Privacy Policy
How AstroFinanceHub collects, uses, and protects your personal information.
Contents
AstroFinanceHub ("we", "us", "our") is committed to protecting your privacy. This policy explains how we handle your data when you use our platform, including astrology chart generation, financial insights, consultations, and subscription services.
1 Information We Collect
1.1 Information You Provide Directly
- Account data: name, email address, username, and password when you register.
- Astrological data: date of birth, time of birth, and place of birth — used to generate natal and transit charts.
- Profile data: profile picture, preferences, date/time format settings.
- Consultation data: information shared during booking or consultation sessions.
- Payment data: billing address and card details collected securely by Stripe; we never store raw card numbers.
- Communications: messages sent via contact forms, support tickets, or community features.
1.2 Information Collected Automatically
- Usage data: pages visited, features used, time spent, click patterns, and navigation paths.
- Device data: IP address, browser type and version, operating system, screen resolution, and device identifiers.
- Location data: approximate location derived from your IP address for automatic timezone and currency detection. We do not collect GPS-level precision without explicit consent.
- Log data: server access logs including request timestamps, error logs, and performance metrics.
1.3 Information from Third Parties
- SSO providers: If you sign in via Google, Apple, or another OAuth provider, we receive your name and email from that provider.
- Payment processors: Stripe may share limited transaction metadata (amount, currency, status, subscription ID) with us.
- Analytics: Aggregated, anonymised analytics from analytics tools.
2 How We Use Your Information
| Purpose | Data Used | Basis |
|---|---|---|
| Creating and managing your account | Name, email, password | Contract |
| Generating astrological charts & panchanga | Birth data, location, timezone | Contract / Consent |
| Processing subscription payments | Payment data, billing address | Contract |
| Sending transactional emails (receipts, reminders) | Email, subscription info | Contract |
| Sending marketing communications (optional) | Email, preferences | Consent |
| Improving platform features | Usage data, anonymised analytics | Legitimate interest |
| Fraud detection & security | IP address, device data, login history | Legitimate interest |
| Legal compliance | All categories as required by law | Legal obligation |
| Consultation scheduling & delivery | Name, email, consultation notes | Contract |
| Currency & timezone auto-detection | IP-derived approximate location | Legitimate interest |
3 Legal Basis for Processing
Under the UK GDPR and applicable data protection laws, we rely on the following lawful bases:
- Contract: Processing necessary to provide the services you have subscribed to.
- Consent: Where you have explicitly opted in (e.g. marketing emails, storing birth data).
- Legitimate interests: Security monitoring, fraud prevention, analytics, and platform improvement — balanced against your rights.
- Legal obligation: Compliance with tax, financial, and data protection laws.
You may withdraw consent at any time. This will not affect the lawfulness of prior processing.
4 Sharing Your Information
We do not sell your personal data. We may share data with:
- Stripe Inc. — payment processing (subject to Stripe's Privacy Policy).
- Email providers — transactional email delivery (e.g. AWS SES, SendGrid).
- Cloud hosting providers — server infrastructure and file storage.
- Analytics services — anonymised usage data only.
- Astrologers / Consultants — with your explicit consent during a booked consultation, limited to the data required to provide the service.
- Law enforcement / Regulators — when legally required or to protect rights and safety.
- Business transfers — in the event of a merger, acquisition, or asset sale, data may transfer to the new entity under equivalent protections.
All third-party processors are subject to data processing agreements and are required to maintain appropriate security standards.
5 Cookies & Tracking
We use cookies and similar technologies to operate and improve the platform.
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential | Session management, authentication, CSRF protection | Session / 30 days |
| Preference | Theme (dark/light), language, currency, timezone | 1 year |
| Analytics | Anonymised usage analytics | Up to 2 years |
| Marketing | Personalised offers (only with consent) | Up to 1 year |
You can manage cookie preferences through your browser settings. Disabling essential cookies may impair platform functionality.
6 International Data Transfers
Your data may be processed in countries outside your country of residence, including the United Kingdom, the European Economic Area, India, and the United States. We ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses (SCCs) approved by the UK ICO or EU Commission.
- Adequacy decisions where applicable.
- Binding corporate rules or equivalent protections for sub-processors.
7 Your Rights
Depending on your jurisdiction, you may have the following rights:
- Access: Request a copy of the personal data we hold about you.
- Rectification: Correct inaccurate or incomplete data.
- Erasure ("right to be forgotten"): Request deletion of your data, subject to legal retention requirements.
- Restriction: Request we limit how we use your data while a dispute is resolved.
- Portability: Receive your data in a machine-readable format.
- Objection: Object to processing based on legitimate interests or for direct marketing.
- Withdraw consent: Where processing is based on consent, you may withdraw at any time via account settings.
- Automated decisions: Request human review of decisions made solely by automated means.
To exercise any right, contact us at privacy@astrofinancehub.com. We will respond within 30 days (or within the statutory timeframe in your jurisdiction).
If you are dissatisfied with our response, you may lodge a complaint with your local data protection authority (e.g. the UK Information Commissioner's Office).
8 Data Security
We implement industry-standard security measures including:
- TLS/HTTPS encryption for all data in transit.
- Encrypted storage for passwords (bcrypt/PBKDF2) and sensitive fields.
- Access controls and role-based permissions.
- Regular security audits and vulnerability assessments.
- CSRF, XSS, and SQL-injection protections built into our framework.
- Stripe PCI-DSS Level 1 certified payment processing.
Despite these measures, no system is 100% secure. In the event of a breach affecting your rights, we will notify you and the relevant supervisory authority within the legally required timeframe.
9 Children's Privacy
AstroFinanceHub is not directed at children under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal information, please contact us and we will promptly delete it.
10 Changes to This Policy
We may update this Privacy Policy periodically. Material changes will be notified via email and/or a prominent notice on the platform at least 14 days before they take effect. Your continued use after the effective date constitutes acceptance of the updated policy.
The "Last updated" date at the top of this page indicates when the most recent changes were made.
11 Contact Us
For any privacy-related questions, requests, or complaints:
- Email: privacy@astrofinancehub.com
- Post: Data Privacy Team, AstroFinanceHub, [Registered Address]
- Response time: We aim to respond within 5 business days and will resolve requests within 30 days.
Privacy Questions?
Our privacy team is here to help with data requests, consent withdrawals, and any concerns.
privacy@astrofinancehub.com