Privacy Policy
Last updated: February 2026
1. Who we are
Astro BNN Pro (“we”, “us”, “our”) operates the website at astrobnn.pro. We provide a Vedic astrology prediction platform based on the BNN (Bhrigu Nadi Nadi) methodology. This policy explains what personal data we collect, why we collect it, how we use it, and your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
For questions about this policy, contact us via the support centre.
2. What data we collect
Account data
When you create an account we collect your email address and an encrypted password (handled entirely by Supabase Auth — we never see your raw password). You may optionally add a display name.
Birth chart data
To calculate astrological charts you enter a name, date of birth, time of birth, birth place, latitude, longitude, and UTC offset. This data is processed on our servers to calculate planetary positions and BNN predictions. If you choose to save a reading, this data is stored in your account. Demo chart data (famous people) is pre-loaded by us and is publicly available information.
Subscription and billing data
Payments are handled by Stripe. We store your Stripe customer ID and subscription status in our database. We never store card numbers or payment credentials — these remain exclusively with Stripe under their own PCI-DSS compliance.
Support communications
If you contact us via the support centre, we store the conversation messages in our database and may communicate with you by email. WhatsApp messages are processed via the Meta WhatsApp Business API.
Usage and technical data
We collect standard server logs (IP address, browser type, pages visited, timestamps) to maintain security and diagnose errors. We do not use third-party analytics trackers (e.g. Google Analytics).
3. Legal basis for processing
| Data | Legal basis |
|---|---|
| Account / authentication data | Contract — necessary to provide the service |
| Birth chart & prediction data (saved readings) | Contract — you choose to save; Legitimate interest for session processing |
| Billing & subscription data | Contract — necessary to process payments and manage your plan |
| Support messages | Legitimate interest — to respond to your enquiry |
| Server logs | Legitimate interest — security and service reliability |
| Functional cookies (language preference) | Consent — via the cookie banner |
4. How we use your data
- To authenticate you and maintain your session
- To calculate astrological charts and BNN predictions based on birth data you provide
- To store readings you choose to save and allow you to revisit them
- To process subscription payments and manage your plan via Stripe
- To send transactional emails (e.g. subscription confirmation, support replies) via Resend
- To respond to support requests via the in-app chat, email, or WhatsApp
- To maintain security, prevent fraud, and comply with legal obligations
We do not sell your personal data to third parties. We do not use your data for automated profiling or decision-making that produces legal effects.
5. Third-party data processors
| Processor | Purpose | Location |
|---|---|---|
| Supabase | Database, authentication, realtime | EU (AWS Frankfurt) |
| Stripe | Payment processing and subscription management | US / UK |
| Vercel | Web hosting and edge functions | Global edge (nearest region) |
| Resend | Transactional email delivery | US |
| Meta (WhatsApp Business) | Optional WhatsApp support channel | US |
| OpenCage | Geocoding — converts place names to coordinates | EU |
All processors are bound by data processing agreements and operate under adequate safeguards (UK GDPR Article 46 standard contractual clauses where applicable).
6. Data retention
- Account data — retained while your account is active and for 30 days after deletion request
- Saved readings — retained until you delete them from your dashboard, or when your account is deleted
- Unsaved prediction session data — not persisted; processed in memory only
- Billing records — retained for 7 years to comply with UK financial regulations
- Support messages — retained for 2 years after the conversation closes
- Server logs — retained for 90 days
7. Your rights under UK GDPR
You have the right to:
- Access — request a copy of the personal data we hold about you
- Rectification — ask us to correct inaccurate or incomplete data
- Erasure — request deletion of your personal data (“right to be forgotten”)
- Restriction — ask us to limit how we process your data in certain circumstances
- Portability — receive your data in a structured, machine-readable format
- Object — object to processing based on legitimate interest
- Withdraw consent — at any time for consent-based processing (e.g. functional cookies)
To exercise any of these rights, contact us via the support centre. We will respond within 30 days. If you are unsatisfied with our response, you may lodge a complaint with the Information Commissioner’s Office (ICO).
8. Security
All data is transmitted over HTTPS/TLS. Passwords are hashed using bcrypt by Supabase Auth and are never stored in plaintext. Row-level security (RLS) policies on our database ensure users can only access their own data. Service-role database operations are restricted to server-side API routes and are never exposed to the client.
9. Children’s privacy
Astro BNN Pro is not directed at children under 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
10. Changes to this policy
We may update this policy from time to time. Material changes will be communicated via email or a prominent notice on the website. The “Last updated” date at the top of this page always reflects the most recent revision.
11. Contact us
For any privacy-related questions, data access requests, or complaints, please reach us via the support centre or by email at support@bnn-astro.com.