Legal
Last updated: May 17, 2026
This Privacy Policy explains what data Cosmic Blueprint ("we", "us") collects from you when you use www.cosmic-blueprint.org, how we use it, and who we share it with. We try to keep things simple and collect only what's needed to deliver the Service.
Account information. Your email address — used to sign in (passwordless magic links) and to send transactional messages related to your account.
Birth data you submit. Your first/middle/last name, date of birth, time of birth, and birth city. This data is necessary to compute your astrological chart. It is stored on our servers and tied to your account.
Generated chart data. The placements, aspects, numerology figures, and AI-written interpretations produced for you. Stored on our servers and tied to your account.
Payment information. We do not directly collect or store payment card information. All payments are handled by Stripe, who provides us only with a customer ID, the email used, and basic subscription status (active, canceled, etc.). See Stripe's privacy policy.
Technical data. Standard request logs (IP address, user agent, timestamps) generated by our hosting provider Vercel during normal operation. Retained for ~30 days for security and debugging.
We do not use your birth data, chart, or interpretations for any other purpose. We do not sell your data. We do not use it to train AI models.
| Provider | Purpose | What they receive |
|---|---|---|
| Vercel | Web hosting | Standard request logs |
| Supabase | Authentication and database | Email, chart data |
| Stripe | Payments | Email, billing address you provide at checkout, payment card (handled by Stripe, not us) |
| Anthropic | AI text generation (Claude) | Your chart placements (no email or identifying info) — sent to generate the written interpretations. Anthropic's policy is to not train on API inputs. |
| Resend | Transactional email delivery | Email address, the email content (magic link) |
| OpenStreetMap Nominatim | City-to-lat/lon geocoding | The city name you submit in the birth form |
| Cloudflare | DNS | None (DNS only) |
Each of these services has its own privacy policy; review them if you want full detail. We have selected providers with strong reputations for data handling but cannot guarantee their independent practices.
We use browser local storage to keep you signed in (Supabase session token) and to cache your chart and readings on your device for fast loading. We do not use third-party tracking cookies, analytics cookies, or advertising cookies.
Your chart data and account email are retained as long as your account exists. When you delete your account, your chart, interpretations, and account record are removed within 30 days. Stripe retains its own records of transactions per its policies and applicable financial regulations.
Depending on where you live, you may have the following rights regarding your data:
To exercise any of these rights, email frankeppsjr@gmail.com from the address associated with your account.
The Service is not directed to children under 18. We do not knowingly collect data from anyone under 18. If you believe a child has provided us data, please contact us and we will delete it.
The Service is operated from the United States. By using the Service, you consent to your data being transferred to and processed in the United States, where data-protection laws may differ from those in your country.
We use industry-standard practices to protect your data: HTTPS everywhere, hashed/secret API keys, role-based database access (Supabase row-level security), and reputable service providers. No system is 100% secure; we cannot guarantee absolute security but we promptly investigate any incident.
We may update this Privacy Policy from time to time. Material changes will be announced via the Service or by email. The "Last updated" date at the top reflects the most recent revision.
Privacy questions, data requests, or concerns: frankeppsjr@gmail.com.