Privacy Policy
Last updated: March 1, 2026
1. General Information
Astraly (“Service”, “we”) is an astrology web service at astraly.app, operated by individual Maksym Olliinyk, Batumi, Georgia.
We take your privacy seriously. This Policy explains what data we collect, how we use it, and what rights you have regarding your data.
For all privacy-related questions: support@astraly.app
2. What Data We Collect
Registration and Login Data
- Email address
- Password (stored encrypted; we have no access to it)
- Google account data when using OAuth: name, email, profile photo
Astrological Data
- Name (display name)
- Date of birth
- Time of birth (optional)
- City of birth
- Geographic coordinates (automatically calculated from city for chart calculation)
This data is required for natal chart calculation — the core function of the Service.
Usage Data
- Chat history with AI astrologer
- Selected subscription plan and payment status
- Account settings (language, theme, notifications)
Technical Data
- Session cookies for authentication
- IP address (stored by cloud infrastructure provider automatically)
- Browser and device information (standard HTTP headers)
3. How We Use Your Data
- Providing the Service: natal chart calculation, horoscopes, AI responses
- Account management: authentication, saving settings
- Payment processing: transmitting required data to Paddle (we don't store card data)
- Service improvement: aggregated usage analytics (in the future — via Google Analytics)
- Notifications: email when corresponding settings are enabled
4. Legal Basis (GDPR)
- Contract: data necessary to provide the Service
- Legitimate interest: security, fraud protection
- Consent: analytics and marketing cookies (can be withdrawn at any time)
5. Third Parties
We use the following providers, all compliant with GDPR requirements:
| Provider | Purpose | Country |
|---|---|---|
| Supabase | Database, authentication | USA |
| Anthropic (Claude AI) | AI astrologer responses | USA |
| Google (OAuth) | Google sign-in | USA |
| Google Analytics | Usage analytics (inactive) | USA |
| Google Ads | Advertising (inactive) | USA |
| Paddle | Payment processing | UK |
| Resend | Email notifications | USA |
6. Cookies
See our Cookie Policy for details. In brief:
- Necessary: session and language preferences — the Service cannot function without them
- Analytics (inactive): Google Analytics
- Marketing (inactive): Google Ads — activated only with your explicit consent
7. Your Rights
- Access: request a copy of your personal data
- Rectification: update inaccurate data via account settings
- Erasure: request deletion of account and all associated data
- Portability: receive your data in machine-readable format
- Restriction: request suspension of data processing
- Objection: object to processing based on legitimate interest
- Withdrawal of consent: withdraw consent for cookies at any time
To exercise your rights, write to support@astraly.app — we will respond within 30 days.
8. Data Retention
- Account data is stored while the account is active
- Chat history: up to 2 years from last account use
- Upon account deletion, all personal data is deleted within 30 days
9. Security
- Encryption in transit (HTTPS/TLS)
- Password hashing (bcrypt)
- Isolated database with access control
10. Children
The Service is intended for persons aged 13 and older. We do not intentionally collect data from children under 13.
11. Changes
For significant changes we will notify you by email or in the Service. Continued use means acceptance of the updated Policy.
12. Contact
Email: support@astraly.app
Operator: Maksym Olliinyk, Batumi, Georgia