Privacy Policy

This Privacy Policy applies to all personal information processed when you access or use Viamogo websites, mobile applications, APIs, and any associated consultation or marketplace services. We adhere to the principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, and accountability.

• Personal information is processed only for specified, explicit, and legitimate purposes disclosed in this policy
• We collect only the minimum data necessary for each stated purpose and do not repurpose data without notice
• Data is retained only for as long as required to fulfill its purpose or meet legal obligations, after which it is deleted or anonymized
• We regularly review processing activities to ensure ongoing compliance with applicable data protection laws

We collect personal data directly from you and automatically through your use of the service. The specific categories depend on how you interact with Viamogo.

• Account information: email address, display name, hashed authentication credentials, and account verification records
• Google user data used for sign-in: Google account subject identifier, email address, display name, and locale returned during OAuth sign-in
• Astrological input data: birth date, birth time, birth location, and related parameters required for chart calculations
• Transaction records: order history, payment method type (we do not store full card numbers), billing address, credit balances, invoice and receipt data
• Technical data: IP address, device identifiers, browser type and version, operating system, access timestamps, referring URLs, click-stream data, and error/crash logs

When you choose to sign in with Google, we use the Google OAuth authorization code flow to authenticate your account and retrieve only the basic profile data needed to complete sign-in.

• Data accessed: we request the `openid`, `email`, and `profile` scopes and access the Google account subject identifier, email address, display name, and locale from Google's userinfo endpoint; we do not request Gmail, Drive, Calendar, Contacts, or other Google data scopes
• Data use: we use Google user data only to authenticate you, create or link your Viamogo account, prefill your display name and locale, prevent fraud, and maintain account security; we do not use Google user data for advertising, marketing, or automated decision-making
• Data storage and retention: we do not store Google access tokens or ID tokens after authentication completes; we store only the account data needed to operate your Viamogo account, and that data is retained according to our general account retention rules until you delete your account or we are required to retain it by law
• Data sharing: we do not sell or share Google user data with third parties for advertising or unrelated purposes; any service providers that process account data on our behalf do so only to support hosting, security, authentication, or other core service operations and are bound by confidentiality and data protection obligations

We process personal data only when we have a lawful basis to do so. Depending on your jurisdiction and the nature of the processing, the applicable legal basis may include contract performance, legitimate interest, legal obligation, or your consent.

• Contract performance: account creation and management, report generation and delivery, order fulfillment, customer support, and credit balance administration
• Legitimate interest: fraud prevention, abuse detection, service security monitoring, system stability and performance analysis, and internal analytics for product improvement
• Consent: marketing communications, optional personalization features, and non-essential cookies or tracking; you may withdraw consent at any time without affecting the lawfulness of prior processing
• Legal obligation: record-keeping for tax, anti-money-laundering, or other regulatory requirements; responding to lawful requests from governmental or judicial authorities

We do not sell, rent, or trade your personal information. Sharing occurs only when necessary to operate the service, comply with the law, or protect rights and safety, and is always subject to appropriate safeguards.

• Service providers: payment processors, cloud infrastructure providers, and messaging delivery services operate under data processing agreements with confidentiality and security obligations
• Advisors on the marketplace: when you engage a marketplace advisor, only the information you explicitly choose to share during the consultation is disclosed to that advisor
• Legal and regulatory disclosure: we may disclose data when required by law, regulation, court order, or governmental request, or when necessary to protect the rights, property, or safety of Viamogo, our users, or the public
• Corporate transactions: in the event of a merger, acquisition, or asset sale, personal data may be transferred to the successor entity subject to this policy or equivalent protections

Your data may be transferred to and processed in countries other than your country of residence. We use cookies and similar technologies to provide core functionality and, where permitted, to improve the user experience.

• Cross-border transfers are safeguarded by Standard Contractual Clauses, adequacy decisions, or other mechanisms recognized under applicable law
• Essential cookies are required for authentication, session management, security protections, and core feature operation; they cannot be disabled
• Non-essential cookies (analytics, preferences) can be managed or rejected through your browser settings or our cookie management interface
• No fully automated decision-making that produces legal or similarly significant effects is performed without human review

We implement a layered security architecture and enforce strict access controls to protect personal data against unauthorized access, loss, alteration, or destruction. Security measures are regularly reviewed and updated.

• All data in transit is encrypted using TLS 1.2 or higher; data at rest is encrypted using AES-256 or equivalent standards
• Internal access follows role-based least-privilege principles with mandatory multi-factor authentication for administrative systems
• Full audit trails are maintained for data access, modifications, and deletion events
• Identifiable personal data is deleted or anonymized within 30 calendar days after account closure, unless longer retention is required by applicable law

Depending on your jurisdiction, you may have the right to access, correct, delete, port, restrict the processing of, or object to the processing of your personal data. You may also withdraw consent where processing is consent-based.

• Submit requests to [email protected], specifying your account identifier and the nature of your request
• We may require identity verification to protect against unauthorized access to personal data
• Requests are processed within the timeframes mandated by applicable law, generally within 15 to 30 business days
• If you believe your data protection rights have been infringed, you have the right to lodge a complaint with your local data protection supervisory authority

Viamogo services are not directed at individuals under the age of 18. If we become aware that a minor has provided personal data without verified parental consent, we will take steps to delete that data. We may update this policy from time to time to reflect changes in our practices, legal requirements, or operational needs.

• Parents or guardians may contact [email protected] to request review, correction, or deletion of a minor's data
• Material changes to this policy will be communicated via in-app notification, email, or a prominent notice on our website at least 14 days before taking effect
• Your continued use of the service after an updated policy becomes effective constitutes your acknowledgment of the revised terms
• For all privacy-related inquiries, complaints, or data protection officer correspondence, contact [email protected]