Return to home

Privacy Policy

Read how Thessa handles minimal website and support data.

March 29, 2026Download on theApp Store
Privacy PolicyTerms of Service

Who We Are

Thessa is a mobile oracle application developed by Berk Torun. This Privacy Policy explains how we collect, use, and protect your personal information when you use Thessa.

Data We Collect

Account information: If you register with email and password, we collect your email address and a securely hashed password. If you sign in with Google, we receive your Google account email address and display name via OAuth.

Purchase data: When you purchase Thessa Infinite, RevenueCat processes and stores your transaction identifiers and entitlement status on our behalf. We do not store credit card or payment details.

Advertising identifiers: With your explicit consent through Apple's App Tracking Transparency (ATT) prompt, Google AdMob may collect your device's advertising identifier (IDFA) to serve personalized advertisements. If you decline, non-personalized ads are shown instead and no IDFA is collected.

Usage data: Your daily oracle answer count and most recent answer are stored locally on your device through shared app storage (App Group). This data is not transmitted to our servers.

Device information: AdMob may collect limited device metadata such as device model and operating system version for ad delivery and fraud prevention purposes.

How We Use Your Data

  • To authenticate you and maintain your account (Supabase)
  • To manage your Thessa Infinite entitlement (RevenueCat)
  • To display relevant or non-personalized advertisements (Google AdMob)
  • To process promotional code redemptions (Supabase Edge Functions)

We do not sell, rent, or trade your personal data to third parties.

Third-Party Services

Supabase (supabase.com): Provides authentication and database services. Data may be stored on servers located within the European Union.

RevenueCat (revenuecat.com): Manages in-app purchases and entitlements. Subject to RevenueCat's Privacy Policy.

Google AdMob (admob.google.com): Serves mobile advertisements. Subject to Google's Privacy Policy. Personalized ads require ATT consent.

Google Sign-In (accounts.google.com): Provides OAuth authentication. Subject to Google's Privacy Policy.

Data Retention

Your account data is retained for as long as your account is active. You may permanently delete your account and all associated data at any time through Settings -> Delete Account. Local device data (last answer, widget content) is cleared on account deletion and on fresh app installation.

Your Rights

Under the General Data Protection Regulation (GDPR) for EU/EEA residents and the Law on the Protection of Personal Data (KVKK, Law No. 6698) for residents of Turkey, you have the right to access, correct, restrict the processing of, or request deletion of your personal data. To exercise any of these rights, contact us at support@thessa.app.

Children

Thessa is not directed at children under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal information, please contact us so we can delete it.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of material changes by updating the effective date above. Continued use of the app following any changes constitutes your acceptance of the revised policy.

Contact

For privacy-related inquiries: support@thessa.app