Privacy Policy

Last updated: March 10, 2026

Prime Self ("we", "us", "our") operates the Prime Self web application at selfprime.net. This Privacy Policy describes how we collect, use, store, and protect your personal information.

1. Information We Collect

We collect the following categories of personal data:

• Account Information: Email address and password (hashed, never stored in plaintext).
• Birth Data: Date of birth, time of birth, and place of birth. This data is used solely for chart calculations and profile generation.
• Payment Information: Processed and stored by Stripe, Inc. We do not store credit card numbers on our servers. We retain Stripe customer IDs and subscription status.
• Usage Data: Pages visited, features used, check-in entries, diary entries, and chart generation history.
• Device Information: Browser type, device type, and IP address (for rate limiting and security only).

2. How We Use Your Information

• Chart Calculation: Birth data is used to compute your energy blueprint chart using astronomical algorithms.
• AI Profile Generation: Birth data and chart results are sent to AI language model providers (Anthropic, Groq) to generate your personalized profile synthesis.
• Transit Updates: Birth chart data is used to calculate daily transit interactions.
• SMS Digests: If you opt in, your phone number is shared with Telnyx for daily transit digest delivery.
• Account Management: Email is used for authentication, password reset, and service communications.
• Payment Processing: Subscription management via Stripe.

3. Third-Party Data Sharing

We share personal data with the following third-party service providers, strictly for the purposes described:

• Stripe, Inc. — Payment processing and subscription management.
• Anthropic / Groq — AI language model providers for profile synthesis. Birth data (date, time, location) and chart results are sent for text generation only. These providers do not retain your data for model training.
• Telnyx — SMS delivery for users who opt in to daily transit digests.
• Resend — Email delivery for transactional emails (welcome, notifications).
• Cloudflare — Infrastructure hosting, CDN, and analytics.

We do not sell your personal data to any third party.

4. Data Retention

• Account data: Retained for the life of your account.
• Chart and profile data: Retained for the life of your account.
• Payment records: Retained as required by financial regulations (typically 7 years).
• Usage analytics: Aggregated and anonymized after 90 days.

When you delete your account, all personal data (birth data, charts, profiles, diary entries, check-ins) is permanently deleted. Payment records are retained per legal requirements.

5. Your Rights (GDPR / CCPA)

Regardless of your location, we extend the following rights to all users:

• Access: Request a copy of all personal data we hold about you.
• Rectification: Correct inaccurate personal data.
• Erasure: Request deletion of your account and all associated data.
• Data Portability: Export your data in machine-readable format (JSON).
• Objection: Opt out of non-essential data processing.
• Restriction: Request that we limit processing of your data.

To exercise any of these rights, contact us at [email protected].

6. Data Security

We implement appropriate technical measures to protect your data:

• Passwords are hashed using PBKDF2-SHA256 with cryptographic salt.
• All data transmitted over HTTPS/TLS encryption.
• JWT authentication with secure token rotation.
• Rate limiting to prevent abuse.
• Parameterized SQL queries to prevent injection attacks.

7. Cookies and Local Storage

We use browser local storage to maintain your session (authentication token) and user preferences (sidebar state, language). We do not use third-party tracking cookies. Cloudflare may set functional cookies for security purposes.

8. Children's Privacy

Prime Self is not directed at children under 16. We do not knowingly collect personal data from children under 16. If you believe a child has provided us with personal data, contact us and we will delete it promptly.

9. International Data Transfers

Your data may be processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place for international transfers.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. Continued use after changes constitutes acceptance.

11. Contact

For privacy inquiries, data requests, or complaints:

Email: [email protected]

Website: https://selfprime.net