Soul Birth Map

Privacy policy

Last updated: [DATE]

Draft for review. This page is a starting point and has not been reviewed by a legal professional. It is not legal advice.

This privacy policy explains what personal data [LEGAL ENTITY NAME] (“Soul Birth Map,” “we,” “us,” or “our”) collects when you use soulbirthmap.com, why we collect it, and how we protect it. We write this in plain language because you deserve to understand it, not just agree to it.

What we collect

To draw your birth map, we ask for and store the following information:

  • First name — used to personalise your map and emails.
  • Email address — used to deliver your map and, only with your separate consent, our nurture emails.
  • Date of birth, time of birth, and place of birth — the inputs required to calculate your birth chart. This is personal data.
  • Latitude, longitude, and timezone — derived from your birth place via the Google Places API. We store these derived values so we don’t need to re-resolve them every time.

We do not collect payment card details directly — if and when paid products launch, payments will be handled by Stripe, who operate their own privacy practices.

Why we collect it

We use your data for two purposes only:

  1. To draw and deliver your birth map. Your birth details are the mathematical input. Without them, there is no map to draw.
  2. To send you nurture emails — only if you separately opt in. You can withdraw that consent at any time by clicking “unsubscribe” in any email or writing to us.

We never sell your data. We never will.

Consent and emails

Transactional emails (your welcome message, your map delivery) are sent because you requested your map — they are part of the service you asked for.

Marketing and nurture emails (insights, new features, articles) are only sent if you tick the relevant box during sign-up or later opt in explicitly. You can unsubscribe from marketing emails at any time via the link in any email or by writing to [CONTACT EMAIL — default hello@soulbirthmap.com]. Unsubscribing from marketing does not affect transactional messages.

Retention and deletion

We keep your birth data for no longer than [DATA RETENTION WINDOW — e.g. 24 months] from the date of your last activity, unless you ask us to delete it sooner.

You can request deletion at any time by emailing [CONTACT EMAIL — default hello@soulbirthmap.com]. We will soft-delete your record within 7 days and permanently purge it within 30 days. You will receive a confirmation.

Deletion is permanent. If you want a new map after deletion, you will need to provide your details again.

Security

We take reasonable technical steps to protect your data:

  • API keys and secrets are held server-side only and are never exposed to the browser.
  • Our database uses row-level security, so queries only return data the authenticated request is entitled to see.
  • Data is encrypted in transit (HTTPS/TLS) and at rest in our database.
  • We never put birth data in URLs, query strings, or application logs.

No system is perfectly secure. If you have concerns, please contact us.

Sub-processors

The following third-party services process data on our behalf. Each operates under its own privacy practices, which we encourage you to review.

  • Supabase — our database host. Stores your birth data and account details.
  • Resend — our email delivery provider. Receives your name and email address to send transactional and (where opted in) marketing emails.
  • Stripe — payments processor (future paid tiers). Receives payment and billing information. Soul Birth Map does not store card details.
  • Google — Places autocomplete API. Receives the birth place string you type in order to resolve it to coordinates. Google ’s own data policies apply.
  • Astrology report engine — our chart calculation and report generation service. Receives birth date, time, latitude, longitude, and timezone.

Second-person data (relationship and overlay features)

A future feature will allow you to overlay a second person’s birth data onto your own map (for relationship readings, compatibility work, and similar). We will only process another person’s birth data on the basis of your confirmation that you have that person’s permission to share it with us.

The second person may contact us at [CONTACT EMAIL — default hello@soulbirthmap.com] to request that their data be deleted. We will honor that request on the same terms as any other erasure request.

Your rights

Depending on your location, you may have rights including:

  • Access — to receive a copy of the personal data we hold about you.
  • Correction — to have inaccurate data corrected.
  • Deletion — to have your data erased, as described above.
  • Withdraw consent — to opt out of marketing communications at any time.

To exercise any of these rights, email us at [CONTACT EMAIL — default hello@soulbirthmap.com]. We aim to respond within 30 days.

Contact

[LEGAL ENTITY NAME]

[BUSINESS MAILING ADDRESS]

[CONTACT EMAIL — default hello@soulbirthmap.com]