Skip to content

GDPR Information

Last updated: April 5, 2026

Your Data Protection Rights

Horospire is committed to compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR"). This page provides detailed information about how we process your personal data and the rights you have under GDPR. We act as the data controller for the personal data collected through our Service.

Data We Collect

We collect and process the following categories of personal data:

Identity Data

  • Full name
  • Email address
  • Date of birth
  • Time of birth (optional)
  • Gender

Service Data

  • Horoscope analysis results and calculations
  • Chat conversation history (messages you send and responses received)
  • Generated PDF reports
  • Account creation and activity timestamps

Technical Data

  • Session identifiers (via essential cookies)
  • CSRF protection tokens
  • Anonymized analytics data via Google Analytics 4 (only with your consent) - pages visited, session duration, general geographic region

Purpose of Processing

Your personal data is processed for the following specific purposes:

  • Account management - To create and maintain your user account, authenticate your identity, and enable password recovery.
  • Service delivery - To generate your ancestral horoscope analysis based on your date of birth, time of birth, and gender.
  • Chat functionality - To provide personalized conversations about your horoscope analysis via the OpenAI API.
  • Report generation - To create downloadable PDF reports of your horoscope analysis.
  • History and continuity - To save your previous analyses so you can access them later.
  • Security - To protect against unauthorized access and ensure the integrity of the Service.
  • Analytics - With your consent, to collect anonymized usage data via Google Analytics 4 to understand how visitors use our website and improve the Service.

Legal Basis for Processing

We process your personal data based on the following legal grounds under Article 6 of the GDPR:

  • Consent (Art. 6(1)(a)) - By creating an account and submitting your personal data, you consent to its processing for the purposes described above.
  • Contract performance (Art. 6(1)(b)) - Processing is necessary to provide the Service you have requested by creating an account.
  • Legitimate interests (Art. 6(1)(f)) - We have a legitimate interest in maintaining the security and proper functioning of our Service, including fraud prevention and abuse detection.

Special categories of data (Art. 9): Where processing involves data that may reveal philosophical beliefs (such as ancestral horoscope interpretations), we rely on your explicit consent (Art. 9(2)(a)) provided during account creation and use of the Service. You may withdraw this consent at any time by deleting your account.

Data Sharing and Transfers

Your data may be shared with the following third parties:

  • OpenAI - When you use the chat feature, your chat messages and relevant horoscope data are sent to OpenAI's API for processing. OpenAI acts as a data processor in this context. OpenAI's servers may be located outside the European Economic Area (EEA).
  • Stripe - When you make a payment, your billing information is processed by Stripe Inc. Stripe acts as a data processor and is certified under the EU-US Data Privacy Framework. See Stripe's Privacy Policy.
  • Google (Analytics) - We use Google Analytics 4 to collect anonymized website usage data (pages visited, session duration, general geographic region). Google Analytics cookies are only set if you accept cookies via our consent banner. Google acts as a data processor. See Google's Privacy Policy.

We do not sell, trade, or otherwise share your personal data with any other third parties, advertisers, or data brokers.

Data Retention

We retain your personal data for as long as your account remains active. You may delete individual horoscope analyses at any time from your dashboard. When you delete your account, all associated personal data, analyses, chat conversations, and generated reports are permanently deleted from our systems. We do not retain backup copies of deleted user data beyond standard system backup cycles.

Your Rights Under GDPR

As a data subject, you have the following rights:

Right of Access (Art. 15)

You have the right to obtain confirmation as to whether your personal data is being processed, and to access a copy of that data. You can view most of your data directly through your account dashboard and profile settings.

Right to Rectification (Art. 16)

You have the right to have inaccurate personal data corrected. You can update your name and email address through your profile settings. For other data corrections, please contact us.

Right to Erasure / Right to Be Forgotten (Art. 17)

You have the right to request the deletion of your personal data. You can delete individual analyses from your dashboard, or delete your entire account (and all associated data) from your profile settings. You may also contact us to request complete data erasure.

Right to Data Portability (Art. 20)

You have the right to receive your personal data in a structured, commonly used, and machine-readable format. Contact us to request an export of your data.

Right to Restriction of Processing (Art. 18)

You have the right to request that we restrict the processing of your personal data under certain circumstances, such as when you contest the accuracy of the data or object to processing.

Right to Object (Art. 21)

You have the right to object to the processing of your personal data where we rely on legitimate interests as the legal basis. Upon receiving your objection, we will cease processing unless we demonstrate compelling legitimate grounds.

Right to Withdraw Consent (Art. 7(3))

Where processing is based on consent, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing that occurred before the withdrawal. You can withdraw consent by deleting your account.

Right to Lodge a Complaint (Art. 77)

You have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data infringes the GDPR. You may contact the data protection authority in the EU member state of your habitual residence, place of work, or place of the alleged infringement.

Cookie Information

We use only strictly necessary cookies that are essential for the Service to function:

Cookie Purpose Duration
session Maintains your authenticated session Browser session / 2 hours
XSRF-TOKEN Cross-site request forgery protection Browser session / 2 hours

Analytics Cookies (consent required)

These cookies are only set if you accept cookies via our consent banner:

Cookie Purpose Duration
_ga Google Analytics - distinguishes unique visitors 2 years
_ga_* Google Analytics - maintains session state 2 years

Essential cookies are strictly necessary for the operation of the Service and are exempt from the consent requirement under Article 5(3) of the ePrivacy Directive. Analytics cookies require your explicit consent and are only activated when you accept cookies via our banner.

How to Exercise Your Rights

To exercise any of your GDPR rights, you can:

  • Use the self-service options available in your account dashboard and profile settings.
  • Send an email to [email protected] with the subject line "GDPR Data Request".
  • Visit our Contact page.

We will respond to your request within 30 days of receipt. If we need additional time (up to an additional 60 days), we will inform you of the extension and the reasons for the delay.

We use essential cookies for site functionality and analytics cookies (Google Analytics) to understand how visitors use our site. You can accept or decline analytics cookies below. Privacy Policy