a
AstroGully
Legal

Privacy Policy

Last updated: April 2026

AstroGully ("we", "us", "our"), operated as a sole proprietorship in India, respects your privacy. This policy explains what data we collect, how we use it, and your rights regarding your data.

1. Data We Collect

Account Information

When you sign up, we collect your email address and a hashed password (we never see your plaintext password — authentication is handled by Supabase Auth, which stores passwords using industry-standard hashing).

Birth Data

To cast your astrological chart, we ask for your date of birth, time of birth, and place of birth. This data is used only to compute your chart and is sent to our AI services (Anthropic's Claude) temporarily for interpretation. Birth data is not saved in our database unless you explicitly save the chart (feature not yet available as of this policy). Your birth data is processed in memory during your session.

Chat Queries and AI Responses

Questions you ask your chart, and the AI responses generated for you, are temporarily stored in your browser session for display. They are NOT persisted in our database.

Payment Data

All payment processing is handled by Razorpay. We never see or store your credit card numbers, UPI handles, or bank details. We receive only a confirmation that a payment was successful, the Razorpay payment ID, and the amount. This information is stored in our database to maintain your credit balance and transaction history.

Credit Ledger

We maintain a record of every credit transaction (purchases, consumption for chart/AI analysis) in our database. This exists to provide accurate balance tracking and dispute resolution.

Technical Data

Like most websites, our hosting provider (Vercel) collects standard server logs including IP address, browser type, and pages visited for operational and security purposes. We use Supabase for database hosting; their logs may include query patterns.

2. How We Use Data

  • Account management: to authenticate you and track your credits
  • Service delivery: to compute charts and generate AI-assisted readings
  • Payment reconciliation: to ensure credits match payments received via Razorpay
  • Support: to respond to your queries via email
  • Fraud prevention: to detect abuse of credits, fake payments, or spam signups
  • Legal compliance: to respond to lawful requests from Indian authorities

We do not sell your data to third parties. We do not use your data for advertising. We do not train AI models on your queries.

3. Third-Party Services We Use

Your data flows through these services as part of normal operation:

  • Supabase (database + authentication) — stores account info, credit ledger, payment records. Hosted in ap-south-1 (Mumbai).
  • Anthropic (Claude AI) — processes your birth data and queries to generate interpretations. Anthropic's policy states they do not train on API inputs.
  • Razorpay (payments) — handles all payment processing. See Razorpay's privacy policy at razorpay.com/privacy.
  • Vercel (hosting) — serves the website and runs our backend code. Standard server logs only.

4. Data Retention

We retain the following data for the duration it is needed:

  • Account data: until you request deletion
  • Credit ledger: 7 years (for accounting and tax records, as required by Indian law)
  • Payment records: 7 years (Income Tax Act requirement)
  • Birth data: not retained beyond your current session
  • Chat queries: not retained (session-only)

5. Your Rights

You have the right to:

  • Access: request a copy of all data we hold about you
  • Correction: update inaccurate information (e.g., change your email)
  • Deletion: request deletion of your account and associated data (with the caveat that financial records must be retained per law)
  • Data portability: request your credit ledger and payment history as a downloadable file
  • Withdraw consent: stop using the Service at any time

Email support@astrogully.com to exercise any of these rights. We will respond within 30 days.

6. Security

We take reasonable measures to protect your data:

  • All data transmitted between your browser and our servers is encrypted via HTTPS
  • Passwords are hashed using Supabase's industry-standard algorithms (never stored as plaintext)
  • Database queries use Row-Level Security so users can only access their own records
  • Payment data never touches our servers — Razorpay handles it end-to-end
  • API keys and secrets are stored as environment variables, not in source code

No security is absolute. In the event of a data breach affecting your personal information, we will notify you within 72 hours as required by best practices.

7. Cookies

We use strictly necessary cookies for authentication (via Supabase Auth). We do not use advertising or tracking cookies. If you block all cookies, you will not be able to sign in.

8. Children's Privacy

AstroGully is not intended for users under 13 years of age. We do not knowingly collect data from children under 13. If we learn we have, we will delete it immediately.

9. International Data Transfers

Our primary data hosting is in India (Supabase Mumbai region). Anthropic's AI services are hosted in the United States. By using our Service, you consent to your queries being processed internationally for AI interpretation.

10. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be emailed to registered users. The "Last updated" date at the top indicates the most recent revision.

11. Contact

For privacy questions, reach us at support@astrogully.com.