Privacy Policy

Last updated: April 26, 2026

Covens ("we," "us," "our") is committed to protecting your privacy. This Privacy Policy explains what information we collect, how we use it, and the choices you have. By using Covens you agree to the practices described here.

Information we collect

Information you provide

• Account information: when you sign in with Apple, we receive your Apple-issued user identifier and (if you choose) your name and email. We do not receive your Apple password.
• Profile information: display name, pronouns, bio, profile photo, age confirmation, practice tags, and what you're seeking from the community.
• Content: messages you send to other users, tarot reflections you save, and circle messages you post.
• Reports and blocks: records of users you block or report, plus the reason given.

Information collected automatically

• Approximate location: if you grant permission, we receive your coarse location and convert it immediately to a geohash bucket. We never store your exact coordinates and never share them with other users — only approximate distance ranges (e.g., "10–25 miles").
• Device identifiers: push notification tokens, app version, and basic crash diagnostics.
• Usage data: swipe counts, daily tarot pulls, and consent timestamps for compliance.

How we use your information

• To create and operate your account and the matching feed.
• To enable communication between matched users and within circles.
• To enforce community guidelines and respond to reports.
• To send notifications you've opted into (matches, messages, moon phases).
• To improve the app — diagnostic data is used in aggregate to fix bugs and design better features.

What we do not do

• We do not sell your personal information.
• We do not share your exact location with anyone, ever.
• We do not run third-party advertising networks inside Covens. The app is ad-free.

Data sharing

We share data only in the following limited cases:

• With other users: profile information you make discoverable, messages you send, and circle posts you make are shown to the audience you choose.
• Service providers: we use Supabase for backend storage and Apple push notification services. These providers process data on our behalf under their own privacy commitments.
• Legal compliance: we may disclose information if required by law, valid legal process, or to protect the safety of our users.

Your choices

• Discoverability: toggle "Visible to seekers" in Settings to control whether other users can find you.
• Location: revoke location permission at any time in iOS Settings; you'll still be able to use Covens, with reduced matching accuracy.
• Notifications: manage push notifications per-channel in Settings or in iOS Settings.
• Block and report: remove unwanted contact and notify us of conduct that violates our guidelines.
• Account deletion: request full deletion of your account and all associated content by emailing privacy@covens.app. We honor deletion requests within 30 days.

Data retention

We retain account data while your account is active. When you delete your account, profile data, messages, and content are permanently removed within 30 days, except where we are required to retain certain records for legal compliance (consent records, abuse reports).

Age restrictions

Covens is for adults 18 years or older. We do not knowingly collect information from anyone under 18. If you believe a user is underage, please report them in-app or contact us.

Security

We use industry-standard practices including encrypted transport (HTTPS/TLS), encrypted storage, row-level access controls, and secure authentication. No system is perfectly secure, but we work continuously to protect your data.

Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be announced in-app or by email. The "Last updated" date at the top reflects the latest revision.

Contact

Questions about this policy? Email privacy@covens.app.