Privacy Policy

Astral Messenger places great importance on privacy protection and respect for its users' personal data.

This Privacy Policy aims to explain what data is collected, for what purposes, how it is protected, and what rights users have.

This policy is established in accordance with the General Data Protection Regulation (GDPR) and applicable regulations.

The ASTRALMESSENGER service is jointly operated by two companies acting as joint controllers within the meaning of Article 26 GDPR:

FACTORIZE, EURL, 14 rue de la Lys, 59181 Steenwerck, France, RCS 922 530 639, VAT FR54922530639, represented by Aurélien PISKORSKI.

MAXKEN, SARL, 34 place du Général de Gaulle, bureau 3, 59800 Lille, France, RCS 821 612 611, VAT FR42821612611, represented by Max BRYSELBOUT.

No Data Protection Officer (DPO) has been designated, as appointment is not mandatory given our current processing activities (Article 37 GDPR).

For any request related to your personal data: contact@astralmessenger.com.

Astral Messenger only collects data strictly necessary for the operation of the service.

• Email address
• Account identifier
• Content of messages exchanged within the service
• Billing information (excluding banking data)
• IP address
• Connection data (date, time, browser)
• Technical data necessary for site operation

No banking data is stored by Astral Messenger.

Personal data is collected for the following purposes:

• Providing access to the guidance service
• Managing user accounts
• Processing payments and subscriptions
• Ensuring the security and proper functioning of the service
• Responding to support requests
• Complying with legal obligations

Data is never used for third-party advertising purposes nor resold.

Data processing is based on:

• Performance of the contract (access to service, subscription)
• User consent (account creation, acceptance of terms)
• Legitimate interest of Astral Messenger (security, service improvement)
• Applicable legal obligations

Messages exchanged in Astral Messenger are processed automatically to provide guidance responses.

Conversations may be temporarily stored for technical purposes and analyzed globally to improve the service.

Without individual analysis for commercial or advertising purposes.

Astral Messenger retains personal data as long as the user account is active, then for a limited period after deletion to comply with legal obligations.

Billing data is retained in accordance with applicable accounting obligations.

Data may be accessed by authorized internal teams of the publishers and by the technical sub-processors strictly necessary to operate the service:

• OVH SAS (France) : hosting of the application and databases.
• Stripe Payments Europe Ltd (Ireland), with its parent company Stripe Inc. (United States) : payment and subscription processing. No full banking data is transmitted to Astral Messenger.
• OpenAI, L.L.C. (United States) : provider of the AI model used to generate the service's responses.
• Sendinblue SAS – Brevo (France / EU) : delivery of transactional emails (account confirmation, magic link, notifications).
• Functional Software, Inc. – Sentry (United States) : automated collection of application errors (logs, traces) for diagnostic and reliability purposes.
• Plausible Insights ehf (Iceland / EEA) : anonymous website audience measurement, with no cookies and no personal data.

Each sub-processor is bound by a contract compliant with Article 28 GDPR and subject to strict confidentiality and security obligations.

Some data may be transferred to providers located outside the European Union, notably Stripe Inc., OpenAI, L.L.C. and Sentry (United States).

Such transfers are governed by the Standard Contractual Clauses adopted by the European Commission (Decision (EU) 2021/914) and, where applicable, by the provider's certification under the EU–US Data Privacy Framework.

Astral Messenger ensures that the level of data protection remains compliant with GDPR requirements.

Astral Messenger implements appropriate technical and organizational measures to protect personal data against unauthorized access, loss, alteration, and disclosure.

In accordance with the GDPR, each user has the following rights:

• Right of access to their data
• Right of rectification
• Right to erasure
• Right to restriction of processing
• Right to object
• Right to data portability

Users may request the deletion of their account and personal data.

Deletion is carried out within a reasonable timeframe, subject to legal retention obligations.

Astral Messenger only uses cookies strictly necessary for site operation (authentication, security, preferences).

Audience measurement is performed via Plausible Analytics, a tool that uses no cookies, collects no personal data or individual identifiers, and does not track users across sites. This setup qualifies for the consent exemption recognized by the French data protection authority (CNIL) for strictly necessary audience measurement tools.

No advertising cookies or third-party trackers are set.

Astral Messenger is intended for adult audiences.

No voluntary collection of data concerning minors is carried out.

This Privacy Policy may be modified at any time.

Any substantial modification will be brought to the attention of users.

In case of disagreement or difficulty regarding the processing of personal data, the user may file a complaint with the competent authority.

For any questions regarding the protection of personal data, please contact us via the contact address available on the site.