Privacy Policy

Last updated: June 17, 2026

Astra AI Astrology ("we," "our," or "us") operates the website at astra-ai-1.vercel.app and related services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered astrology chat platform.

1. Information We Collect

1.1 Information You Provide

• Account Information: Name, email address, and password when you create an account.
• Birth Details: Birth date, birth time, and birth location you voluntarily provide for personalized astrology readings.
• Chat Messages: Messages you send to our AI astrologers during consultations.
• Custom Instructions: Preferences and instructions you provide to personalize AI responses.
• Profile Settings: Language preference, astrology system preference, and selected astrologer.
• Payment & Transaction Information: When purchasing recurring subscriptions or top-up credit packages, we collect billing details. All financial transactions are handled by PCI-DSS compliant third-party payment gateways (e.g. Stripe, Cashfree). We do not store or process card numbers, CVVs, or internet banking passwords on our servers. The processor shares only generic details with us, including payment status, amount, currency, and gateway transaction IDs to reconcile your balance.

1.2 Information Collected Automatically

• IP Address: Used for guest session management and abuse prevention.
• Browser Fingerprint: A hash of your User-Agent and Accept-Language headers, used solely for guest session tracking.
• Usage Data: Pages visited, features used, message counts, and timestamps via Google Analytics.
• Device Information: Browser type, operating system, and screen resolution.

2. How We Use Your Information

• Providing Services: To generate personalized astrology readings based on your birth details and chat messages.
• Account Management & Monetization: To authenticate you, manage your subscription plan (Basic, Pro, Elite), track and update your top-up credits wallet balance, process automatic billing renewals, and enforce usage limits.
• Service Improvement: To understand how users interact with our platform and improve the experience.
• Security: To detect and prevent abuse, fraud, and unauthorized access.
• Communication: To send service-related emails (OTP verification, password resets, payment confirmations). We do not send marketing emails without your explicit consent.

3. AI-Generated Content

Your chat messages are processed by third-party AI models (via OpenRouter API) to generate responses. Key points:

• Your messages are sent to AI model providers to generate responses.
• We do not use your messages to train AI models.
• AI responses are generated in real-time and are not pre-written.
• AI-generated content is for entertainment and guidance purposes only and should not be considered professional advice.

4. Data Storage and Security

• Account data and chat history are stored in a secure PostgreSQL database hosted on Render.
• Passwords are hashed using bcrypt and are never stored in plain text.
• Authentication uses JWT tokens with secure, randomly generated secrets.
• All data transmission is encrypted via HTTPS/TLS.
• We implement rate limiting and IP-based abuse detection to protect the platform.

5. Data Sharing

We do not sell your personal information. We may share data with:

• AI Model Providers: Your chat messages are sent to AI providers (OpenRouter/OpenAI) solely to generate responses.
• Hosting Providers: Our infrastructure is hosted on Render (backend) and Vercel (frontend).
• Analytics: We use Google Analytics to understand usage patterns. This data is anonymized.
• Email Service: We use Brevo (formerly Sendinblue) for transactional emails like OTP verification and payment receipts.
• Payment Processors & Gateway Networks: Your billing and card/UPI information is shared securely with PCI-DSS certified payment networks (such as Stripe or Cashfree) to process active subscription renewals, load credits, and handle chargeback disputes or refund requests.
• Legal Requirements: When required by law, court order, or governmental request.

Payment Data

We do not store your card number, UPI ID, CVV, or any other sensitive payment credentials on our servers. All payment transactions are processed entirely by our third-party payment gateway partner, which maintains its own PCI-DSS compliant infrastructure. We receive only a transaction confirmation (order ID, amount, status) to update your account. For details on how your payment data is handled, refer to the privacy policy of the respective payment gateway.

6. Your Rights

You have the right to:

• Access your personal data stored on our platform.
• Correct inaccurate information in your profile.
• Delete your chat history via the Settings panel.
• Export your data in JSON format via the Settings panel.
• Withdraw consent and delete your account by contacting us.

7. Guest Users

If you use Astra AI Astrology without creating an account:

• We track your session using your IP address and browser fingerprint hash.
• Guest messages are limited to 8 per 24-hour period.
• Guest chat history is stored locally in your browser and is not saved to our servers.
• Birth details shared during guest sessions are used only for the current conversation and are not permanently stored.

8. Cookies

We use minimal cookies and local storage. See our Cookie Policy for details.

9. Children's Privacy

Astra AI Astrology restricts paid features, including subscriptions and credit top-ups, to users who are 18 years of age or older. We do not knowingly collect personal data from children under the age of 13. Users between the ages of 13 and 17 may use our free features only with the express consent and supervision of a parent or legal guardian.

10. Data Retention Policy

Your account data, birth details, and chat history are retained while your account is active. If you request account deletion, we will delete or anonymize your personal data within 30 days, except where retention is required by law or for legitimate financial auditing/transactional records (e.g., payment logs).

11. Cross-Border Data Transfer

Your chat messages and birth details are processed using AI models via OpenRouter, which may route queries and store temporary context on servers located outside of India. By using our platform, you acknowledge and consent to this cross-border transfer of data in compliance with applicable data protection laws.

12. Consent & Withdrawal

By providing birth details and sending messages, you consent to the processing of your personal data for generating astrological reports and chat conversations. You can withdraw your consent at any time by deleting your account through the Settings panel or by contacting us.

13. Data Breach Notification

In the unlikely event of a data breach affecting your personal information, we are committed to notifying you and the appropriate regulatory authorities within the timelines prescribed by the Digital Personal Data Protection (DPDP) Act, 2023.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Continued use of Astra AI Astrology after changes constitutes acceptance of the revised policy.

15. Contact Us & Grievance Officer

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact our Grievance Officer:

Grievance Officer: Aditya Dani

Email: grievance@astraai.com (or privacy@astraai.com)

We will acknowledge your grievance within 48 hours and aim to resolve it within 30 days.