PRIVACY POLICY

Last Updated: April 2026

1. Introduction

Landcore OÜ (“Company,” “we,” “us,” or “our”), a company registered in Estonia (Registry Code: 17268422), operates Soul Aura (“Service”) accessible at soulaura.ai. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.

This policy complies with the European Union General Data Protection Regulation (GDPR) including 2025 procedural reforms, and the California Consumer Privacy Act as amended by CPRA (effective regulations September 2025).

 

2. Data Controller

Data Controller: Landcore OÜ

Location: Estonia, European Union

Email: info@soulaura.ai

 

3. Information We Collect

3.1 Information You Provide

When you use our Service, you may provide us with:

• Full name (for numerology calculations — sound frequency analysis)

• Date of birth (for numerology calculations — life path and cycle analysis)

• Email address (for report delivery)

• Payment information (processed by third-party payment processors)

 

3.2 Automatically Collected Information

We automatically collect certain information when you visit our website:

• IP address and approximate location

• Browser type and version

• Device information

• Pages visited and time spent

• Referring website

• Cookie data — only with your prior consent (see Section 11)

 

4. How We Use Your Information

We use your information for the following purposes:

• To generate your personalized numerology report

• To deliver your report via email

• To process payments

• To respond to your inquiries

• To improve our Service

• To comply with legal obligations

 

5. Legal Basis for Processing (GDPR — Article 6)

Under GDPR, we process your data based on:

• Contract Performance (Art. 6(1)(b)): To fulfill our agreement to provide you with a numerology report

• Legitimate Interests (Art. 6(1)(f)): To improve our services and ensure security

• Consent (Art. 6(1)(a)): For marketing communications and cookie-based analytics (where applicable)

• Legal Obligation (Art. 6(1)(c)): To comply with applicable laws

 

6. Automated Processing and Profiling (GDPR — Article 22)

Soul Aura uses an AI-assisted system to generate personalized numerology reports based on your name and date of birth. This constitutes automated processing as defined under GDPR Article 22.

Logic used: Your name is analyzed using established numerological letter-to-number mapping (Pythagorean system). Your date of birth is reduced to core numerological values (Life Path, Personal Year, Destiny). These are cross-referenced against our 779-chunk numerological knowledge base to produce a personalized narrative report.

Significance and consequences: The report provides personal insight and guidance. It does not produce legal effects or similarly significant decisions. No automated decision is made that affects your legal rights or produces binding outcomes.

Your rights: You have the right to request human review of your report, to express your point of view, and to contest the output. Contact us at info@soulaura.ai to exercise this right.

 

7. Data Sharing and Third Parties

We may share your information with:

• Payment Processors: Shopify Payments, PayPal, Stripe (for transaction processing)

• Email Service Providers: For report delivery

• Analytics Providers: Google Analytics — only with your cookie consent, with IP anonymization enabled

• Legal Authorities: When required by law

We do not sell your personal data to third parties.

 

8. International Data Transfers

As an Estonia-based company within the European Union, your data is primarily processed within the EEA. When data is transferred outside the EEA, we ensure appropriate safeguards are in place:

• Standard Contractual Clauses (SCCs) approved by the European Commission

• Transfer Impact Assessments (TIAs) as required under 2025 GDPR enforcement guidelines

• EU-U.S. Data Privacy Framework compliance where applicable

 

9. Data Retention

We retain your data for the following periods:

• Generated PDF report: Not stored — delivered to customer only, not retained on our servers

• Report generation data (name, date of birth): Deleted 14 days after delivery

• Order and transaction data: 7 years (legal requirements)

• Email address: 7 years (with order records)

• Analytics data: 26 months (only if cookie consent granted)

 

10. Data Security and Breach Notification

We implement appropriate technical and organizational measures to protect your personal data, including SSL/TLS encryption, secure payment processing, access controls, and regular security assessments.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon — AKI) within 72 hours of becoming aware of the breach, in accordance with GDPR Article 33.

Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay, in accordance with GDPR Article 34.

 

11. Cookie Policy and Consent

We use cookies and similar tracking technologies on our website. Cookies are only placed after you have given your explicit consent via our cookie banner.

Categories of cookies we use:

• Strictly necessary cookies: Required for the website to function. No consent required.

• Analytics cookies (Google Analytics): Used to understand how visitors interact with our website. Only activated upon your consent. IP anonymization is enabled.

• Marketing cookies: Used for remarketing purposes. Only activated upon your consent.

You may withdraw your cookie consent at any time by clicking the cookie settings link in the footer of our website. Withdrawing consent does not affect the lawfulness of processing carried out before withdrawal.

 

12. Your Rights

12.1 Rights Under GDPR (EU/EEA Residents)

• Right of Access (Art. 15): Request copies of your personal data

• Right to Rectification (Art. 16): Request correction of inaccurate data

• Right to Erasure (Art. 17): Request deletion of your data

• Right to Restrict Processing (Art. 18): Request limitation of processing

• Right to Data Portability (Art. 20): Receive your data in a portable format

• Right to Object (Art. 21): Object to processing based on legitimate interests

• Right not to be subject to automated decision-making (Art. 22): Request human review of automated report generation

• Right to Lodge a Complaint (Art. 77): Contact the Estonian Data Protection Inspectorate (AKI) at www.aki.ee, email: info@aki.ee, address: Tatari 39, 10134 Tallinn, Estonia

We will respond to your request within 30 days of receipt.

 

12.2 Rights Under CCPA/CPRA (California Residents)

Updated per September 2025 CPPA regulations (effective January 2026):

• Right to Know (§1798.100): What personal information we collect and how it’s used

• Right to Delete (§1798.105): Request deletion of your personal information

• Right to Correct (§1798.106): Request correction of inaccurate personal information

• Right to Opt-Out (§1798.120): Opt out of sale/sharing of personal information (Note: We do not sell or share data for cross-context behavioral advertising)

• Right to Limit Use of Sensitive Personal Information (§1798.121): Your date of birth is classified as sensitive personal information under CPRA. Its use is strictly limited to generating your numerology report. You may request further limitation by contacting us at info@soulaura.ai

• Right to Non-Discrimination (§1798.125): Equal service regardless of exercising your rights

 

To exercise your CCPA/CPRA rights, contact us at info@soulaura.ai. We will respond within 45 days of receiving your verifiable consumer request. If additional time is required, we will notify you within the initial 45-day period and may extend our response by an additional 45 days.

Do Not Sell or Share My Personal Information: We do not sell or share your personal information. A “Do Not Sell or Share My Personal Information” link is available in the footer of our website for California residents.

 

13. Children’s Privacy

Our Service is not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately at info@soulaura.ai.

 

14. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the new policy on our website and updating the “Last Updated” date. For significant changes, we will provide additional notice such as an email notification.

 

15. Contact Us

For privacy-related inquiries or to exercise your rights:

• Email: info@soulaura.ai

• Company: Landcore OÜ

• Location: Estonia, European Union

• Response time: Within 30 days (GDPR) / 45 days (CCPA)

 

For complaints regarding our data processing practices, you may also contact:

• Estonian Data Protection Inspectorate (AKI): www.aki.ee | info@aki.ee | Tatari 39, 10134 Tallinn, Estonia

• California Privacy Protection Agency (CPPA): cppa.ca.gov (for California residents)