistance or other emergencies made within the Service are not forwarded to emergency responders. If you are in crisis or may be a danger to yourself or others, contact a qualified professional or your local emergency services immediately. Please be thoughtful about the personal details you choose to share in conversations.

6. How We Share Information

We share information only:

With service providers who process data on our behalf under written confidentiality and security obligations, including hosting, AI/LLM processing, analytics, error monitoring, and customer support.
With readers, only as needed to deliver a session you start (see Section 4).
With Apple, for processing purchases and (where you enable it) measuring app installs and campaign performance (for example, through Apple’s SKAdNetwork / AdAttributionKit).
When required by law, legal process, or to protect the rights, property, or safety of Inara, our users, or the public.
In connection with a merger, acquisition, financing, or sale of assets, with notice to affected users where required.

We do not sell your personal information, and we do not share it for cross-context behavioral advertising.

7. Advertising and Attribution

We do not serve targeted advertising inside the Service. We may use privacy-preserving measurement (such as Apple’s SKAdNetwork / AdAttributionKit) to understand which campaigns lead to installs, without tracking you across other companies’ apps and websites. If our practices change, we will update this Policy and, where required, request your consent.

8. Cookies and Trackers

Our website uses strictly necessary cookies to operate and may use analytics cookies to understand how visitors use the site. You can disable non-essential cookies through your browser settings without losing access to core functionality.

9. Data Retention

We retain personal information for as long as needed to provide the Service and for the purposes described above. In general, account and content data are kept while your account is active and deleted or anonymized within a reasonable period (typically up to 90 days) after you delete your account, except where we must retain certain records longer to comply with legal obligations, resolve disputes, or enforce our agreements. You can delete your account at any time from within the app.

10. Security

We use commercially reasonable administrative, technical, and physical safeguards to protect personal information, including encryption in transit and protections for sensitive content. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

11. Your Rights

Depending on where you live, you may have rights to access, correct, delete, or port your personal information, to object to or restrict certain processing, and to withdraw consent. To exercise these rights, contact us at the address below; we will respond within the time required by applicable law. You may also delete your account and associated data from within the app.

EEA, UK, and Switzerland. You have rights under the GDPR and equivalent laws, including access, rectification, erasure, restriction, portability, objection, and the right to lodge a complaint with your local data-protection authority.

Türkiye. If you are in Türkiye, you have rights under the Personal Data Protection Law No. 6698 (KVKK), including the right to learn whether your data is processed, to request correction or deletion, and to object to outcomes based solely on automated processing.

United States. Residents of California and certain other states have rights to know, access, correct, delete, and opt out of the “sale” or “sharing” of personal information. We do not sell or share personal information as those terms are defined, and we will not discriminate against you for exercising your rights.

12. International Data Transfers

Inara is operated from Türkiye, and our service providers (including hosting and AI providers) may be located in the United States or other countries. If you access the Service from outside these countries, your information may be transferred to and processed in countries whose data protection rules differ from those in your own. Where required, we use appropriate safeguards (such as standard contractual clauses) for these transfers.

13. Children

The Service is intended for adults aged 18 and over and is not directed to children. We do not knowingly collect personal information from children. If you believe a child has provided us information, contact us and we will delete it.

14. Third-Party Services

The Service may link to or integrate with third-party services, including Apple’s App Store and platform APIs. Their practices are governed by their own policies, which we do not control.

15. Changes to this Policy

We may update this Policy from time to time. The “Effective” date above indicates when it was last revised. Material changes will be communicated through the Service or by email where appropriate.

16. Contact

Questions about this Policy, or requests to exercise your rights, can be sent to [email protected] .