Terms of service

Last Updated: January 21, 2026

1. Introduction

Welcome to Astroly (“we,” “our,” or “us”). We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our website at astroly.today and our personalized astrology subscription service.

Astroly operates as a data controller for the personal data we process. We are based in the European Union and comply with the General Data Protection Regulation (GDPR) (EU) 2016/679 and other applicable data protection laws.

By using our services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use our services.

2. Data Controller Contact Information

For any questions about this Privacy Policy or your personal data, please contact us:

Email: info@astroly.today
Website: https://astroly.today

3. Personal Data We Collect

3.1 Information You Provide Directly

When you sign up for our service or interact with our website, we collect:

Identity Data: Your name (first name and/or full name)
Contact Data: Your email address
Astrological Data: Birth date, birth time (optional), and birth place/location (optional)
Derived Astrological Data: Based on your birth information, we calculate your sun sign, moon sign, rising sign, zodiac element, modality, and ruling planet
Marketing Preferences: Your consent status for marketing communications

3.2 Payment Information

When you subscribe to our service, payment processing is handled by Stripe, Inc. We do not store your full credit card details on our servers. We receive and store:

Your Stripe customer ID
Subscription status and plan details
Transaction history and billing dates
Last four digits of your payment card (for reference only)

3.3 Technical Data Collected Automatically

When you visit our website, we may automatically collect:

Device Information: Browser type, operating system, device type
Usage Data: Pages visited, time spent on pages, click patterns
Location Data: Approximate geographic location based on IP address (country/region level)
Referral Data: How you arrived at our website

3.4 Data from Third-Party Sources

We may receive data from:

Stripe: Payment confirmation and subscription status updates
Advertising Platforms: If you arrive via Meta (Facebook/Instagram) ads, we may receive limited attribution data

4. How We Use Your Personal Data

We process your personal data for the following purposes:

4.1 Service Delivery (Contractual Necessity)

Creating and managing your user account
Calculating your astrological profile (sun, moon, rising signs)
Generating personalized birth chart analyses using AI technology
Sending weekly horoscope emails (Sunday, Tuesday, Friday)
Processing your subscription and payments
Providing customer support

4.2 Communication (Contractual Necessity & Legitimate Interest)

Sending transactional emails (welcome emails, payment confirmations, subscription updates)
Trial reminder notifications (3-day and final day reminders)
Service-related announcements

4.3 Marketing (Consent-Based)

Promotional communications about our services (only with your explicit consent)
Abandoned signup reminder sequences (for users who started but did not complete registration)

4.4 Service Improvement (Legitimate Interest)

Analyzing usage patterns to improve our service
Troubleshooting technical issues
Understanding user preferences and behavior

4.5 Legal Compliance (Legal Obligation)

Complying with applicable laws and regulations
Responding to legal requests from authorities
Protecting our legal rights

5. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

Processing Activity	Legal Basis
Account creation and service delivery	Performance of contract (Article 6(1)(b))
Payment processing	Performance of contract (Article 6(1)(b))
Personalized horoscope generation	Performance of contract (Article 6(1)(b))
Transactional emails	Performance of contract (Article 6(1)(b))
Marketing emails	Consent (Article 6(1)(a))
Analytics and service improvement	Legitimate interest (Article 6(1)(f))
Fraud prevention	Legitimate interest (Article 6(1)(f))
Legal compliance	Legal obligation (Article 6(1)(c))

6. AI-Generated Content

We use artificial intelligence (OpenAI GPT-4o) to generate personalized astrological content for you, including:

Birth chart analyses
Weekly horoscope content
Personalized cosmic guidance

Important Information about AI Processing:

Your astrological data (birth date, time, location, and derived signs) is sent to OpenAI’s API to generate personalized content
We do not send your email address or full name to the AI service — only your first name and astrological data
OpenAI processes this data according to their data processing terms and does not use API data to train their models
The AI-generated content is for entertainment and personal reflection purposes only and should not be considered professional advice

7. Third-Party Service Providers (Data Processors)

We share your personal data with the following third-party service providers who process data on our behalf:

7.1 Payment Processing

Stripe, Inc. (United States)

Purpose: Payment processing and subscription management
Data shared: Name, email, payment information
Privacy Policy: https://stripe.com/privacy
Data Transfer Mechanism: EU-US Data Privacy Framework

7.2 Email Delivery

Brevo (formerly Sendinblue) (France/EU)

Purpose: Sending transactional and marketing emails
Data shared: Name, email address
Privacy Policy: https://www.brevo.com/legal/privacypolicy/
Data location: European Union

7.3 Database and Infrastructure

Supabase, Inc. (United States)

Purpose: Database hosting and user data storage
Data shared: All user account data
Privacy Policy: https://supabase.com/privacy
Data Transfer Mechanism: Standard Contractual Clauses (SCCs)

7.4 AI Content Generation

OpenAI, LLC (United States)

Purpose: Generating personalized astrological content
Data shared: First name, astrological data (birth date, signs, elements)
Privacy Policy: https://openai.com/privacy
Data Transfer Mechanism: Standard Contractual Clauses (SCCs)

7.5 Website Hosting

Hostinger International Ltd. (Lithuania/EU)

Purpose: Website and server hosting
Data shared: Server logs, IP addresses
Privacy Policy: https://www.hostinger.com/privacy-policy
Data location: European Union

7.6 Analytics (with your consent)

Google Analytics 4 (United States)

Purpose: Website analytics and usage statistics
Data shared: Anonymized/pseudonymized usage data
Privacy Policy: https://policies.google.com/privacy
Note: We use Google Consent Mode v2, meaning full analytics only run with your explicit consent

Microsoft Clarity (United States)

Purpose: Session recording and heatmaps for UX improvement
Data shared: Anonymized session data
Privacy Policy: https://privacy.microsoft.com/privacystatement
Note: Only activated with your consent

8. International Data Transfers

Some of our service providers are located outside the European Economic Area (EEA), particularly in the United States. When we transfer your personal data outside the EEA, we ensure appropriate safeguards are in place:

EU-US Data Privacy Framework: For providers certified under this framework (e.g., Stripe)
Standard Contractual Clauses (SCCs): EU-approved contractual terms that ensure data protection (e.g., OpenAI, Supabase)
Adequacy Decisions: Where applicable, transfers to countries with adequate data protection levels

You can request a copy of the specific safeguards used by contacting us.

9. Cookies and Tracking Technologies

9.1 What Are Cookies?

Cookies are small text files stored on your device when you visit our website. They help us provide you with a better experience and understand how our website is used.

9.2 Types of Cookies We Use

Strictly Necessary Cookies (No consent required)

WordPress session cookies
Security cookies
Cookie consent preference cookies

Analytics Cookies (Consent required)

Google Analytics (_ga, _ga_*, _gid)
Microsoft Clarity (_clck, _clsk, CLID)

Marketing Cookies (Consent required)

Meta Pixel (Facebook/Instagram) for ad attribution

9.3 Managing Cookies

When you first visit our website, you will be presented with a cookie consent banner. You can:

Accept all cookies
Reject non-essential cookies
Customize your preferences

You can change your cookie preferences at any time by clicking the “Cookie Settings” link in our website footer or by clearing your browser cookies.

10. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

Data Type	Retention Period
Active subscriber data	Duration of subscription + 2 years
Canceled subscription data	2 years after cancellation
Lead data (incomplete signups)	90 days
Payment/transaction records	7 years (legal requirement)
Email communication logs	2 years
Analytics data	14 months (Google Analytics default)

Upon your request for deletion, we will remove your data within 30 days, except where we have a legal obligation to retain it.

11. Your Rights Under GDPR

As a data subject under GDPR, you have the following rights:

11.1 Right of Access (Article 15)

You can request a copy of all personal data we hold about you.

11.2 Right to Rectification (Article 16)

You can request correction of inaccurate or incomplete personal data.

11.3 Right to Erasure / “Right to be Forgotten” (Article 17)

You can request deletion of your personal data when:

The data is no longer necessary for its original purpose
You withdraw consent
You object to processing and there are no overriding legitimate grounds
The data was unlawfully processed

11.4 Right to Restriction of Processing (Article 18)

You can request that we limit how we use your data in certain circumstances.

11.5 Right to Data Portability (Article 20)

You can request your data in a structured, commonly used, machine-readable format (e.g., JSON or CSV).

11.6 Right to Object (Article 21)

You can object to processing based on legitimate interests or for direct marketing purposes.

11.7 Right to Withdraw Consent (Article 7(3))

Where we process data based on your consent, you can withdraw that consent at any time. This does not affect the lawfulness of processing before withdrawal.

11.8 Right to Lodge a Complaint

You have the right to lodge a complaint with a supervisory authority. If you are in the EU, you can contact your local Data Protection Authority. For users in Lithuania, this is the State Data Protection Inspectorate (VDAI).

How to Exercise Your Rights

To exercise any of these rights, please contact us at info@astroly.today with your request. We will respond within 30 days. We may need to verify your identity before processing your request.

12. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

Encryption: All data transmitted between your browser and our servers is encrypted using TLS/SSL (HTTPS)
Secure Infrastructure: Our servers are protected by firewalls, and we use secure, reputable hosting providers
Access Controls: Only authorized personnel have access to personal data, on a need-to-know basis
Regular Updates: We keep our software and systems up to date with security patches
Data Minimization: We only collect data necessary for providing our services
Secure Payment Processing: Payment data is handled by PCI-DSS compliant providers (Stripe)

While we take reasonable precautions, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security of your data.

13. Children’s Privacy

Our services are not directed to individuals under the age of 16. We do not knowingly collect personal data from children under 16. If you believe we have inadvertently collected data from a child under 16, please contact us immediately at info@astroly.today, and we will take steps to delete such information.

14. Marketing Communications

We will only send you marketing communications if you have given your explicit consent during signup (via the marketing consent checkbox).

You can opt out of marketing communications at any time by:

Clicking the “Unsubscribe” link in any marketing email
Contacting us at info@astroly.today
Managing your preferences through your account settings

Please note: Opting out of marketing communications will not affect transactional emails related to your subscription (e.g., payment confirmations, service updates).

15. Subscription Management

You can manage your subscription at any time through our Stripe Customer Portal:

Update payment methods
View billing history
Cancel your subscription
Download invoices

Access the portal via the link in any transactional email or contact us for assistance.

16. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to read the privacy policies of any third-party sites you visit.

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes:

We will update the “Last Updated” date at the top of this page
For significant changes, we will notify you via email or a prominent notice on our website
We encourage you to review this page periodically

Continued use of our services after changes constitutes acceptance of the updated policy.

18. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: info@astroly.today
Website: https://astroly.today

We aim to respond to all inquiries within 30 days.

This Privacy Policy is compliant with the General Data Protection Regulation (GDPR) (EU) 2016/679. For questions about our compliance, contact info@astroly.today.

We value your privacy