Dream Chaser Dream Chaser

Privacy Policy

DREAMCHASER

Zodiac & Tarot Application

Privacy Policy

Version 2.0

Effective Date: 13 May 2026

Applicable to iOS and Android

Issued by:

Trueyogi Wellness Teknoloji Tic. A.Ş.

Mustafa Kemal Mh. Dumlupınar Blv. No:280G/1260

Çankaya, Ankara, Türkiye

Trade Registry No: 433983

Contact: info@dreamchaser.app

Table of Contents

Part I — Key Information

1. About This Policy   ·   2. Information We Collect   ·   3. How We Use Your Information   ·   4. Legal Bases for Processing

Part II — Sharing & Transfer

5. Third-Party Service Providers & Subprocessors   ·   6. AI Processing Partners   ·   7. International Data Transfers   ·   8. Advertising & Tracking Technologies   ·   9. Sale or Share of Personal Information

Part III — Data Handling

10. Biometric Data — Session-Only   ·   11. No AI Training Commitment   ·   12. Data Retention   ·   13. Data Security   ·   14. Data Breach Notification

Part IV — Your Rights

15. Data Subject Rights   ·   16. Marketing & Push Notification Controls   ·   17. Cookies & SDK Tracking Technologies   ·   18. How to Exercise Your Rights   ·   19. Right to Lodge a Complaint

Part V — Special Categories

20. Children’s Personal Information   ·   21. Sensitive Personal Information   ·   22. Automated Decision-Making

Part VI — Administrative

23. Changes to This Policy   ·   24. Links to Third-Party Sites   ·   25. Contact Information

Part VII — Jurisdiction Addenda

A. United States (CCPA/CPRA + state laws + COPPA)   ·   B. Canada (PIPEDA + Quebec Law 25)   ·   C. South Korea (PIPA)   ·   D. Japan (APPI)   ·   E. European Union (GDPR + AI Act)   ·   F. United Kingdom (UK GDPR + ICO AADC)

PART I — KEY INFORMATION

1. About This Policy

1.1 Data Controller. Trueyogi Wellness Teknoloji Tic. A.Ş. (“Trueyogi”, “we”, “us”, or “our”) is the data controller for the personal data processed in connection with the DreamChaser mobile application (the “App” or “Service”).

1.2 Scope. This Privacy Policy explains how we collect, use, share, and protect personal data when you access or use the App on iOS or Android. It complements the DreamChaser Terms & Conditions and is incorporated into them by reference.

1.3 Contact for Privacy Matters. For any question, request, or complaint related to this Policy or your personal data, contact us at info@dreamchaser.app, with the subject line “Privacy Request”.

1.4 Commitment. Trueyogi is committed to processing personal data lawfully, fairly, and transparently. We implement appropriate technical and organizational measures to safeguard your data against unauthorized access, alteration, disclosure, or destruction.

2. Information We Collect

We collect the following categories of personal data, either because you provide them, because they are generated by your use of the App, or because we receive them from third parties:

CategoryExamplesSource
Identity DataUsername, date of birth, name (where provided)You provide at registration
Contact DataEmail addressYou provide at registration
Account AuthenticationPassword (hashed; we never see plaintext), social login tokenYou / Apple / Google
Astrology Personalization DataBirth date, birth time, birth place; partner name and birth details (where provided)You provide for analysis features
User ContentDreams, Suzan chat messages, journal entries, questions submitted to AI featuresYou submit voluntarily
Biometric DataFace photographs, palm photographsYou submit voluntarily; deleted ≤60 seconds after analysis (Section 10)
Device & Technical DataDevice model, OS version, app version, language, time zone, mobile advertising identifiers (IDFA/AAID), IP address (approximate)Auto-collected
Usage DataFeatures used, screens viewed, taps and clicks, session duration, crash diagnosticsAuto-collected via Firebase Analytics & Crashlytics
Subscription / Purchase DataSubscription tier, purchase history, in-app credits, receipt (transaction) IDAuto-collected via Apple/Google billing and RevenueCat
Advertising DataMobile advertising identifier (IDFA on iOS, AAID on Android), ad impressions, completionsAuto-collected, subject to platform consent (Apple ATT, Android consent)
Support CorrespondenceEmails sent to info@dreamchaser.app, support messagesYou provide

2.1 Information We Do NOT Collect. We do not collect health data, professional or occupational data, religious beliefs, political opinions, sexual orientation, or other special category data, except as expressly described in this Policy (Biometric Data) with your explicit consent.

2.2 Information from Third Parties. When you choose to register or sign in using Sign in with Apple or Sign in with Google, we receive an authentication identifier and, depending on your platform consent, your name and email address. We do not receive your password or other Apple/Google account information.

3. How We Use Your Information

We use the personal data we collect for the following purposes, each tied to a specific legal basis under applicable law:

PurposeCategories UsedLegal Basis (EU/UK)
Provide the App and AI featuresIdentity, Account, Astrology, User Content, Biometric, Device, UsageContract (Art. 6(1)(b)); Explicit Consent for Biometric (Art. 9(2)(a))
Process subscriptions and purchasesIdentity, Contact, Subscription/PurchaseContract (Art. 6(1)(b))
Send transactional notifications (purchase, account, security)Identity, Contact, DeviceContract (Art. 6(1)(b))
Send marketing communications and push notificationsIdentity, Contact, Usage, DeviceConsent (Art. 6(1)(a)); opt-out available
Show personalized advertisingAdvertising Data (IDFA/AAID), Usage, DeviceConsent via Apple ATT / Android consent (Art. 6(1)(a))
Analyze App usage and improve featuresUsage, Device, Crash diagnostics (aggregated/pseudonymized)Legitimate Interest (Art. 6(1)(f))
Detect and prevent fraud, abuse, security incidentsIdentity, Device, Usage, SubscriptionLegitimate Interest (Art. 6(1)(f)) and Legal Obligation (Art. 6(1)(c))
Comply with legal, tax, and accounting obligationsIdentity, Subscription/Purchase, Support CorrespondenceLegal Obligation (Art. 6(1)(c))
Respond to data subject requests and inquiriesIdentity, Contact, Support CorrespondenceLegal Obligation (Art. 6(1)(c))

4. Legal Bases for Processing (EU/UK GDPR)

4.1 If you are located in the European Economic Area, the United Kingdom, or other jurisdictions requiring a lawful basis for processing, we rely on the following legal bases:

  • Contract (Art. 6(1)(b) GDPR): processing necessary to perform our agreement with you, such as providing the App and your Subscription.
  • Consent (Art. 6(1)(a) GDPR): for marketing communications, push notifications, personalized advertising, and processing of Biometric Data; you may withdraw consent at any time without affecting prior processing.
  • Legitimate Interest (Art. 6(1)(f) GDPR): for improving the App, fraud and abuse prevention, security, and aggregate analytics. We balance our interests against your rights and freedoms.
  • Legal Obligation (Art. 6(1)(c) GDPR): for tax, accounting, and regulatory record-keeping.
  • Explicit Consent for Special Categories (Art. 9(2)(a) GDPR): for Biometric Data, processed on a session-only basis (Section 10).

PART II — SHARING & TRANSFER

5. Third-Party Service Providers & Subprocessors

We engage carefully selected third-party service providers (“subprocessors”) to deliver the App. Subprocessors process personal data only on Trueyogi’s documented instructions and under data processing agreements. The current categories of subprocessors are:

SubprocessorFunctionLocationTransfer Mechanism
Google LLC (Firebase, Cloud Messaging, Analytics, Crashlytics)Cloud infrastructure, push delivery, product analytics, crash reportingMulti-region: USA, EUEU Standard Contractual Clauses (SCCs); UK Addendum; Adequacy where applicable
Amazon Web Services (AWS) EMEACloud infrastructure (EU region: Frankfurt/Dublin)European UnionData stored within EU; no cross-border transfer required for EU data
RevenueCat, Inc.Subscription entitlement, customer lifecycle, in-app purchase verificationUSAEU/UK SCCs; DPA executed
Superwall, Inc.Paywall presentation, conversion experimentationUSAEU/UK SCCs; DPA executed
Liftoff Mobile, Inc. (Vungle / Unity Ads partner)In-app advertising mediation and monetizationUSA, EUEU/UK SCCs; IAB TCF where applicable
Apple Inc.App Store distribution, Sign in with Apple, In-App Purchase, push delivery via APNsMulti-regionApple’s published data protection terms; Sign in with Apple privacy-preserving by design
Anthropic, PBCAI processing — Claude family of modelsUSAEU/UK SCCs; DPA; data not used to train Anthropic models for our deployments
Alibaba Cloud (Singapore) Private LimitedAI processing — Qwen family of modelsSingapore (with regional routing)EU/UK SCCs; DPA
OpenAI OpCo, LLCAI processing — GPT family of modelsUSAEU/UK SCCs; DPA; API data not used for OpenAI model training

5.1 Subprocessors may change from time to time. Material changes will be reflected in updates to this Privacy Policy in accordance with Section 23.

5.2 Mandatory Disclosures. We may also disclose personal data to public authorities, courts, regulators, or law enforcement where required by applicable law or legal process, and to advisors (legal, accounting) under appropriate confidentiality obligations.

5.3 Business Transfers. In the event of a merger, acquisition, restructuring, or sale of all or part of Trueyogi’s business, personal data may be transferred to the successor entity, subject to the same level of protection set out in this Policy.

6. AI Processing Partners

6.1 The App’s AI features (Suzan chatbot, dream interpretation, astrology readings, face/palm analysis) rely on a hybrid of third-party AI service providers, currently Anthropic PBC (Claude), Alibaba Cloud (Qwen), and OpenAI OpCo, LLC (GPT).

6.2 What Is Sent. For each AI request, we transmit the relevant input (your message, dream text, photograph, or astrology parameters) to the chosen AI provider over an encrypted connection.

6.3 No Training. Each AI provider operates under a data processing agreement that, where applicable, prohibits the use of your inputs for training, fine-tuning, or otherwise improving the provider’s models. See Section 11 for our full no-training commitment.

6.4 Provider Retention. AI providers typically retain inputs for a short period (commonly up to 30 days) for abuse-monitoring and reliability purposes, in accordance with their own published policies. Trueyogi does not retain the inputs beyond your session.

6.5 Biometric Inputs. Face and palm photographs are transmitted to the AI provider for analysis and deleted by Trueyogi within sixty (60) seconds. See Section 10.

7. International Data Transfers

7.1 Personal data may be processed in locations outside your country of residence, including:

  • Türkiye (Trueyogi headquarters);
  • European Union (AWS EMEA, in Frankfurt and Dublin regions; Google Cloud EU regions);
  • United States (Google Cloud, RevenueCat, Superwall, Liftoff, Anthropic, OpenAI);
  • Singapore and other Asia-Pacific regions (Alibaba Cloud, Apple/Google CDN nodes).

7.2 Transfer Mechanisms. Where personal data is transferred from the European Economic Area, the United Kingdom, Switzerland, or other jurisdictions with cross-border transfer requirements, we rely on:

  • the European Commission’s Standard Contractual Clauses (2021/914);
  • the UK International Data Transfer Addendum to the EU SCCs;
  • the Swiss revFADP supplementary clauses, where applicable;
  • adequacy decisions, where applicable;
  • derogations under Article 49 GDPR (e.g., consent for the specific transfer) only in limited cases.

7.3 Supplementary Measures. We have evaluated the legal protections in destination countries and implemented technical (encryption in transit and at rest) and organizational measures (access controls, subprocessor commitments) to safeguard transferred data.

8. Advertising & Tracking Technologies

8.1 Mobile Advertising Identifiers. With your consent, the App may use your device’s mobile advertising identifier (IDFA on iOS, AAID on Android) to deliver personalized advertising through our ad mediation partner (Liftoff/Vungle).

8.2 Apple App Tracking Transparency (ATT). On iOS, before the App accesses your IDFA, Apple presents the App Tracking Transparency prompt. You may choose to allow or disallow tracking. If you disallow, you will continue to see ads, but they will be non-personalized.

8.3 Android Consent. On Android, you may reset or limit your AAID through device settings (“Reset Advertising ID” and “Opt out of Ads Personalization”). Where required by local law, we present an in-App consent prompt before collecting advertising identifiers.

8.4 Categories of Advertising Data. Where you consent, we and our advertising partners may collect: advertising identifier, ad impressions, view-throughs, completions, click events, app version, device type, and approximate location (derived from IP address).

8.5 Cross-Context Behavioral Advertising. Some of the data described above may be used by our advertising partners for cross-context behavioral advertising. Under California law (CCPA), this is classified as “sharing” of personal information. See Section 9 and Addendum A for your rights.

8.6 Opt-Out. You can opt out of personalized advertising at any time by changing device settings (Apple ATT or Android Ads Personalization), by contacting info@dreamchaser.app, or by using the in-App settings where available.

9. Sale or Share of Personal Information

9.1 No Sale for Money. Trueyogi does not sell personal data in exchange for monetary consideration.

9.2 “Share” Under CCPA. Trueyogi shares mobile advertising identifiers and certain related data with advertising partners for cross-context behavioral advertising, which is treated as “sharing” under the California Privacy Rights Act. California residents have the right to opt out of this sharing (see Addendum A).

9.3 Sensitive Personal Information. Biometric Data is treated as sensitive personal information under CCPA, EU GDPR Art. 9, and Korean PIPA. We process Biometric Data solely on a session-only basis (Section 10) and do not use it for inferring characteristics or for any purpose other than performing the analysis you requested.

PART III — DATA HANDLING

10. Biometric Data — Session-Only

10.1 Scope. Biometric Data means face and palm photographs that you voluntarily submit to the App for analysis features.

10.2 Voluntary and Explicit Consent. Submission of Biometric Data is voluntary. By submitting Biometric Data, you give us your explicit, informed, and specific consent (within the meaning of Art. 9(2)(a) GDPR and equivalent provisions in other jurisdictions) to process it for the purpose of generating the requested analysis.

10.3 Processing Steps. Biometric Data is:

(a) transmitted via encrypted connection to Trueyogi servers;

(b) forwarded to our AI processing partner for analysis;

(c) permanently deleted from Trueyogi servers and from the AI provider’s systems (to the extent required by our DPA) within sixty (60) seconds of analysis completion, and in any event no later than the end of your active session;

(d) never retained, archived, profiled, used for model training, or used for any other purpose.

10.4 Withdrawal of Consent. You may withdraw your consent to future Biometric Data processing at any time by ceasing to submit photographs. Because no Biometric Data is stored after the session, no separate deletion request is required for past submissions.

10.5 Use Restrictions. You agree to submit only photographs of yourself, and not photographs of any other person without their explicit prior consent. You must not submit photographs of children other than yourself.

11. No AI Training Commitment

11.1 Trueyogi makes the following binding commitment:

  • User Content — including dreams, Suzan chat messages, partner information, journal entries, and Biometric Data — is not used to train, fine-tune, or otherwise improve any artificial intelligence model, whether operated by Trueyogi or by any third party.
  • Our agreements with AI subprocessors include contractual prohibitions on such use, to the extent permitted by their standard terms and applicable law.
  • Aggregated, anonymized, or pseudonymized analytics (such as feature usage counts) may be used for App improvement but cannot be reasonably re-associated with any individual.

12. Data Retention

We retain personal data only as long as necessary for the purposes set out in this Policy, or as required by law. The following table summarizes our default retention periods. Specific periods may be extended where required by law (e.g., to defend legal claims):

Data CategoryRetention PeriodRationale
Account data (username, email, hashed password, date of birth)Duration of account + 30-day grace period after deletionContract performance; grace period for accidental deletion recovery
Subscription and billing records10 years from end of business relationshipTurkish Tax Procedural Law and accounting requirements
User Content (dreams, Suzan chats, journal entries)Until account deletion + 30-day grace periodContract performance
Biometric Data (face / palm photographs)≤60 seconds from analysis start; permanently deleted thereafterExplicit consent for session-only processing (Section 10)
Crash and diagnostic logs (Firebase Crashlytics)90 daysLegitimate interest in App stability
Analytics events (Firebase Analytics)14 months (default retention)Legitimate interest in product improvement
Marketing communication preferencesUntil opt-out, then deletion within 30 days (subject to legal retention obligations)Consent + legal record-keeping
Support correspondence2 years from last contactConsumer protection law
AI processing transient inputs (sent to AI providers)Per provider policy — typically ≤30 days at provider; not retained by Trueyogi beyond the sessionSubprocessor data processing agreements
Advertising and identifier data13 monthsIAB TCF default; legitimate interest with consent
Fraud-related recordsUp to 5 years where there is suspected or confirmed fraudulent activityLegitimate interest; legal obligation

12.1 Deletion After Retention. At the end of the applicable retention period, we delete or irreversibly anonymize the data. Backup systems may retain data for up to an additional 30 days before being overwritten in normal backup rotation.

13. Data Security

13.1 We implement appropriate technical and organizational measures to protect personal data, including:

  • TLS / SSL encryption for data in transit;
  • encryption at rest for sensitive stored data;
  • access controls and role-based permissions;
  • periodic security reviews and vulnerability assessments;
  • staff training on data protection;
  • contractual data protection commitments with all subprocessors.

13.2 Payment Data. Trueyogi does not collect or store payment card information. Payments are processed exclusively by Apple App Store and Google Play Store, which are responsible for their own payment security.

13.3 Your Responsibility. You are responsible for maintaining the confidentiality of your account credentials. Notify us immediately at info@dreamchaser.app if you suspect unauthorized access to your account.

14. Data Breach Notification

14.1 Detection and Response. If we become aware of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:

  • notify the competent supervisory authority within 72 hours of becoming aware, as required by Art. 33 GDPR and equivalent laws;
  • notify you directly without undue delay where the breach is likely to result in a high risk to your rights and freedoms, as required by Art. 34 GDPR;
  • provide reasonable details about the nature of the breach, the data categories affected, the likely consequences, and the steps taken or planned to address it.

PART IV — YOUR RIGHTS

15. Data Subject Rights

Subject to applicable law, you have the following rights regarding your personal data:

  • Right of Access: to obtain confirmation of whether we process your data and a copy of that data.
  • Right to Rectification: to have inaccurate data corrected without undue delay.
  • Right to Erasure (“Right to Be Forgotten”): to have your data deleted in certain circumstances.
  • Right to Restriction: to restrict processing of your data in certain circumstances.
  • Right to Data Portability: to receive your data in a structured, commonly used, machine-readable format and transmit it to another controller.
  • Right to Object: to object to processing based on legitimate interests, including for direct marketing.
  • Right to Withdraw Consent: where processing is based on consent, you may withdraw consent at any time, without affecting prior lawful processing.
  • Rights Related to Automated Decision-Making: see Section 22.
  • Right to Non-Discrimination: for exercising any of the rights above (relevant especially under CCPA).

16. Marketing & Push Notification Controls

16.1 Marketing Communications. With your consent, we may send promotional emails and in-App messages. You can opt out at any time by:

  • clicking the “unsubscribe” link in any marketing email;
  • adjusting communication preferences within the App;
  • emailing info@dreamchaser.app with subject line “Opt-Out”.

16.2 Push Notifications. The App may send push notifications, including (a) transactional notifications about your account or Subscription, and (b) with your consent, marketing notifications. You can disable push notifications at any time through your device settings.

16.3 Transactional Messages. Even after opt-out, we may send essential service messages (e.g., billing confirmations, security alerts, policy updates) for which consent is not required.

17. Cookies & SDK Tracking Technologies

17.1 In-App SDKs. The App embeds the following categories of software development kits (“SDKs”), each of which may collect device or usage data:

  • Firebase (Analytics, Cloud Messaging, Crashlytics, Remote Config) — essential for App operation and product analytics;
  • RevenueCat — Subscription management;
  • Superwall — paywall presentation;
  • Liftoff/Vungle — advertising mediation.

17.2 Web Use. If you visit a Trueyogi website, we may use cookies and similar technologies; a cookie banner will request your consent where required by ePrivacy and equivalent laws.

17.3 Managing Tracking. Mobile tracking can be managed through device settings (Apple ATT for iOS; “Reset Advertising ID” and “Opt out of Ads Personalization” for Android).

18. How to Exercise Your Rights

18.1 How to Submit a Request. Send an email to info@dreamchaser.app with subject line “Data Subject Request”. Describe which right you wish to exercise and provide enough information for us to verify your identity (typically the email address associated with your account).

18.2 Response Time. We respond to verified requests within thirty (30) calendar days. In complex cases, this period may be extended by up to sixty (60) additional days, in which case we will notify you of the reason for the extension within the initial 30 days.

18.3 Identity Verification. To protect your privacy, we may ask for additional verification before fulfilling a request. We do not require you to create an account to make a request.

18.4 Authorized Agents. You may designate an authorized agent to submit requests on your behalf (e.g., in California, Quebec); we will require proof of authorization and may contact you to confirm.

18.5 Free of Charge. Requests are processed free of charge, except where requests are manifestly unfounded or excessive, in which case we may charge a reasonable fee or decline the request, as permitted by law.

19. Right to Lodge a Complaint

19.1 If you believe your data protection rights have been violated, you may lodge a complaint with a supervisory authority in your country of residence, place of work, or place of alleged infringement. Below are the principal authorities for the markets in which we operate:

  • European Union — see Addendum E for member state authorities;
  • United Kingdom — Information Commissioner’s Office (ICO), https://ico.org.uk;
  • United States (California) — California Privacy Protection Agency (CPPA);
  • Canada — Office of the Privacy Commissioner; in Quebec, Commission d’accès à l’information;
  • Republic of Korea — Personal Information Protection Commission (PIPC);
  • Japan — Personal Information Protection Commission (PPC);
  • Türkiye — Kişisel Verileri Koruma Kurumu (KVKK).

PART V — SPECIAL CATEGORIES

20. Children’s Personal Information

20.1 Minimum Age. The App is not intended for children under thirteen (13) years of age, and we do not knowingly collect personal data from children under 13.

20.2 Jurisdiction-Specific Thresholds. Higher minimum ages apply in certain jurisdictions (parental consent required below):

  • European Union: 16 years (lower thresholds, as low as 13, may apply in certain Member States);
  • United Kingdom: 13 years;
  • Republic of Korea: 14 years;
  • Japan: 15 years;
  • United States: 13 years (use by under-13s is prohibited per COPPA).

20.3 Parental Inquiries and Deletion. If you are a parent or legal guardian and you believe your child has provided personal data to us in violation of the age restriction, please contact info@dreamchaser.app with subject line “Child Data Request”. We will promptly delete the relevant personal data and terminate the account.

20.4 COPPA — Verifiable Parental Consent. Where applicable, we obtain verifiable parental consent before collecting personal data from children, in accordance with the U.S. Children’s Online Privacy Protection Act. The current App is not configured to onboard users below the applicable minimum age.

21. Sensitive Personal Information

21.1 We process the following category of sensitive personal information, on the legal bases described:

  • Biometric Data (face / palm photographs) — explicit consent, session-only, deleted within 60 seconds (Section 10).

21.2 We do not process other categories of sensitive personal information (such as health, racial or ethnic origin, religious beliefs, sexual orientation, political opinions, trade union membership, or precise geolocation).

21.3 Right to Limit Use of Sensitive PI (California). California residents may limit the use of sensitive personal information; because Biometric Data is processed only to perform the analysis you requested and is deleted immediately, no further limitation is necessary. To raise an inquiry, contact info@dreamchaser.app.

22. Automated Decision-Making

22.1 AI-Generated Content. The App produces AI Content (dream interpretations, Suzan chatbot responses, astrology readings, face/palm analyses) using automated systems. This content is for entertainment purposes only and does not constitute a decision producing legal effects concerning you, or similarly significantly affecting you, within the meaning of Art. 22 GDPR.

22.2 EU AI Act Transparency. In accordance with Art. 50 of the EU Artificial Intelligence Act, you are clearly informed that you are interacting with an artificial intelligence system. The AI systems used in the App are not classified as high-risk under Annex III of the EU AI Act.

22.3 No Profiling for Decisions. We do not engage in profiling that produces legal or similarly significant effects on you. Cross-context behavioral advertising (Section 8) uses aggregated and pseudonymized signals and may be opted out of at any time.

PART VI — ADMINISTRATIVE

23. Changes to This Policy

23.1 We may update this Privacy Policy from time to time. For material changes affecting how we collect, use, or share personal data, we will give at least thirty (30) days’ advance notice via in-App notification or email.

23.2 The current version number and effective date are shown on the title page and in Section 25. Earlier versions are retained for record-keeping and may be requested by contacting info@dreamchaser.app.

24. Links to Third-Party Sites

24.1 The App and our communications may contain links to third-party websites, applications, or services that are not owned or controlled by Trueyogi. We are not responsible for the privacy practices or content of these third parties. We encourage you to review their privacy policies before providing them with personal data.

25. Contact Information

25.1 For any privacy-related question, request, or complaint, please contact:

Trueyogi Wellness Teknoloji Tic. A.Ş.

Mustafa Kemal Mh. Dumlupınar Blv. No:280G/1260

Çankaya, Ankara, Türkiye

Trade Registry No: 433983

Email: info@dreamchaser.app

25.2 We will respond to verified requests within the timeframes set out in Section 18. For urgent matters, please mark your email as “Urgent — Privacy”.

25.3 Version. This Privacy Policy is Version 2.0, effective 13 May 2026, superseding all prior versions.

PART VII — JURISDICTION ADDENDA

The following addenda apply only to residents of the corresponding jurisdictions. They form an integral part of this Privacy Policy and prevail over conflicting provisions of Parts I–VI to the extent required by local law.

Addendum A — United States Residents

A.1 COPPA — Children Under 13

The App is not directed to children under thirteen (13). Trueyogi does not knowingly collect personal data from children under 13. Parents who believe their child has provided personal data may contact info@dreamchaser.app with subject “Child Data Request”; we will delete the data and terminate the account.

A.2 California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA)

California residents have the following rights, in addition to the rights described in Section 15:

  • Right to Know: request the categories and specific pieces of personal information we have collected, sold, shared, or disclosed in the prior twelve (12) months, including categories of sources and recipients.
  • Right to Delete: request deletion of your personal information, subject to legal retention exceptions.
  • Right to Correct: request correction of inaccurate personal information.
  • Right to Opt Out of Sale or Sharing: Trueyogi does not sell personal information for monetary consideration. Trueyogi shares mobile advertising identifiers with advertising partners for cross-context behavioral advertising (CCPA “sharing”). To opt out, email info@dreamchaser.app with subject line “Do Not Sell or Share My Personal Information” or use the in-App opt-out where available.
  • Right to Limit Use of Sensitive Personal Information: Biometric Data is processed session-only and deleted within 60 seconds, satisfying any practical limitation.
  • Right to Non-Discrimination: Trueyogi will not discriminate against you for exercising these rights.

Authorized agents may submit requests with proper documentation. Trueyogi responds within 45 days, with up to 45 days additional time when necessary.

A.3 Other US State Privacy Laws

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Oregon (OCPA), Montana (MCDPA), Iowa (ICDPA), Tennessee (TIPA), and other US states with comprehensive privacy laws are granted equivalent rights to those described above, in accordance with their respective state laws.

A.4 Notice at Collection (California)

Trueyogi collects the categories of personal information described in Section 2 for the purposes described in Section 3. We retain personal information for the periods set out in Section 12. We do not sell personal information for monetary consideration. We share certain identifiers for cross-context behavioral advertising as described in Section 8. You may exercise your rights as set out above.

Addendum B — Canada Residents

B.1 PIPEDA

Trueyogi processes personal information of Canadian residents in accordance with the Personal Information Protection and Electronic Documents Act and applicable provincial legislation. Canadian residents have the rights of access, correction, and complaint as described in Sections 15, 18, and 19.

B.2 Quebec Law 25

Quebec residents have the following additional rights:

  • right to receive personal information in a structured, commonly used technological format (data portability);
  • right to deindexation of personal information;
  • right to be informed about automated decision-making (see Section 22);
  • right to request a French-language version of this Privacy Policy by emailing info@dreamchaser.app.

The designated privacy contact for Quebec residents is info@dreamchaser.app.

Addendum C — South Korea Residents (PIPA)

C.1 Personal Information Processing Information

  • Personal information processor (controller): Trueyogi Wellness Teknoloji Tic. A.Ş.
  • Purpose of processing: providing AI-based entertainment services as described in Section 3.
  • Retention periods: as set out in Section 12 above, including 60-second processing for Biometric Data.

C.2 Items of Personal Information Collected

Refer to the table in Section 2. Items considered “sensitive personal information” under PIPA are limited to Biometric Data, processed on the basis of separate explicit consent.

C.3 Data Subject Rights (PIPA)

Korean residents may exercise the following rights by contacting info@dreamchaser.app:

  • right to access personal information;
  • right to correct or delete personal information;
  • right to suspend processing;
  • right to revoke consent at any time.

C.4 Cross-Border Transfer

Personal information of Korean residents may be transferred to Türkiye, the European Union, the United States, Singapore, and other jurisdictions where Trueyogi or its subprocessors operate. Trueyogi takes appropriate safeguards, including data processing agreements and contractual data protection terms equivalent to PIPA standards. By using the Service, you provide your consent to such transfers as required by PIPA Article 28-8.

C.5 Chief Privacy Officer Contact

Pending the designation of a Chief Privacy Officer in Korea, the primary contact for Korean residents’ privacy matters is info@dreamchaser.app, with subject line “Korea Privacy Request”.

C.6 Age of Consent

Users under fourteen (14) years of age may not register or use the Service without the verifiable consent of a legal guardian.

Addendum D — Japan Residents (APPI)

D.1 Personal Information Handling Business Operator

Trueyogi Wellness Teknoloji Tic. A.Ş. acts as the Personal Information Handling Business Operator under the Japanese Act on the Protection of Personal Information (APPI).

D.2 Purpose of Use

Personal information is used to provide the AI-based entertainment services described in Section 3, to communicate with Users, to enforce the Terms & Conditions, and to comply with applicable law.

D.3 Cross-Border Transfer

Personal information may be transferred to Türkiye, the United States, the European Union, the Republic of Korea, Singapore, and other jurisdictions where Trueyogi’s subprocessors operate. By using the Service, you provide consent to such transfers as required by APPI Article 28. Trueyogi maintains contractual safeguards equivalent to APPI standards with all subprocessors.

D.4 Data Subject Rights (APPI)

Japanese residents may exercise the following rights by contacting info@dreamchaser.app:

  • right of disclosure;
  • right of correction, addition, and deletion;
  • right to suspend use or to erase;
  • right to suspend provision to third parties.

D.5 Age of Consent

Users under fifteen (15) years of age require the consent of a parent or legal guardian to use the Service.

Addendum E — European Union Residents (GDPR + AI Act)

E.1 Data Controller

Trueyogi Wellness Teknoloji Tic. A.Ş., contactable at info@dreamchaser.app, is the data controller for the processing of personal data of EU residents.

E.2 Legal Bases for Processing

See Section 4 above.

E.3 Special Category Data (Article 9)

Biometric Data is processed on the basis of your explicit consent (Article 9(2)(a)) and is permanently deleted within sixty (60) seconds of analysis completion (Section 10).

E.4 Data Subject Rights

EU residents have all rights described in Section 15. To exercise these rights, contact info@dreamchaser.app.

E.5 Supervisory Authorities

EU residents may lodge complaints with the national data protection supervisory authority of their habitual residence. A list of authorities is maintained by the European Data Protection Board at https://edpb.europa.eu/about-edpb/about-edpb/members_en.

E.6 EU AI Act Transparency

In accordance with Article 50 of the EU AI Act, you are clearly informed that the App uses AI systems for chatbot interaction (Suzan), content generation (dream interpretation, astrology, Tarot), and biometric image analysis (face/palm). The AI systems used in the App are not classified as high-risk under Annex III of the EU AI Act.

E.7 EU Contact Point

Pending the appointment of a representative under Article 27 of the GDPR, all EU data protection inquiries shall be directed to info@dreamchaser.app. Trueyogi acts as the primary point of contact for EU data protection matters during this period.

Addendum F — United Kingdom Residents (UK GDPR + ICO AADC)

F.1 UK GDPR

UK residents have the same data subject rights as EU residents (see Addendum E), exercisable by contacting info@dreamchaser.app.

F.2 Age Appropriate Design Code

In line with the ICO’s Age Appropriate Design Code, the App applies the following measures for Users under eighteen (18):

  • privacy-protective default settings;
  • minimization of data collection to what is strictly necessary;
  • clear, age-appropriate transparency notices;
  • no use of nudge techniques to encourage data sharing;
  • no profiling switched on by default;
  • geolocation off by default.

F.3 Supervisory Authority

UK residents may lodge complaints with the Information Commissioner’s Office (ICO) at https://ico.org.uk.

F.4 UK Contact Point

Pending the appointment of a representative under the UK GDPR, all UK data protection inquiries shall be directed to info@dreamchaser.app. Trueyogi acts as the primary point of contact for UK data protection matters during this period.

Acknowledgment

By accessing or using the DreamChaser application, you acknowledge that you have read and understood this Privacy Policy, including all Jurisdiction Addenda applicable to your country of residence.

For any privacy-related question or request, please contact:

Trueyogi Wellness Teknoloji Tic. A.Ş.

Mustafa Kemal Mh. Dumlupınar Blv. No:280G/1260

Çankaya, Ankara, Türkiye

Trade Registry No: 433983

Email: info@dreamchaser.appEND OF PRIVACY POLICY — VERSION 2.0 — EFFECTIVE 13 MAY 2026