⚙ AstroNube

Draft — pending legal review. This page describes how AstroNube Tools handles personal data. It is provided in good faith but should be checked by a solicitor before public launch.

Privacy policy

Last updated: 2026-05-04

What we store

To provide the AstroNube Tools service we store:

  • Your email address (used for sign-in and account recovery).
  • A salted bcrypt hash of your password. We do not store passwords in plaintext and cannot recover them.
  • Account metadata: registration timestamp, last sign-in, plan tier (Free / Pro), trial-end date, timezone preference.
  • Data you create in the app: locations (name, latitude, longitude, Bortle rating), equipment items, setups, observing sessions, and target lists. This is the tool's actual content; without it the service has no purpose.

What we do not store

We do not collect analytics or behavioural tracking data. We do not load third-party tracking scripts, advertising pixels, or social-media plugins. We use no third-party cookies. The only cookies set are essential session and CSRF cookies on our own domain.

Data sharing

We do not sell or share your personal data with third parties. Two third-party services are called as part of normal feature delivery:

  • NASA SkyView — proxied calls for DSS sky images. Your account identity is not sent; only the celestial coordinates of the target you selected.
  • Open-Meteo — weather forecasts. Your location's latitude and longitude are sent to retrieve a forecast. Your account identity is not.
  • OpenStreetMap Nominatim — place-name geocoding when you use the "Find a place" search while adding an observing location. Only the search string you type is sent (e.g. "Wicklow, Ireland"). Results are cached on our server for 7 days. Your account identity is not sent.

Your rights (GDPR)

If you are in the EU/UK, you have the following rights:

  • Access and portability (Article 15 / 20) — download a JSON export of every piece of data we hold about you at GET /auth/me/export while signed in.
  • Erasure (Article 17) — delete your account and all associated data via the Account page or DELETE /auth/me. Erasure is immediate and cascading.
  • Rectification (Article 16) — edit any data you've created via the in-app forms.

Data retention

We retain account data while your account is active. Hard-delete is immediate when you delete your account. We keep no backups of personal data beyond what is needed to recover from a recent operational failure (we'll publish the exact retention window once production hosting is finalised).

Contact

For privacy questions, email hello@astronube.com. Replace with your real privacy contact before launch.