Privacy Policy

1. Introduction

Welcome to NovaChart.AI (“we,” “our,” or “us”). We are committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services (collectively, the “Services”).

By using NovaChart.AI, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Services.

2. Information We Collect

2.1 Information You Provide

When you use our birth chart calculator, we collect:

• Birth Information: Date, time, and location of birth
• Contact Information: Email address (if you create an account)
• Payment Information: Billing details for paid subscriptions (processed securely by Creem payment processor)
• Subscription Data: Plan type, billing cycle, payment status, and subscription history
• User-Generated Content: Any information you voluntarily provide through forms or communications

2.2 Automatically Collected Information

When you access our Services, we automatically collect:

• Device Information: IP address, browser type, device type, operating system
• Usage Data: Pages visited, time spent, clicks, and navigation patterns
• Cookies and Tracking Technologies: We use cookies and similar technologies (see Section 7)

2.3 AI-Generated Content

When you use our AI interpretation feature:

• Your birth chart data is processed by third-party AI services (DeepSeek)
• We do not store the AI-generated interpretations long-term
• The AI service provider may process your data according to their own privacy policy

3. How We Use Your Information

We use the collected information for the following purposes:

• Service Delivery: To calculate and display your birth chart and astrological interpretations
• Improvement: To analyze usage patterns and improve our Services
• Communication: To respond to inquiries and send service-related notices
• Security: To detect, prevent, and address technical issues and fraudulent activity
• Legal Compliance: To comply with applicable laws and regulations
• Analytics: To understand how users interact with our Services

4. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

4.1 Service Providers

We may share data with third-party service providers who perform services on our behalf:

• AI Services: DeepSeek for chart interpretations
• Payment Processing: Creem payment platform for subscription billing and payment processing
• Authentication: Supabase for user authentication (Google OAuth)
• Hosting Services: Cloud infrastructure providers (e.g., Cloudflare)
• Analytics: Services that help us analyze usage patterns

Payment Security: We do not store your full credit card information. All payment data is encrypted and securely processed by Creem, which is PCI DSS compliant. We only retain basic transaction information (subscription status, invoice dates) for billing purposes.

4.2 Legal Requirements

We may disclose your information if required by law or in response to valid legal requests by public authorities.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

5. Data Storage and Security

5.1 Data Storage

Your data is stored on secure servers. Birth chart data may be stored temporarily for the duration of your session and may be cached for performance optimization.

5.2 Security Measures

We implement appropriate technical and organizational measures to protect your data:

• Encryption of data in transit (HTTPS/TLS)
• Secure server infrastructure
• Regular security assessments
• Access controls and authentication

However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Your Rights and Choices

6.1 GDPR Rights (EU Users)

If you are in the European Economic Area (EEA), you have the following rights:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data
• Right to Restrict Processing: Limit how we use your data
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing of your data
• Right to Withdraw Consent: Withdraw consent at any time

6.2 CCPA Rights (California Users)

If you are a California resident, you have the following rights under CCPA:

• Right to Know: Request disclosure of personal information collected
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt-out of the sale of personal information (we do not sell data)
• Right to Non-Discrimination: Not be discriminated against for exercising your rights

6.3 Exercising Your Rights

To exercise any of these rights, please contact us at privacy@novachart.ai. We will respond to your request within 30 days.

7. Cookies and Tracking Technologies

7.1 What Are Cookies

Cookies are small text files stored on your device. We use cookies and similar technologies to:

• Remember your preferences and settings
• Analyze site traffic and usage patterns
• Improve user experience
• Provide personalized content

7.2 Types of Cookies We Use

• Essential Cookies: Required for the website to function properly
• Analytics Cookies: Help us understand how visitors use our site
• Functional Cookies: Remember your preferences and settings

7.3 Managing Cookies

You can control cookies through your browser settings. Note that disabling cookies may affect the functionality of our Services.

8. Third-Party Services

Our Services may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

Third-party services we use include:

• DeepSeek AI: For chart interpretations - subject to DeepSeek's privacy policy
• Cloudflare: For content delivery and security
• Vercel: For hosting and deployment

9. Children's Privacy

Our Services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us, and we will delete such information.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. By using our Services, you consent to such transfers.

For users in the EEA, we ensure appropriate safeguards are in place for international data transfers, such as Standard Contractual Clauses approved by the European Commission.

11. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy:

• Birth Chart Data: Stored temporarily during your session and may be cached for performance
• Account Data: Retained while your account is active or as needed to provide Services
• Subscription & Billing Records: Retained for 7 years for tax and accounting purposes as required by law
• Transaction History: Payment records kept for dispute resolution and fraud prevention
• Analytics Data: Aggregated and anonymized data may be retained indefinitely
• Legal Requirements: We may retain data longer if required by law or pending legal proceedings

When you cancel your subscription or delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required for legal or regulatory purposes.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by:

• Posting the new Privacy Policy on this page
• Updating the “Last Updated” date
• Sending you an email notification (for material changes)

We encourage you to review this Privacy Policy periodically. Your continued use of our Services after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

14. Data Protection Officer

For users in the EEA, if you have questions about how we handle your personal data, you may contact our Data Protection Officer at dpo@novachart.ai.

You also have the right to lodge a complaint with your local data protection authority.