Payments are running in Stripe test mode.
Lenormand Home

Legal

Privacy Policy

Last updated: 5 July 2026

This Privacy Policy explains what personal data Lenormand Online collects, why we collect it, and your rights over it. This page is maintained by Alina for Lenormand Online. It is not a legal certification. For questions, email oracol.lenormand@gmail.com.

Who we are

Lenormand Online (https://start.lenormand.online) is operated by Monkey Mind SRL, Sector 2, București, România — CUI 35921997, based in Romania. We are the data controller for the personal data described here.

What we collect

When you request a reading we collect:

  • Your first name (used to address the reading).
  • Your email address (used to deliver the reading).
  • Your optional note or question.
  • The Lenormand spread you generated on the site (card positions), if you attached it.
  • Payment metadata returned by Stripe (order ID, amount, country). We never see or store your card details.

We do not create user accounts, do not use tracking cookies, and do not run third-party analytics beyond what Stripe uses to process the payment.

Why we use it

  • To prepare and deliver your personal reading by email.
  • To answer questions you send us about a reading.
  • To meet legal obligations (invoicing, accounting, tax records).

We do not use your data for marketing, profiling, or automated decision-making.

Legal basis (GDPR)

  • Contract — to deliver the reading you paid for.
  • Legal obligation — to keep invoices/records as required by law.
  • Legitimate interest — to reply to your emails and prevent fraud.

Who we share it with (subprocessors)

  • Stripe, Inc. — payment processing.
  • Google (Gmail) — receiving and sending reading emails.
  • Lovable / Cloudflare — website hosting and content delivery.

We do not sell, rent, or trade your personal data with anyone.

How long we keep it

Emails and reading notes are kept for up to 24 months so we can respond if you contact us again. Invoicing data is kept as long as tax law requires (in Romania, typically 10 years).

Your rights

Under GDPR you can request access, correction, deletion, restriction, portability, or object to processing. Write to oracol.lenormand@gmail.com and we will respond within 30 days. You may also lodge a complaint with your local data protection authority (in Romania: ANSPDCP, dataprotection.ro).

Security

Payments are handled by Stripe over HTTPS. The site is served over HTTPS. We limit access to reading data to the reader herself. No system is 100% secure; if we learn of a breach that affects you we will contact you promptly.

Changes to this policy

If we update this policy we will change the "last updated" date above. Material changes will be announced on the home page.