Privacy Policy

AstraPalm LLC ("AstraPalm," "we," "our," or "us") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect information when you use the AstraPalm iOS application and related in-app services (the "Service").

By using the Service, you agree to the practices described in this Privacy Policy.

1. Scope

This Privacy Policy applies to the AstraPalm iOS application only at launch. It does not apply to a separate web application, browser dashboard, or cookie-based website experience.

2. Information We Collect

A. Information you provide or that is associated with your account

We may collect:

• your name
• your email address, if provided through Sign in with Apple
• authentication and account identifiers
• mood selections
• streak information
• premium or subscription status
• referral codes and referral-related account records
• support requests, feedback, or survey responses you choose to send us

B. Information stored locally on your device

Certain information is stored only on your device using local app storage, including:

• birth date
• gender identity
• primary focus or self-discovery preferences
• palm line readings
• energy scores
• daily readings
• chat messages
• scan history and related locally generated outputs

This locally stored information is not uploaded to our servers as part of the normal operation of the Service.

C. Technical, diagnostics, and usage information

We may collect technical and usage information such as:

• device type
• operating system version
• app version
• language settings
• app interactions and feature usage
• crash reports, diagnostics, and performance information
• account identifiers associated with analytics or crash records

D. Subscription information

We may receive subscription and entitlement information related to your App Store purchases, such as:

• subscription status
• entitlement status
• purchase and restore events

Apple processes payment transactions for App Store purchases. We do not receive your full payment card information.

3. Palm Image Processing

AstraPalm processes palm images in real time on your device using Apple's Vision framework.

Palm images:

• are not uploaded to AstraPalm servers
• are not transmitted to Firebase, RevenueCat, or any other third party
• are not stored or retained by AstraPalm
• are not used for identity verification, biometric authentication, fingerprint analysis, or similar identification purposes

AstraPalm stores only the derived outputs of on-device analysis, such as numerical scores, generated interpretations, and other locally generated reading data.

4. No Third-Party AI Processing at Launch

At launch, AstraPalm does not send user images, prompts, messages, or outputs to OpenAI, Anthropic, Claude, or any other third-party AI provider.

Palm analysis and reading generation are performed on-device or through local deterministic app logic at launch.

If we add third-party AI-powered features in the future, we will update this Privacy Policy before those features are launched.

5. How We Use Information

We use information to:

• create and manage user accounts
• authenticate users
• provide app functionality
• generate palm readings and related self-discovery content
• maintain streaks, referral functionality, and premium access
• verify subscription or entitlement status
• monitor performance, diagnose crashes, and improve app reliability
• send service-related or account-related notifications
• comply with legal obligations and enforce our policies

6. How We Share Information

We do not sell your personal information.

We may share information with service providers that help us operate the Service, including:

• Apple, for Sign in with Apple, App Store subscription processing, and related platform functionality
• Google/Firebase, for authentication, cloud data storage, analytics, crash reporting, cloud functions, and messaging where applicable
• RevenueCat, for subscription and entitlement management

We may also disclose information:

• when required by law, legal process, or governmental request
• to protect rights, safety, users, or the public
• in connection with a merger, financing, acquisition, reorganization, bankruptcy, or sale of assets
• with your direction or consent

7. Data Retention

We retain different categories of information for different periods, depending on operational need, legal obligations, security, and service functionality.

Examples include:

• account and Firestore user records: generally until account deletion, subject to limited retained records for operational, legal, fraud-prevention, or security purposes
• analytics data: according to Firebase/Google retention settings and policies
• crash data: according to Crashlytics retention settings and policies
• subscription and entitlement data: according to Apple and RevenueCat retention practices
• server logs containing identifiers such as user IDs or referral codes: for limited operational retention, including cloud logging retention periods

Locally stored app data on your device may remain on your device until you delete it, reset the app, or uninstall the app.

8. Data Security

We use reasonable administrative, technical, and organizational safeguards designed to protect information, including access controls, authentication, secure hosting practices, and encryption in transit where applicable.

No method of transmission, storage, or security is perfect, and we cannot guarantee absolute security.

9. Human Access

Because palm images are not uploaded or stored by AstraPalm, AstraPalm personnel do not review palm images in the ordinary course of operating the Service.

Authorized personnel, contractors, or service providers with appropriate access may be able to view certain cloud-stored account, subscription, analytics, crash, or referral-related data as necessary to operate, secure, maintain, or troubleshoot the Service.

Locally stored readings, chat history, and similar on-device content are generally accessible only from the user's device.

10. Your Rights and Choices

Depending on your location, you may have rights to request access to, correction of, deletion of, or information about certain personal data.

To make a privacy request, contact: info@astrapalmai.com

We may need to verify your identity before processing certain requests.

11. Account Deletion

If you delete your account, we may delete your Firebase authentication record and primary account records associated with the Service.

Some information may be retained for limited periods as necessary for:

• security
• fraud prevention
• legal compliance
• dispute resolution
• referral tracking
• billing or subscription support
• internal operational records

Deleting your account may not automatically remove all locally stored data from your device unless the app provides that functionality or the app is deleted from the device.

12. International Processing

AstraPalm and its service providers may process information in the United States and other countries where they operate. Data protection laws in those countries may differ from the laws in your jurisdiction.

Where required, we will use appropriate safeguards for cross-border data transfers.

13. Children's Privacy

The Service is intended only for users who are at least 18 years old.

We do not knowingly collect personal information from anyone under 18. If we learn that a person under 18 has provided personal information, we will take appropriate steps to delete it where required.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will post the updated version and revise the "Last Updated" date. We may also provide additional notice where required by law.

15. Contact Us

If you have questions or requests regarding this Privacy Policy, contact:

AstraPalm LLC
info@astrapalmai.com