Legal

Privacy Policy

Last updated · April 26, 2026

The short version: your chart and your journal are yours. We don’t sell your data, we don’t use it to train third-party AI models, and we collect the minimum we need to show you the sky.

1. Who we are

Astra (“Astra”, “we”, “us”, “our”) is the data controller for the personal information we process about you when you use our service. You can reach our team at Privacy@astra.guide.

2. Scope of this policy

This Privacy Policy applies to information we collect when you use the Astra web application, our marketing pages, and any communication you have with us. It does not apply to third-party websites or services that we link to but do not control.

3. What we collect

Account data — Your email address and authentication identifiers from your sign-in provider (e.g. Google).
Profile data — Your display name, optional gender description, birth date, birth time, and birth location, used to compute your chart.
Optional profile detail — bio, profession, relationship status, personality, interests, values, intentions, and what you’re looking for. You can leave any of these blank.
Chart data — The planetary positions, signs, and houses derived from your birth details by our chart engine.
Content you create — journal entries, friends you add, notes about relationships, and saved readings.
Usage data — Limited, largely aggregated information about how Astra is used (page views, feature usage, referrer, device type) to help us understand and improve the product.
Technical data — IP address, browser user-agent, and timestamps necessary for security, abuse prevention, and debugging.
Payment data — If you purchase a subscription, billing details are collected and processed by our payment provider; we never see your full card number.

4. How we use your data

We use your data only to: (a) operate Astra and compute your personalised readings; (b) maintain the security, integrity, and performance of the service; (c) provide customer support; (d) communicate essential service notices and, if you opt in, occasional product updates; (e) detect, prevent, and respond to abuse, fraud, or security incidents; (f) improve the product through aggregated, non-identifiable analytics; (g) comply with our legal obligations.

5. Legal bases (GDPR)

If you are in the European Economic Area, the United Kingdom, or Switzerland, we process your personal data on the following legal bases: (a) Contract — to provide the Astra service you have signed up for; (b) Legitimate interests — to keep Astra secure, prevent abuse, and improve the product; (c) Consent — for optional communications and any non-essential cookies; (d) Legal obligation — Where we are required to retain or disclose information by law. You may withdraw consent at any time without affecting prior processing.

6. AI processing

To generate your daily readings, weekly reflections, compatibility insights, and journal prompts, we send your chart and the preferences you have shared with Astra to large language model providers. These providers process the data on our behalf, under data-processing terms that prohibit them from retaining your inputs beyond what is necessary to return a response or from using your inputs to train their foundation models.

7. What we do not do

We do not sell your personal data to anyone.
We do not show third-party advertising in Astra.
We do not share your journal, friends, or chart with other users.
We do not run third-party tracking pixels or social-media trackers in Astra.
We do not use your content to train third-party foundation models.

8. Sharing & sub-processors

We rely on a small number of trusted processors to operate Astra:

Hosting & edge — To serve the application and run server-side logic.
Database & auth — Managed Postgres and authentication services that store your profile, chart, and content.
AI providers — Large language model APIs that generate your readings.
Email — Transactional email for account verification, password resets, and essential service notices.
Payments — A third-party payment processor, where applicable, to handle subscriptions.
Analytics — Aggregated, privacy-respecting analytics to understand usage.

We may also disclose information when required by law, to enforce our Terms, or to protect the rights, safety, or property of Astra and our users.

9. Cookies & local storage

Astra uses a small number of strictly necessary cookies and browser local-storage entries to keep you signed in, remember your preferences, and protect against abuse. We do not use advertising cookies. Where we use any non-essential analytics, we keep it aggregated and pseudonymous.

10. Data retention

We retain your account data for as long as your account is active. When you delete your account, your profile, chart, journal, friends, and saved readings are deleted within 30 days, except where we are required to retain certain information by law (for example, billing records). Backup copies are purged on a rolling basis. Aggregated, non-identifiable analytics may be retained longer.

11. Your rights

Depending on where you live, you may have the right to: access the personal data we hold about you; correct inaccurate data; export your data in a portable format; delete your data; restrict or object to certain processing; and withdraw consent. We honour valid requests regardless of where you live, where this is reasonable to do so.

12. Submitting a request

You can manage and delete most of your data directly from your profile inside Astra. For other requests, write to Privacy@astra.guide from the email address associated with your account. We respond within 30 days; if your request is complex, we may extend that window and will tell you why.

13. International transfers

Astra may transfer your personal data to countries other than the one where you live, including to providers based in the United States. When we do so, we put appropriate safeguards in place, such as the European Commission’s Standard Contractual Clauses, the UK International Data Transfer Addendum, and equivalent safeguards in other regions where required.

14. Security

We use industry-standard measures to protect your data: encryption in transit (TLS) and at rest, isolated row-level access controls so users can only read their own data, regular backups, principle-of-least-privilege access for our team, and monitoring for unusual activity. No system is perfectly secure, but we work hard to keep yours safe and will notify you and the relevant authorities promptly if a breach occurs that is likely to affect your rights.

15. Children

Astra is not intended for people under the age of 16, and we do not knowingly collect personal data from them. If you believe a child has provided us with personal data, please contact us and we will delete it.

16. Automated decision-making

Astra uses automated processing to compute your chart and to generate written reflections. These outputs are intended for self-reflection and entertainment and do not produce legal or similarly significant effects on you within the meaning of GDPR Article 22.

17. Do-not-track signals

Because there is no industry consensus on how to interpret Do-Not-Track signals, Astra does not respond to them. Our overall approach to tracking — minimal, first-party, no advertising — is described above.

18. Regional supplements

EEA / UK / Switzerland — you have the rights described under GDPR / UK GDPR / Swiss FADP, including the right to lodge a complaint with your supervisory authority (see “Complaints” below).

California — Under the CCPA/CPRA, you have the right to know what personal information we collect, to delete it, to correct it, and to opt out of any “sale” or “sharing” of personal information. We do not sell or share personal information as those terms are defined under California law.

Other US states — Residents of states with comprehensive privacy laws (e.g. Virginia, Colorado, Connecticut, Utah, Texas) have substantially similar rights, which we honour as described in “Your rights” above.

19. Complaints

If you believe we have mishandled your personal data, please contact us first so we can try to put it right. You also have the right to lodge a complaint with the data protection supervisory authority in your country of residence, place of work, or where the alleged infringement took place.

20. Changes to this policy

We will notify you about material changes to this policy through Astra or by email. The “last updated” date at the top of this page indicates when the most recent revisions were made. Continued use of Astra after changes take effect constitutes your acceptance of the updated policy.

21. Contact

Questions or requests about your data? Write to Privacy@astra.guide. For everything else, you can reach us at Hello@astra.guide.

← Terms of service Return home →