Privacy Policy

Effective date — TBD · Last updated: 2026-04-23

This policy describes what data mirr tarot ("mirr", "we", "us") collects, how we use it, and what rights you have. It applies to the mirr Telegram Mini App and related web pages on mirr-edi.pages.dev.

1. Data we collect

From you

Not collected

• Your Telegram phone number, email, first/last name, or profile photo (Mini App initData does not transmit these unless you explicitly share them).
• Precise location, device identifiers, or advertising IDs.
• Browser cookies — we use localStorage inside Telegram for session state.

2. Where data is stored

• Cloudflare Workers KV (EU / global edge) — user record (tg:<id>), energy balance, purchase history, short-lived pricing snapshots.
• Your device's localStorage — the current session and up to 30 archived sessions (full message content). Raw message content is not transmitted to our servers. However, each chat request sends a compact summary of recent sessions (topic, 3-5 keywords, 1-2 sentence summary, emotional tone) to the LLM so mirr can recall prior context. We do not persist these summaries server-side beyond the in-flight request window. Clearing Telegram's storage for the bot removes the raw sessions from your device.
• Sentry — error traces and breadcrumbs with PII masking (user ids and wallet addresses are reduced to prefixes).
• Amplitude — behavior events (opened app, started chat, completed purchase) keyed by Telegram user id. Message content is not sent.

3. How your prompts are processed

When you send a message to mirr, we forward it along with your active session context, compact summaries of recent sessions (topic, keywords, one-to-two sentence summary, emotional tone — see §2), and the mirr system prompt to our LLM provider (DeepSeek V3.2, accessed through Nebius AI Studio). The provider generates a streamed response that we pass back to you. The request is ephemeral — we do not persist prompts or session summaries in our database beyond the in-flight request window.

We do not train any AI model on your messages. The provider's handling is governed by their privacy policy (see §7).

4. Legal basis (GDPR)

If you are in the European Economic Area, the United Kingdom, or a jurisdiction with equivalent protections, our legal basis for processing is:

• Performance of a contract — to provide the Service you requested (readings, payments, session history).
• Legitimate interest — operational metrics and fraud prevention (payment verification, anti-abuse).
• Legal obligation — if we must retain records under applicable law.

5. Data retention

• User state (tg:<id>) — for as long as your account is active. Removed on account deletion request.
• Purchase records — 90 days in KV. Long-term accounting may retain payment identifiers as required by law.
• Metrics keys (DAU / Opened / ChatTurn) — 25 hours TTL.
• Pricing snapshots — 1 hour TTL.
• Sentry error traces — default 90 days.

6. Your rights

Depending on your jurisdiction, you have the right to:

• Access — request a copy of the data we hold about you.
• Correction — ask us to correct inaccurate data.
• Erasure — request deletion of your data ("right to be forgotten"). We honor this except where we must retain data for legal or accounting reasons (payment records tombstoned for 90 days).
• Portability — receive your data in a machine-readable format.
• Objection — opt out of specific processing based on legitimate interest.
• Complaint — lodge a complaint with your local data protection authority.

Self-service (preferred): tap the mirr wordmark 5 times to open the settings panel. Export my data downloads a JSON file of your server record + browser-stored session histories (rate-limited to once per 24 hours). Delete my account performs a double-confirmed deletion — all identifiers are removed; payment records are tombstoned (status marked, other fields retained) for 90 days to satisfy accounting/legal obligations, then aged out by KV TTL.

Otherwise, contact rlllgk@gmail.com. We respond within 30 days.

6.1 Daily signal push — opt-out paths

If you have enabled daily push notifications (one card per day from mirr), you can withdraw consent in any of the following ways:

• Send /stop to the mirr bot in Telegram. This flips enabled=false server-side and you will not receive further pushes.
• In the Mini App, open Settings and toggle Daily Signal off (calls PUT /api/push/preferences with { enabled: false }).
• Block the mirr bot in Telegram. We detect the resulting 403 and automatically mark your preference as disabled.

The daily push feature is opt-in by default (enabled=false). We do not send daily signals unless you explicitly turn them on.

7. Sub-processors we use

8. Children

mirr is not directed at children under 13. We do not knowingly collect data from children under 13. If you believe a child has used the Service, contact us and we will delete the account.

9. International transfers

Data may be processed in countries other than where you reside. Our sub-processors operate under appropriate safeguards (Standard Contractual Clauses or equivalent) where required by applicable law.

10. Security

We use HTTPS, HMAC-verified Telegram initData, constant-time admin auth, server-authoritative payment verification, and KV write idempotency. No system is perfect — if you suspect a security issue, please contact us at rlllgk@gmail.com.

11. Changes

We may update this policy. Material changes will be announced in-app or via the Signal Log. The "Last updated" date at the top of this page will reflect the revision.

12. Contact

mirr tarot · operated by [Operator Name]
Email: rlllgk@gmail.com
Telegram: t.me/rlllgk