Privacy Policy
Last updated: June 28, 2026
Effective date: June 28, 2026
This Privacy Policy explains how Blue Electric Hand Corporation ("Cosmic You," "we," "us," or "our") collects, uses, discloses, and protects your personal information when you use the Cosmic You website and services (the "Service"). We are a corporation registered in Ontario, Canada.
This policy complies with the Personal Information Protection and Electronic Documents Act (PIPEDA) in Canada, the General Data Protection Regulation (GDPR) in the European Economic Area and United Kingdom, and the California Consumer Privacy Act / California Privacy Rights Act (CCPA/CPRA) for California residents. Region-specific rights are summarized in Section 11.
1. Quick summary
- We collect the information you give us (email, password, birth data), information your device provides (IP, device type), and a minimal amount of usage analytics via PostHog.
- We use it to generate your reports, run your account, send you transactional emails, and improve the Service.
- We share it with payment processors (Stripe), hosting and database providers (MongoDB Atlas, our cloud host), AI providers (Anthropic), and email providers - not with advertisers, not with data brokers, never for sale.
- You can export your data or delete your account at any time. EU, UK, and California residents have additional rights described below.
- Birth data (date, time, place) is sensitive to you personally but is NOT a legally "sensitive" category in most jurisdictions; we still treat it with care.
If you only read one thing, read the bold summaries under each section heading.
2. Information we collect
What we collect depends on how you use the Service.
Information you provide
- Account information: email address, display name, hashed password (we never store plaintext passwords), preferred language (English or French).
- Birth data: date of birth, time of birth (optional), birth place. We need this to generate your report. You may also provide birth data for other people - for example, to run a synastry reading or to gift a PDF report. When you do, you represent that you have the right to do so.
- Payment information: if you subscribe, Stripe collects your payment details directly. We receive only a customer token, the tier you selected, and a record of successful charges. We do not receive or store your card number, CVV, or full billing address.
- Optional content: gift messages on PDF-extra reports, personality test responses, streak records, notes on Cosmic U lessons.
Information collected automatically
- Device and network information: IP address, browser user-agent, approximate geographic region (derived from IP), device type.
- Usage data: pages viewed, buttons clicked, features used. Collected via PostHog with IP anonymization enabled.
- Error and performance data: if enabled, Sentry captures error diagnostic data. We scrub authorization tokens, cookies, and request bodies before transmission.
Information we do NOT collect
- Real-time location (GPS)
- Contacts, camera roll, microphone
- Content from other apps
- Government IDs or financial account numbers
- "Sensitive" personal data under GDPR Article 9 (race, religion, health, etc.) unless you voluntarily include it in an open-text field
3. How we use your information
We use it to deliver the Service you asked for, run the business behind it, and improve it. Specifically:
- To generate, store, and display your reports
- To create and maintain your account
- To process payments and subscriptions through Stripe
- To send you transactional emails (account verification, password reset, receipts, PDF-extra delivery)
- To send you marketing emails ONLY if you opt in; you can opt out at any time
- To operate anti-abuse measures (rate limiting, fraud detection)
- To debug errors and improve Service performance
- To comply with legal obligations
- To enforce our Terms of Service
We rely on the following legal bases (GDPR terminology):
- Contractual necessity - we cannot generate a report or run your account without processing your birth data and login credentials
- Legitimate interests - anti-abuse, security monitoring, aggregate analytics, product improvement; we balance these against your privacy rights
- Consent - marketing emails, optional cookies beyond the essential, data collection from minors aged 13–17 where regional law requires explicit consent
- Legal obligation - when we must comply with law enforcement, tax, or regulatory requirements
AI training and improvement ("Help improve Castalia", opt-in only)
By default we do NOT use your reflections, journal entries, birth data, or Castalia conversations to train AI models. Our AI features run on third-party model providers (such as OpenAI, Anthropic, and Google) under agreements that prohibit them from training their models on your content.
If, and only if, you turn on the "Help improve Castalia" setting in your account, you consent to let us use de-identified copies of your consented conversations (with emails, phone numbers, and personal identifiers removed) to make Castalia more helpful over time. This is off by default, it is strictly opt-in, and you can turn it off at any time in Settings. Turning it off stops all future use. This never includes anything flagged as a crisis, your private journal entries, payment data, or anything from a minor's account.
4. Who we share information with
We share information with a short list of operational providers. We do not sell your data.
Service providers ("processors" in GDPR terms)
| Provider | What they receive | Purpose |
|---|---|---|
| Stripe | Payment details (directly, not via us), customer token, charge amounts | Payment processing |
| MongoDB Atlas | All account + report data | Database hosting |
| Our cloud host | All server data | Application hosting |
| Anthropic (Claude Sonnet) | Your birth data inputs + generated report text | AI-generated content |
| Wikimedia | Month and day only (no user identifier) | Celebrity previews |
| PostHog | Anonymized usage events + user ID (no email/name) | Product analytics |
| Sentry (when enabled) | Error diagnostics, scrubbed of credentials | Error monitoring |
| Email provider (Resend or similar, when wired) | Recipient email, email content | Transactional email delivery |
All providers are bound by data-processing agreements requiring them to use your data only for the purpose we instruct and to apply appropriate security measures.
Legal disclosures
We may disclose information if required by law, subpoena, court order, or valid government request; to protect the rights, property, or safety of our users, our company, or the public; or in connection with a merger, acquisition, or asset sale (we will notify you before data is transferred in that case).
Never shared with
- Advertisers or ad networks
- Data brokers
- Other users - except report content YOU choose to share via the public-share link or gift feature, and the limited relationship data you choose to share inside Orbits (see below)
- Anyone, for money - we do not sell your data
Sharing with people you invite (Orbits)
Orbits lets you explore a relationship with people you invite - a Bond (two people) or a Circle (three to eight). When you open a shared field, a limited, relationship-scoped view of your information becomes visible to the other member(s), and theirs to you. This sharing follows strict rules built into the Service:
- Mutual consent only. A shared field opens only after every person in it has explicitly accepted. No data is shared on the strength of one person's action alone.
- Minimum-scope visibility. The shared field shows only what every member has agreed to expose. If one person grants a narrower scope, that narrower scope governs the whole field - you can never see more of another person than they have chosen to share.
- Only relationship data - never your private space. Your journal, your one-to-one Castalia conversations, and any private reflections never enter a shared field. Only the relationship-scoped data you consent to is composed into the joint view and any joint Castalia session.
- Revocable at any time. Any member can withdraw at any time. Withdrawal immediately dissolves the shared field and returns each person to their separate, private view.
- Invites to non-users. If you invite someone who is not yet on Cosmic You, we process the contact detail you provide solely to deliver that invitation, on the basis of your request (PIPEDA consent). We do not use it for any other purpose.
Castalia, when speaking to a Bond or Circle, addresses the relationship itself and is even-handed by design; she does not act as a means for one member to monitor another.
5. International data transfers
Cosmic You operates from Canada, and our infrastructure includes providers in the United States and the European Union. If you are located outside these regions, your data will be transferred, stored, and processed in Canada and the United States.
For EU / UK users: we rely on the European Commission's adequacy decision for Canada's PIPEDA-regulated private sector, and on Standard Contractual Clauses (SCCs) for transfers to U.S. providers. We treat all user data with EU-level safeguards regardless of region.
6. How long we keep your information
- Account data: until you delete your account, plus a short grace window (30 days) for recovery in case of accidental deletion
- Reports (primary profile): until you delete your account
- PDF-extra reports: 365 days from creation, after which they are automatically deleted
- Payment records: 7 years to comply with Canadian tax law
- Email logs: 90 days
- Error diagnostics (Sentry): 30 days
- Analytics events (PostHog): 12 months
- Account-deletion backup copies: 60 days before permanent purge
If you delete your account, we remove your data from active systems within 30 days and from backups within 60 days, except where we are required to retain data for legal compliance (e.g., payment records).
7. Security
We take security seriously.
- Passwords are hashed with industry-standard algorithms (we never see your plaintext password)
- Data in transit is encrypted via HTTPS/TLS 1.2+
- Data at rest in MongoDB Atlas is encrypted
- Stripe handles all card data; we never store it
- Access to production systems is restricted and logged
- Webhook signatures are verified before any payment is processed
- We rate-limit authentication endpoints and scrub error logs of sensitive headers
No system is perfectly secure. If we become aware of a data breach that affects you, we will notify you without undue delay, consistent with applicable law.
8. Your rights
You have the following rights regarding your personal information. The specific legal framework depends on your region (see Section 11), but the rights below apply to all users regardless of location as a matter of our policy:
- Access - request a copy of the personal information we hold about you
- Rectification - correct inaccurate or incomplete information
- Erasure - delete your account and associated data
- Portability - export your data in a machine-readable format (JSON)
- Restriction - ask us to limit how we use your data while a concern is being resolved
- Objection - object to processing based on legitimate interests (we will stop unless we have overriding legitimate grounds)
- Opt out of marketing - at any time, via any marketing email's unsubscribe link or account settings
- Withdraw consent - where processing is based on consent, you can withdraw it at any time (without affecting prior lawful processing)
To exercise any right, email privacy@cosmicyou.me. We will respond within 30 days. We may need to verify your identity before fulfilling certain requests.
9. Children
The Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If we learn we have collected data from a child under 13 without verifiable parental consent, we will delete it.
For users aged 13–17, where local law requires it (including GDPR for minors under the age of digital consent in their country, which varies from 13 to 16), we require parental or guardian consent before account creation or marketing communications.
10. Cookies and similar technologies
We use a small number of cookies and local-storage entries:
- Essential - authentication token, session persistence, CSRF protection. These cannot be disabled because they make the Service work.
- Preferences - theme (ci_theme), language, font size, persistent sign-in. Stored locally in your browser; you can clear them through your browser settings.
- Analytics - PostHog session identifiers. You can opt out via the cookie banner (EU/EEA/UK) or request that we stop analytics collection via email.
We do not use third-party advertising cookies or tracking pixels.
11. Regional rights
European Economic Area, United Kingdom, and Switzerland (GDPR)
In addition to the rights in Section 8, you have the right to lodge a complaint with your local data protection authority. The data controller is Blue Electric Hand Corporation, Ottawa, Ontario, Canada. We have not appointed an EU representative at this time; if we are required to do so we will update this policy.
California (CCPA/CPRA)
California residents have the rights described in Section 8, plus:
- The right to know what personal information we collect, the sources, the purposes, and the categories of third parties we share it with (this policy provides that)
- The right to opt out of "sale" or "sharing" of personal information. We do not sell or share personal information for cross-context behavioral advertising.
- The right to limit the use of sensitive personal information. We do not use sensitive personal information for inferring characteristics about you.
- The right to non-discrimination for exercising these rights. We will not deny service, charge different prices, or provide a different level of service because you exercised a privacy right.
To submit a request, email privacy@cosmicyou.me with the subject line "CCPA Request." You may designate an authorized agent to make a request on your behalf.
Canada (PIPEDA, Quebec Law 25)
Canadian residents have the rights described in Section 8. If we decline a request or you have a complaint, you may contact the Office of the Privacy Commissioner of Canada (www.priv.gc.ca) or, for Quebec residents, the Commission d'accès à l'information (www.cai.gouv.qc.ca).
For Quebec residents: under Law 25, you have the right to request the algorithm used for any automated decision-making that significantly affects you. Cosmic You does not make automated decisions that have legal or similarly significant effects on users. The AI-generated content in your reports is interpretive only - no decision is made by the Service that affects your eligibility for credit, employment, insurance, housing, or any other material right.
Brazil (LGPD) and other jurisdictions
We extend the rights in Section 8 to residents of Brazil, Australia, New Zealand, and any other jurisdiction with a comparable privacy law. Contact us at privacy@cosmicyou.me.
12. Changes to this policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or in-app notification at least 14 days before the changes take effect. The "Last updated" date at the top of this policy always reflects the current version.
13. Contact
Blue Electric Hand Corporation · Ottawa, Ontario, Canada Privacy inquiries: privacy@cosmicyou.me General support: support@cosmicyou.me Data Protection Officer: Obi, reachable at privacy@cosmicyou.me