BackNatalChart.AI

Legal

Privacy Policy

Last updated: April 30, 2026

NatalChart.AI (“we”, “our”, “us”) provides AI-assisted natal chart calculations and astrology readings. This Privacy Policy explains what personal data we collect, why we collect it, how we share it, and your rights under data-protection laws including the EU/UK General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA/CPRA”).

For privacy questions or to exercise your rights, contact us at privacy@natalchart.ai.

1. Data we collect

  • Account data — email address, authentication identifiers (Google OAuth subject, magic-link tokens), display name and avatar URL when you sign in with a third-party provider.
  • Birth data — date, time, latitude/longitude and place name you submit to generate a natal chart. Birth time is optional but improves accuracy.
  • Chat content — messages you send to the AI and the AI's responses, along with the chart context they were grounded on.
  • Billing data — Stripe customer ID, plan, and subscription status. We do not store full card numbers; payment card data is handled entirely by Stripe.
  • Usage data — page views, feature events, IP address (anonymised in Google Analytics), browser/device info, approximate location derived from IP.
  • Diagnostics — crash reports and performance traces via Sentry.

2. How we use data (purposes & legal bases)

  • Provide the service — calculate charts, render AI readings, persist your account and history. Legal basis: performance of the contract.
  • Billing — process subscriptions and prevent fraud. Legal basis: contract & legitimate interest.
  • Product improvement & security — debug errors, monitor abuse, optimise reliability. Legal basis: legitimate interest.
  • Analytics — measure aggregate usage. Legal basis: consent (you can decline via the cookie banner).
  • Communications — service emails (sign-in codes, billing receipts) and, with your consent, occasional product updates. Legal basis: contract & consent.

We do not sell your personal information and we do not use your chat content to train third-party models.

3. Third-party processors

We share data only with vetted processors that act on our instructions under data-processing agreements:

  • Supabase — authentication and database (EU/US regions).
  • Stripe — payment processing and subscription billing.
  • Google (Gemini API) — AI inference for readings and chat. Gemini API requests are not used to train Google's models per the Gemini API terms.
  • Google Analytics 4 — aggregate web analytics, with IP anonymisation and Consent Mode v2.
  • Vercel — application hosting and edge delivery.
  • Sentry — error monitoring and performance tracing.
  • Resend — transactional email delivery.

4. International transfers

Some processors are based in the United States. Where data leaves the EU/UK we rely on the European Commission's Standard Contractual Clauses and, where applicable, the EU-US Data Privacy Framework, to ensure an adequate level of protection.

5. Retention

  • Account & chart data — retained while your account is active. On deletion, removed within 30 days (excluding lawful retention obligations).
  • Chat history — retained while your account is active; you can clear it from settings at any time.
  • Billing records — retained for up to 7 years to meet tax and accounting obligations.
  • Diagnostics & analytics — retained for up to 14 months in aggregated form.

6. Your rights

Depending on where you live, you have the right to:

  • Access the personal data we hold about you;
  • Rectify inaccurate or incomplete data;
  • Erase your data (the “right to be forgotten”);
  • Restrict or object to processing;
  • Data portability — receive your data in a machine-readable format;
  • Withdraw consent at any time, without affecting prior lawful processing;
  • Lodge a complaint with your local supervisory authority.

To exercise these rights, email privacy@natalchart.ai. We respond within 30 days.

7. Cookies & tracking

We use a minimal set of essential cookies (authentication, theme, consent state) and, with your consent, analytics cookies for GA4. See our Cookies Policy for the full list and your choices.

8. Children

NatalChart.AI is not directed to children under 16, and we do not knowingly collect personal data from them. If you believe a child has provided us with personal data, please contact privacy@natalchart.ai and we will delete it.

9. Security

We use industry-standard safeguards including encryption in transit (TLS), encryption at rest, role-based database access (RLS), and audit logging. No system is perfectly secure; if you believe your account has been compromised, contact contact@natalchart.ai.

10. Changes to this policy

We'll update the “Last updated” date and, for material changes, notify you by email or in-app notice before the changes take effect.

11. Contact & data controller

The data controller is the operator of NatalChart.AI. For all privacy enquiries, including requests under GDPR or CCPA/CPRA, email privacy@natalchart.ai.