Privacy Policy

1. Data Controller

StellarTies is operated by Invents.US, LLC, a Washington state limited liability company. StellarTies ("we," "us," "our") is the data controller for personal data collected through the StellarTies platform at stellarties.com. For privacy inquiries, contact us at privacy@stellarties.com.

2. Data We Collect

• Account data: Email address, display name, and hashed password.
• Birth data: Date, time, and location of birth for synastry calculations. Encrypted at rest using AES-256-GCM. Never stored without an account.
• Usage data: Session tokens, consent records, and credit ledger entries.
• Technical data: IP address and User-Agent string (recorded with consent events only).

We do not collect payment information directly (Stripe handles payment processing), social media profiles, or government-issued IDs.

3. Purposes & Legal Basis

4. Data Retention

Account data and encrypted birth data are retained until you delete your account. Consent records are retained for 3 years after withdrawal for compliance documentation. Session tokens are deleted upon logout. Sessions do not currently have a server-side TTL.

5. Third Parties

We do not sell, share, rent, or trade your personal data with any third parties. No third-party analytics or tracking services are used.

Infrastructure: StellarTies runs on Amazon Web Services (AWS). AWS provides hosting, encrypted database storage, authentication, email delivery, and language model inference on our behalf under a data processing agreement. All processing occurs within the United States.

AI processing: Personalized narratives are generated by a language model hosted within our AWS account. The model receives only planetary coordinates, aspect geometry, and privacy aliases — never raw birth dates, times, coordinates, or real names. Your data is not used to train any AI models.

Payment information (card numbers, billing addresses) is collected and processed directly by Stripe, Inc. and is never stored on StellarTies servers. We receive only a Stripe Customer ID, subscription status, and transaction metadata. Stripe is PCI DSS Level 1 certified. See Stripe's Privacy Policy. We share your email address with Stripe to create and manage your billing account.

6. Security

Birth data is encrypted at rest using AES-256-GCM. Passwords are hashed using PBKDF2-SHA256. The language model receives only planetary coordinates, aspect geometry, and privacy aliases — never raw birth dates, times, or coordinates.

7. Your Rights

All Users

• Access your data (Account > Export or GET /v1/account/export)
• Delete your account and all data (POST /v1/account/delete-request)
• Withdraw marketing consent at any time

GDPR (EU/EEA/UK)

Right to access, rectification, erasure, restriction, portability, and objection. Lodge complaints with your supervisory authority.

CCPA/CPRA (California)

Right to know, delete, correct, and opt out of sale/sharing. We do not sell or share personal information. No financial incentive programs. To exercise your rights, contact privacy@stellarties.com. We will respond within 30 days.

PIPEDA (Canada)

Right to access and challenge the accuracy of your personal information.

LGPD (Brazil)

Right to confirmation, access, correction, anonymization, portability, deletion, and information about sharing.

8. Age Restriction

StellarTies is intended for users aged 18 and older. We do not knowingly collect data from anyone under 18. Birth data submitted for calculation is validated to ensure the individual is at least 18 years old.

9. International Transfers

All data is currently processed and stored in the United States. If you access StellarTies from outside the US, your data will be transferred to and processed in the US. We rely on consent as the legal mechanism for such transfers.

10. Changes to This Policy

We will notify registered users of material changes via the email address on file. Continued use of StellarTies after changes constitutes acceptance.

11. Contact

For privacy inquiries, data subject requests, or complaints:
privacy@stellarties.com