Privacy Policy

1. Who We Are

astromara.com is operated by Paul O'Mara, trading as Astromara. This privacy policy explains what personal data we collect from you, how we use it, and your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

For the purposes of data protection law, Paul O'Mara is the data controller. You can contact us at any time at omara@paulomara.com.

2. What Data We Collect

We collect the following personal data when you use our services:

• Birth data — name, date of birth, time of birth, city and country of birth — required to calculate your chart
• Email address — to deliver your report and for any follow-up support
• Payment information — processed by Stripe; we do not see or store your card details
• Focus area — the optional free-text note you can add to your order
• Usage data — standard web analytics via Google Analytics (pages visited, time on site, approximate location from IP, browser type) — used in aggregate, never to identify you individually

If you submit someone else's birth data (for example, when ordering a Compatibility Chart or a gift), please ensure you have their consent to share it with us.

3. How We Use Your Data

We use your data only for the following purposes:

• To calculate and deliver the report you have purchased
• To send you your report and any necessary order confirmations
• To respond to support requests and complaints
• To improve our service through aggregated analytics
• To meet legal obligations, including financial records

We do not use your data for marketing unless you have explicitly opted in.

4. Lawful Basis for Processing

Under UK GDPR, we process your data under the following lawful bases:

• Contract — processing necessary to deliver the report you have purchased
• Legitimate interests — improving our service and protecting the site against fraud and abuse
• Consent — for any optional marketing communications
• Legal obligation — where required by law, such as keeping records for tax purposes

5. Third Parties We Use

We rely on a small number of trusted service providers to operate the site. Each is a data processor acting on our instructions under appropriate data protection agreements:

• Stripe — payment processing. Stripe receives your card details directly and processes the transaction. See Stripe's privacy policy.
• Cloudways (hosting) — our website and databases are hosted on Cloudways infrastructure in the United Kingdom.
• Our astrology data provider — we use a third-party ephemeris service to calculate planetary positions. This provider receives your birth data solely for the purpose of computing your chart and does not retain it for any other use.
• MailerSend — we use MailerSend to deliver your report and order confirmations.
• MailerLite — if you opt in to our newsletter, your email is managed via MailerLite.
• Google Analytics — anonymous usage statistics to help us understand how the site is being used.

6. International Transfers

Some of our service providers (including Stripe and Google Analytics) may process data outside the UK. Where this occurs, we rely on the standard safeguards recognised under UK GDPR, including the UK International Data Transfer Agreement or equivalent adequacy decisions.

7. How Long We Keep Your Data

We keep your data only for as long as we need to:

• Birth data — retained for as long as is necessary to deliver your report and support any follow-up questions, typically 12 months, after which it is deleted unless you have asked us to keep it
• Email address — retained while you remain a customer or subscriber, and removed within 30 days of unsubscription
• Order and payment records — retained for the minimum period required by UK tax law (currently 6 years)

8. Your Rights

Under UK GDPR you have the right to:

• Access the personal data we hold about you
• Ask us to correct data that is inaccurate
• Ask us to delete your data (subject to legal retention requirements)
• Object to processing, or ask us to restrict processing
• Receive a copy of your data in a portable format
• Withdraw consent at any time for any processing based on consent

To exercise any of these rights, please contact us at omara@paulomara.com. We will respond within one month.

9. Cookies

Our website uses a small number of cookies and similar technologies:

• Essential cookies — required for the site to function (for example, keeping the checkout session active)
• Analytics cookies — Google Analytics sets cookies to measure site usage in aggregate. You can opt out via your browser settings or with the Google Analytics opt-out tool.

We do not use advertising cookies or tracking pixels for third-party advertisers.

10. Security

We take appropriate technical and organisational measures to protect your personal data against accidental loss, unauthorised access, alteration or disclosure. Our site uses HTTPS encryption throughout, and payment data is handled entirely by Stripe, a PCI-DSS Level 1 certified provider.

No system can be guaranteed 100% secure. In the unlikely event of a data breach that affects your personal data, we will notify you and the Information Commissioner's Office (ICO) in accordance with UK GDPR requirements.

11. Children

Astromara is an adult service and our products are available only to customers aged 18 or over. We do not knowingly collect personal data from anyone under 18. If you believe we have inadvertently collected data from a minor, please contact us and we will delete it.

12. Complaints

If you have a concern about how we handle your personal data, please contact us first at omara@paulomara.com so we can try to resolve the matter directly.

You also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):

• Website: ico.org.uk
• Helpline: 0303 123 1113

13. Changes to This Policy

We may update this privacy policy from time to time. Any changes will be posted on this page with an updated date. Where changes are substantial, we will contact you by email if we have your address.

---