Privacy Policy

The data controller responsible for the processing of your personal data is:

CosmicSelf
Email: contact@stellyra.com

This privacy policy has been prepared in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

We may collect the following personal data when you use our services:

• Email address — required for account creation and communications
• Name (optional) — to personalise your experience
• Date of birth — used for horoscope and astrology calculations
• Language and region — to provide content in the appropriate language
• Payment information — processed by Paddle (we do not store full card details)

Your personal data is used for the following purposes:

• Providing our horoscope, tarot and astrology services
• Personalised horoscopes and tarot readings based on your data
• Email communications (newsletters, service updates)
• Statistical analysis to improve our services
• Compliance with legal obligations

Legal basis: consent (Article 6(1)(a) UK GDPR), performance of a contract (Article 6(1)(b)), and legitimate interests (Article 6(1)(f)).

Our website uses cookies — small text files stored in your browser. We categorise our cookies as follows:

Necessary cookies: Essential for the operation of the website, including session cookies, authentication cookies and CSRF protection. These cannot be disabled.

Analytics cookies (Google Analytics): Help us understand how visitors interact with the website. Data is collected anonymously. Your consent is required.

Marketing cookies: Used to display relevant advertisements. Your explicit consent is required.

Personalisation cookies: Enable us to provide a personalised experience, such as tailored horoscopes and recommendations. Your consent is required.

You can manage your cookie preferences at any time through our cookie banner or in the site settings.

To provide our services, we use the following third-party providers:

• Paddle — payment processing. Paddle Privacy Policy
• Resend — transactional and marketing email delivery
• Google Analytics — traffic and user behaviour analysis
• Cloudflare — hosting, CDN and DDoS protection

Your personal data is retained for as long as necessary to fulfil the purposes described:

• Account data: Retained while your account is active. After account deletion, data is erased within 30 days.
• Server logs: Automatically deleted after 14 days.
• Payment data: Retained in accordance with applicable legal and tax requirements.

Under the UK GDPR, you have the following rights regarding your personal data:

• Right of access: Request access to your personal data
• Right to rectification: Request correction of inaccurate or incomplete data
• Right to erasure: Request deletion of your personal data
• Right to data portability: Receive your data in a structured, commonly used format and transfer it to another controller
• Right to object: Object to the processing of your personal data
• Right to restrict processing: Request the restriction of processing of your data
• Right to withdraw consent: Withdraw your consent at any time

To exercise your rights, please contact us at: contact@stellyra.com

We implement technical and organisational measures to protect your personal data:

• SSL/TLS encryption on all communications
• Encrypted storage of sensitive data
• Access controls and continuous monitoring

Our services are not intended for children under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected data from a child under 16, we will take steps to delete it promptly.

This privacy policy may be updated from time to time to reflect changes to our services or applicable legislation. We recommend that you review this page regularly.

Effective date: March 2026