Privacy Policy

Last Updated: February 2026

1. Introduction

I Ching Explorer ("we," "us," "our," or "Company") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and otherwise handle your information when you use our website and services (collectively, the "Service").

2. Information We Collect

2.1 Information You Provide

We collect information you provide directly to us, including:

• Account Information: Email address, password (hashed and encrypted)
• Profile Information: User preferences including default reading method, throwing style, and translation source
• Reading Data: I Ching readings you generate, timestamps, and associated metadata
• Communication: Messages, feedback, or support inquiries you send us

2.2 Automatically Collected Information

When you use the Service, we automatically collect:

• Browser type and version
• IP address
• Pages visited and time spent
• Device type and operating system
• Referral source
• Approximate geographic location (city/country level)

2.3 Cookies and Tracking

We use authentication cookies to maintain your login session. These cookies are essential for the Service to function and are set to expire after 30 days of inactivity. By using the Service, you consent to our use of these essential cookies. We do not use tracking pixels, beacons, or third-party analytics cookies beyond what is necessary for Service operation.

3. How We Use Your Information

We use the information we collect for the following purposes:

• Creating and maintaining your account
• Providing and improving the Service
• Sending transactional emails (password resets, email verification, subscription confirmations)
• Enforcing usage quotas and subscription terms
• Detecting and preventing fraud or abuse
• Complying with legal obligations
• Responding to your support requests
• Analyzing usage patterns to improve user experience

We do not and will never:

• Sell your personal data to third parties
• Share your email address with third parties for marketing
• Use your data for purposes beyond what is described in this policy

4. Third-Party Services

4.1 Email Service (Mailgun)

We use Mailgun to send transactional emails (verification, password reset, subscription updates). Mailgun processes your email address for this purpose. Mailgun's privacy practices are described at https://www.mailgun.com/privacy-policy/

4.2 Payment Processing

For paid subscriptions, we use a third-party payment processor to handle transactions. They handle credit card information directly and we never store full card details on our servers. Our payment processor's privacy practices are governed by their own privacy policy, which will be available at checkout.

4.3 Database (Neo4j)

Your data is stored in Neo4j database infrastructure. We do not share your data with Neo4j beyond what is necessary for database operation.

4.4 Hosting

The Service is hosted on cloud infrastructure. Your data is protected with industry-standard security measures.

5. Data Security

We implement appropriate technical and organizational measures to protect your information, including:

• HTTPS encryption for all data in transit
• Password hashing using bcryptjs with strong salt rounds
• httpOnly, Secure cookies to prevent XSS attacks
• Rate limiting to prevent brute force attacks
• Regular security monitoring and logging

However, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security of your information.

5.1 Data Breach Notification

In the event of a data breach affecting your personal information, we will notify you via email within 72 hours of discovery and provide information about the nature of the breach and steps you should take to protect yourself.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. You may request deletion of your account and associated data at any time through your profile settings or by contacting us.

When you delete your account:

• Your personal information is deleted from our systems
• Your reading history and preferences are removed
• Your email cannot be used to create a new account for 30 days

Some information may be retained for legal compliance or as required by law.

7. Your Rights and Choices

7.1 Account Management

You can access, update, or delete your account information at any time through your profile settings.

7.2 Email Preferences

We only send transactional emails necessary for account management. You cannot opt out of these emails, as they are essential for your account security.

7.3 Data Export

You may request an export of your data in a machine-readable format by contacting us.

8. Children's Privacy

The Service is not intended for children under 13. We do not knowingly collect information from children under 13. If we become aware that a child under 13 has provided us with personal information, we will take steps to delete such information and terminate the child's account.

9. International Data Transfers

Your information may be processed and stored in the United States or other countries where we or our service providers operate. By using the Service, you consent to the transfer of your information to countries outside your country of residence, which may have different data protection laws.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting the updated policy on this page and updating the "Last Updated" date. Your continued use of the Service after changes constitutes your acceptance of the updated Privacy Policy.

11. Contact Us

If you have questions about this Privacy Policy or our privacy practices, you can contact us:

• Email: bobby@21kworlds.earth
• Mail: 12543 39th Ave NE, Seattle, WA 98125
• Through the support channels in the Service

12. Supplementary Information for Specific Regions

12.1 California Residents (CCPA)

California residents have additional rights under the California Consumer Privacy Act, including the right to know, delete, and opt-out. To exercise these rights, please contact us through the Service.

12.2 European Residents (GDPR)

If you are in the European Union, United Kingdom, or European Economic Area, you have additional rights under the General Data Protection Regulation, including data portability and the right to object to processing. To exercise these rights or file a complaint, you can contact us or your local data protection authority.