Privacy Policy
1. Introduction
Golden Compass (“we,” “us,” or “our”) provides a premium astrology web application that generates personalized natal chart readings. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.
By using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please do not use the Service.
2. Information We Collect
2.1 Information You Provide
- Birth Data: Date of birth, time of birth, and birth location for chart readings.
- Account Information: Email address (used for account access via magic links).
- Relationship Data: Your stated relationship to and role of each person submitted.
- Payment Information: Processed by Stripe. We do not store credit card details.
2.2 Information Collected Automatically
- Session Data: Anonymous session identifiers stored in cookies.
- Analytics: Plausible Analytics (privacy-focused, cookieless). No personal data is collected.
- Server Logs: IP address, browser type, and request timestamps (retained 30 days).
2.3 Information We Do NOT Collect
- No tracking cookies, advertising pixels, or behavioral analytics.
- No biometric data, government IDs, or financial account details.
- No advertising profiles. We do not sell data to data brokers.
3. How We Use Your Information
- Provide the Service: Generate natal chart readings from the birth data you submit.
- Account Management: Authenticate via magic links, manage your account, deliver purchased content.
- Payment Processing: Process payments and issue receipts through Stripe.
- Security: Protect against abuse, fraud, and unauthorized access.
- Communication: Send transactional emails only. No marketing emails unless you opt in.
4. Legal Basis for Processing (GDPR)
- Contract Performance: Processing birth data to generate charts you purchased.
- Legitimate Interest: Security, abuse prevention, service improvement.
- Consent: Marketing communications (opt-in only).
5. Data Sharing
We share data only with service providers necessary to operate the Service:
| Provider | Purpose | Data Shared |
|---|---|---|
| Stripe | Payment processing | Email, transaction details |
| Supabase | Database hosting | Encrypted account & chart data |
| Vercel | Application hosting | Server logs |
| Plausible | Analytics | None (cookieless) |
We do not sell, rent, or trade your personal information.
6. Data Retention
| Data Type | Retention |
|---|---|
| Account & birth data | Until deletion requested |
| Purchase records | 7 years (legal compliance) |
| Server logs | 30 days |
| Magic link tokens | 30 days after use |
7. Your Rights
- Access & Export: Download your data in portable format from your dashboard.
- Deletion: Request account deletion (30-day grace period).
- Rectification: Update or correct your information.
- Withdraw Consent: Withdraw marketing consent at any time.
To exercise these rights, visit Manage Your Data in your dashboard or contact privacy@goldencompass.app.
8. Account Deletion
- Your account enters a 30-day grace period.
- After 30 days, account data, birth data, and charts are permanently deleted.
- Purchase records are retained for 7 years with personal details anonymized.
9. Data Security
- Encryption in transit (TLS) and at rest (AES-256).
- Passwordless authentication via magic links.
- Rate limiting and abuse protection on all endpoints.
10. Cookies
We use only essential session cookies:
| Cookie | Purpose | Duration |
|---|---|---|
| gc_session | Anonymous session | Browser session |
| gc_session_token | Authenticated session | 30 days |
No advertising, tracking, or analytics cookies. See our Cookie Policy for details.
11. Children's Privacy
The Service is not directed at individuals under 16. We do not knowingly collect data from children.
12. Changes to This Policy
We may update this policy. Material changes will be communicated by email or prominent notice. Continued use constitutes acceptance.
13. Contact
Version 1.0