Privacy Policy

Last updated: March 2025

1. Introduction

AstroLogAI ("we", "us", "our") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect information when you use our Service at astrologa.bg. We comply with the EU General Data Protection Regulation (GDPR) and applicable Bulgarian data protection law.

2. Data Controller

The data controller for your personal data is AstroLogAI. For data protection inquiries, contact us at: privacy@astrologa.bg

3. Data We Collect

We collect the following categories of personal data:

Account data: Email address, name (optional), password (hashed — never stored in plain text)
Birth data: Date, time, and place of birth — required to generate accurate natal charts. This is sensitive data used solely to provide astrological calculations.
Usage data: Pages visited, features used, session duration — collected via PostHog analytics to improve the Service.
Payment data: Transaction records processed by Stripe. We do not store card details — these are handled entirely by Stripe.
Communications: Support emails and in-app messages you send to us.

4. Legal Basis for Processing

Contract performance: Processing your birth data to generate charts and readings you request
Legitimate interests: Analytics to improve the Service, fraud prevention, security
Legal obligation: Retaining transaction records as required by law
Consent: Marketing communications (you may withdraw consent at any time)

5. How We Use Your Data

Generate natal charts, horoscopes, and astrological readings
Manage your account and subscription
Send transactional emails (account verification, payment receipts)
Improve the Service through aggregated usage analytics
Detect and prevent fraud or abuse
Comply with legal obligations

6. Data Sharing

We share your data only with:

Supabase: Authentication and database hosting (EU region)
Stripe: Payment processing (GDPR-compliant)
PostHog: Privacy-friendly analytics
Resend: Transactional email delivery

We do not sell your personal data to third parties.

7. Data Retention

We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law (e.g., financial records retained for 5 years per Bulgarian accounting law).

8. Your Rights (GDPR)

Under GDPR, you have the right to:

Access: Request a copy of your personal data
Rectification: Correct inaccurate data
Erasure: Request deletion of your data ("right to be forgotten")
Restriction: Limit processing of your data
Portability: Receive your data in a machine-readable format
Object: Object to processing based on legitimate interests
Withdraw consent: For any processing based on consent

To exercise your rights, email privacy@astrologa.bg. We will respond within 30 days. You also have the right to lodge a complaint with the Bulgarian Commission for Personal Data Protection (CPDP) at cpdp.bg.

9. Cookies

We use essential cookies for authentication session management and analytics cookies (PostHog) to understand how the Service is used. You can control analytics cookies through your browser settings or by contacting us.

10. Data Security

We implement industry-standard security measures including HTTPS encryption, hashed passwords, and access controls. No method of transmission over the internet is 100% secure; we cannot guarantee absolute security but take reasonable steps to protect your data.

11. Children's Privacy

The Service is not directed to individuals under 16. We do not knowingly collect personal data from children under 16. If you believe we have collected such data, contact us immediately.

12. Changes to This Policy

We may update this Privacy Policy. We will notify you of significant changes by email and post the updated policy with a new "Last updated" date. Continued use of the Service after changes constitutes acceptance.

13. Contact

For privacy questions or to exercise your rights: privacy@astrologa.bg