Last updated: August 25th, 2025

Your privacy is very important to us. This Privacy Policy explains how we collect, use, and protect your personal information when you use our website and services. We are committed to complying with applicable privacy and data protection laws, including the General Data Protection Regulation (GDPR) (EU), the California Consumer Privacy Act (CCPA/CPRA) (USA), and other relevant privacy regulations.

1. Information We Collect

When you place an order or interact with our website, we may collect the following types of information:

  • Basic information: Name, email address, billing and shipping details.
  • Payment information: Processed securely by our payment provider (Stripe). We do not store or have access to your full credit card details.
  • Birth details (special category data): Date of birth, time of birth, and place of birth. These are collected solely for the purpose of creating personalized natal charts.
  • Optional information: Additional notes or instructions you provide with your order.
  • Technical information: IP address, browser type, and usage data (collected via cookies and analytics tools).

2. How We Use Your Information

We use your personal information only for the following purposes:

  • To process and fulfill your orders.
  • To prepare and deliver personalized natal charts and related services.
  • To communicate with you about your order, including updates, corrections, or customer support.
  • To comply with legal and regulatory obligations.
  • To improve our website and customer experience.

๐Ÿ‘‰ Important: Your birth details (date, time, and place of birth) are used exclusively for the creation of your natal chart and are never shared with third parties.

3. Legal Basis for Processing (GDPR)

Under the GDPR, we rely on the following legal bases for processing your personal data:

  • Contractual necessity: To fulfill our contract with you when you place an order.
  • Consent: For collecting sensitive data such as date, time, and place of birth, we rely on your explicit consent at checkout.
  • Legitimate interests: For improving our services and ensuring website security.

4. Sharing Your Information

We respect your privacy. Your personal data is not sold, rented, or shared with any third party for marketing purposes.

We may share data only with:

  • Service providers (e.g., Stripe for secure payments, hosting providers for website operation).
  • Legal authorities if required by law.

5. Data Retention

Personal data related to orders is retained for accounting and legal compliance for up to 7 years.

Birth details and additional notes are kept only as long as necessary to prepare your natal chart, unless you consent to their storage for future orders.

You may request deletion of your data at any time (see Section 7).

6. Your Rights (GDPR, CCPA/CPRA)

Depending on your location, you have the following rights:

  • Right to access โ€“ Request a copy of your personal data.
  • Right to rectification โ€“ Correct inaccurate or incomplete data.
  • Right to erasure โ€“ Request deletion of your personal data (right to be forgotten).
  • Right to restrict processing โ€“ Ask us to limit how your data is used.
  • Right to data portability โ€“ Request transfer of your data to another service.
  • Right to object โ€“ Object to data processing in certain circumstances.
  • Right to opt out of sale (CCPA/CPRA) โ€“ We do not sell personal data.

To exercise your rights, please contact us at info@astralstones.com

7. Cookies and Tracking

We use cookies and similar technologies to improve website performance and analyze usage. You can manage or disable cookies in your browser settings.

8. Data Security

We take appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.

All payment transactions are processed securely through Stripe, and we do not store your payment card details.

9. International Data Transfers

If you are located in the European Economic Area (EEA), your data may be transferred to servers outside the EEA (e.g., USA). In such cases, we ensure appropriate safeguards are in place in compliance with GDPR (such as Standard Contractual Clauses).

10. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us:

๐Ÿ“ง info@astralstones.com

If you are in the EU, you also have the right to lodge a complaint with your local data protection authority.