Privacy Policy
Last updated: 2026-06-29
1. Information We Process
When you sign in with Google, Spicy Fortune processes the Firebase Authentication identifier, email, display name, and profile image provided by Google.
To create fortune reports, we may process birth date, birth time, gender, calendar type, selected menu, security token, and access logs.
For Chili and purchases, we keep payment identifiers, Chili balance, purchase history, use history, report unlock records, and refund or support records.
2. Purposes
We use this information to verify Google login, identify the account, show Chili balance and purchase history, deliver paid reports, prevent duplicate use, process refunds/support, prevent abuse, and meet legal obligations.
Birth inputs are used for saju calculation and report generation. They are not used to provide medical, legal, investment, or other professional advice.
3. Processors and Providers
Google Firebase services, including Firebase Authentication, Cloud Functions, and Firestore, are used for login, server verification, and ledger storage.
When real payment approval is enabled, Payletter or another payment provider may process payment approval, cancellation, and refunds.
For report wording, selected chart evidence and necessary inputs may be sent from our server to LLM providers such as OpenRouter or Google Gemini. Service account keys, admin privileges, and full ledger data are not exposed to the frontend or LLM providers.
4. Retention and Deletion
Account, Chili ledger, payment, and refund records are retained as needed for transaction verification, dispute handling, and legal obligations.
Report inputs and results may be retained as needed for paid content delivery, re-access, customer support, and abuse prevention. When no longer needed, data is deleted or de-identified.
5. Security
Firebase web app keys are public identifiers, not secrets. Spicy Fortune blocks client-side Firestore reads/writes and reads/writes wallet and purchase records only through Cloud Functions Admin SDK.
Wallet APIs verify Firebase ID tokens, require Google sign-in, and process only the authenticated user's own records.
Review Chili Records
When review Chili is issued, the Google login identifier, Chili quantity, grant/use time, balance changes, payment reference ID, and ledger records are stored in Firestore. This information is processed for reviewer access, ledger display, duplicate grant prevention, abuse prevention, and customer support.
6. Your Rights and Contact
You may request access, correction, deletion, suspension, or account/payment support. Transaction records required by law may be retained for the required period.
For privacy questions, contact us at: