Privacy Policy

Last updated: May 2, 2026

Fuyu Culture Co., Ltd. (hereinafter “the Company”, “we”; Tax ID 90121032) takes your personal data protection seriously. This policy describes how we collect, use, store, and share your personal data through Misstarot, LifeGrid, and our website (fuyuculture.com, misstarot.app, and subdomains). It is drafted in compliance with Taiwan’s Personal Data Protection Act and the EU General Data Protection Regulation (GDPR).


1. Data Controller

ItemDetail
Company nameFuyu Culture Co., Ltd.
Tax ID90121032
Registered addressNo. 3, Sec. 2, Zhongshan Rd., Sanzhi Dist., New Taipei City, Taiwan
RepresentativeYi-Lung Chung
Contact email[email protected]

2. Data We Collect

2.1 Misstarot App / Website

2.2 LifeGrid App

2.3 fuyuculture.com Website


3. Purposes of Use

PurposeLegal basis
Account management & authenticationContractual necessity
Personalized content generation (astrology / tarot)Contractual necessity / consent
Customer service & supportContractual necessity
Subscription billingContractual necessity
Service improvement & analyticsLegitimate interest
Security & fraud preventionLegitimate interest / legal obligation
Marketing notifications (only with consent)Consent

4. Third-party Services & Data Sharing

We do not sell your personal data to any third party. To deliver our service, we use the following processors:

ServicePurposeData type
Firebase Authentication (Google)AuthenticationEmail, Google ID Token
Google Gemini APIAI interpretation generationQuery content without PII
Cloudflare (Workers / D1 / R2)Infrastructure & data storageAll backend data
Apple / Google PaySubscription billingHandled by platforms, not by us
Plausible AnalyticsWebsite traffic analyticsAnonymized aggregated data

5. Data Storage & Retention


6. Your Rights

Under Taiwan’s PDPA and GDPR, you have the following rights:

  1. Access: know what data we hold about you
  2. Rectification: correct inaccurate or outdated data
  3. Erasure (right to be forgotten): request permanent deletion
  4. Data portability: obtain a portable copy of your data
  5. Withdraw consent: for consent-based processing, withdraw at any time
  6. Object: object to specific data processing
  7. Reject automated decision-making: request human intervention

To exercise:


7. Children’s Protection

Our services are not designed for children under 13, nor do we knowingly collect data from children under 13. If you discover an underage child has used our service without guardian consent, please contact us — we will delete their data immediately.


8. Cookies & Similar Technologies

See Cookie Policy.


9. Data Security

We implement industry-standard measures:

No system can guarantee 100% security. In the event of a data breach, we will notify the relevant authorities and affected users within 72 hours.


10. Cross-border Data Transfers

Some processors (Firebase, Gemini, Cloudflare) are headquartered overseas. We only select processors that meet GDPR Standard Contractual Clauses (SCCs) or equivalent protection levels.


11. Policy Changes

When this policy changes, we will:

  1. Update “Last updated” on this page
  2. Notify users via in-app popup or notification
  3. For significant changes (affecting data collection scope): 30 days’ notice via registered email

12. Contact

For questions about this policy or to exercise your rights:

If you believe our data processing violates regulations, you may file a complaint with:


This is an AI-assisted draft. The final version will be reviewed by legal counsel before publication.