Privacy Policy

Last updated: 29 April 2026 · Effective immediately for all users.

This Privacy Policy explains how Harimurti Technologies ("we", "us", "Celeste") collects, uses, shares, and protects information about you when you use the Celeste mobile application and related services (the "Service"). It also describes the choices you have about that information and how you can contact us.

Celeste is operated and owned by Harimurti Technologies, with its principal place of business in India. By installing or using the Service you agree to the collection and use of information in accordance with this Policy.

On this page

Information we collect
How we use information
Legal basis for processing (GDPR)
How we share information
Advertising and analytics
Data retention
Security
Your rights and choices
Children's privacy
International transfers
California Privacy Rights (CCPA / CPRA)
Changes to this Policy
Contact us

1. Information we collect

Information you provide directly

Profile data: the name you choose for your cosmic profile, your date of birth, optional time and place of birth (used to calculate your zodiac sign and astrological houses), and your goals (love, career, self-growth, future).
In-app messages: the text and voice content of conversations you have with the AI Cosmic Coach, plus saved readings and journal entries.
Purchase information: the StoreKit / Google Play receipts associated with your subscription. We never see, store, or have access to your payment card or bank details — those are handled solely by Apple or Google.
Support correspondence: when you contact harimurtitechnologies@gmail.com, we keep a copy of the message and our reply.

Information collected automatically

Device and app data: device model, operating system version, app version, locale, timezone, install source (organic / referral / ad campaign), and the date and time of each session.
Usage data: screens viewed, features used, push notifications received and tapped, and aggregated counts of readings, coach messages, and compatibility checks. This is captured via Firebase Analytics and our own self-hosted event ingest endpoint.
Approximate location: derived from your IP address at request time to suggest sensible defaults (timezone, language, naming convention). You can override every default in onboarding or in Profile.
Crash and performance data: when the app crashes or hits an error, Firebase Crashlytics records the stack trace, device state, and a few breadcrumbs leading up to the crash. No personal data is intentionally included.
Identifiers for advertising: on Android, the Google Advertising ID (GAID); on iOS, the Identifier for Advertisers (IDFA) — only if you grant permission via the App Tracking Transparency prompt. See Advertising and analytics.

Information we do NOT collect

We do not access your contacts, calendar, photo library, or microphone unless you explicitly initiate an action that needs it (e.g. saving a reading card to your photos).
We do not track your precise GPS location.
We do not collect information from children under the age of 13. See Children's privacy.

2. How we use information

We use the information we collect to:

Provide the Service: generate your daily horoscope, run the AI Cosmic Coach, calculate compatibility, and persist your saved readings and streak.
Personalise your experience: localise content to your language and naming convention (Western or Vedic), and tune notification timing to your timezone.
Send you push notifications you've opted into (daily reading reminder, streak save, etc.).
Operate, maintain, and improve the Service: detect fraud, debug crashes, measure feature adoption, and run A/B tests on the user interface.
Process subscriptions and entitlements with Apple App Store and Google Play.
Comply with legal obligations and enforce our Terms of Service.

3. Legal basis for processing (GDPR / UK GDPR)

If you are in the European Economic Area, the United Kingdom, or Switzerland, we process your personal data under the following legal bases:

Performance of a contract: generating readings, processing subscriptions, providing customer support.
Legitimate interests: securing our services, preventing fraud, debugging crashes, and aggregated product analytics. We balance these against your privacy rights and you may object at any time.
Consent: sending push notifications, showing personalised ads, and any feature labelled "with your permission" in the app. You may withdraw consent at any time in Profile → Privacy.
Legal obligations: retaining tax-relevant subscription records for the period required by Indian and applicable foreign tax law.

We do not sell your personal information. We share data only with:

Service providers that operate Celeste under a written data-processing agreement: Anthropic (LLM provider), Google (Firebase Auth, Analytics, Crashlytics, Cloud Messaging, AdMob), MongoDB Atlas (database), Apple (App Store delivery), and our hosting provider IONOS.
Apple App Store and Google Play for subscription verification and refund handling. They independently process your payment data under their own privacy policies.
Legal compliance: when required by valid legal process or to protect the safety of users or the public. We will notify you of any such request unless legally prohibited.
Business transfers: in the event of a merger, acquisition, or sale of all or part of our business, your information may be transferred to the acquirer subject to the same protections set out here.

5. Advertising and analytics

Celeste shows ads to users on the free tier via Google AdMob and Google Ad Manager. To make these ads relevant we may, with your consent, share with Google your device's advertising ID and your interaction with the ad. You can opt out of personalised advertising at any time:

In the Celeste app: Profile → Ad Preferences → Manage ad consent.
On iOS: Settings → Privacy & Security → Tracking → toggle "Allow Apps to Request to Track" off.
On Android: Settings → Google → Ads → toggle "Opt out of Ads Personalization" on, or reset your advertising ID.

For analytics we use Firebase Analytics, which is governed by Google's Firebase Privacy and Security policy. Firebase aggregates and anonymises usage data and we use it solely to understand which features users find valuable.

6. Data retention

Profile and reading history: retained for as long as your account is active. If you delete your account (Profile → Delete my account permanently), we erase all personal data within 30 days.
Subscription receipts: retained for 7 years from the last transaction to comply with Indian tax-law record-keeping requirements.
Crash and analytics data: retained for 14 months in aggregate form. Individual identifiers are stripped after 90 days.
Support correspondence: retained for 3 years from the last reply.

7. Security

We use industry-standard measures to protect your data: TLS 1.3 in transit, encryption at rest for our MongoDB database, hashed and salted credentials, principle-of-least-privilege access controls, automatic vulnerability scanning of our infrastructure, and regular backups stored in separate availability zones.

No method of transmission over the internet is 100% secure. If we discover a breach that affects your personal data, we will notify you and the relevant supervisory authority within 72 hours where required by law.

8. Your rights and choices

Subject to applicable law, you have the right to:

Access a copy of the personal data we hold about you. Use Profile → Download my data, or email harimurtitechnologies@gmail.com.
Correct inaccurate data. Most fields are editable in Profile; for anything else, write to us.
Delete your account and all associated data. Use Profile → Delete my account permanently. The action is immediate and irreversible.
Object to or restrict certain processing (e.g. legitimate-interest analytics).
Port your data to another service in a structured, machine-readable JSON format.
Withdraw consent at any time, without affecting the lawfulness of processing before withdrawal.
Lodge a complaint with a supervisory authority. EEA and UK users may complain to their local data-protection authority.

9. Children's privacy

Celeste is not directed to children under the age of 13 (or the higher minimum age required by your local law, e.g. 16 in some EEA member states). We do not knowingly collect personal information from children under that age. If you believe a child has provided us with personal information, please contact harimurtitechnologies@gmail.com and we will delete it.

10. International data transfers

Celeste is operated from India and uses cloud infrastructure hosted in Europe (IONOS) and the United States (Google Cloud, MongoDB Atlas). When we transfer personal data outside your country of residence, we rely on Standard Contractual Clauses (SCCs) approved by the European Commission and equivalent safeguards required by other jurisdictions.

11. California Privacy Rights (CCPA / CPRA)

California residents have additional rights under the California Consumer Privacy Act of 2018 as amended by the California Privacy Rights Act of 2020. We do not sell your personal information as defined under the CCPA. You may request a list of the categories of personal information we have collected, disclosed, or shared in the preceding 12 months. To exercise any of these rights, contact us at harimurtitechnologies@gmail.com. We will not discriminate against you for exercising any of your rights.

12. Changes to this Policy

We may update this Policy from time to time. When we make material changes we will notify you via in-app message and update the "Last updated" date at the top. Continued use of the Service after the effective date constitutes acceptance of the updated Policy.

13. Contact us

For privacy questions, data subject requests, or any other privacy concern, please contact:

Harimurti Technologies
Email: harimurtitechnologies@gmail.com
Postal address available on request for legal correspondence.