Privacy Policy
Last updated: July 1, 2026
Contents
01 · Who we are
Alya is a personal astrology app operated by Louis Hubert Cottineau (TIN: 302340116), sole proprietor based at 5 Sairme Street, Tbilisi, Georgia.
This Privacy Policy explains what data we handle when you use the App, how, and your rights under the GDPR and similar privacy regulations. Alya is provided for entertainment and self-reflection.
02 · Data we handle
2.1 Stored locally on your device
- Birth details you enter: date, time and place of birth, first name (optional), and the answers you give during onboarding.
- Your computed chart: your natal chart and all derived data (placements, numerology, traditions, astrocartography), calculated on your device.
- Generated readings: the text of readings, cached so they don't need to be re-generated.
- Photos (only if you add a face or palm photo) and the reading text derived from them.
- App preferences: chosen language, notification time, onboarding progress.
All of the above is stored on your device using the standard iOS secure storage. This data never leaves your device except for the specific processing steps described below.
2.2 Generating a reading (AI)
When a reading needs to be written, the computed facts of your chart (for example your placements, dominant element, numbers and, where relevant, your onboarding answers) are sent to our secure server component, which relays them to our AI provider, OpenRouter, and the language model that writes the text.
- The data is used only to produce that one reading and is returned to your device.
- It is not stored on our servers, not used to build a profile of you, and not shared with third parties beyond this generation step.
- Alya requires no account, so a reading is not linked to your identity, only to an anonymous per-install identifier used to prevent abuse of the service.
OpenRouter and the underlying model providers process the request under their own terms. You can review OpenRouter's privacy terms at openrouter.ai/privacy.
2.3 Face & palm photos · temporary processing
If you choose to add a face or palm photo for a reading, that single photo is:
- Kept on your device (so you can see it and retake it).
- Sent, for the reading, to our server component and relayed to our AI vision provider (via OpenRouter) to describe what it sees and locate the lines/features.
- Not stored on our servers, not used for training, and not shared beyond this recognition step. The raw image is never kept on our side; only the resulting text is returned and kept on your device.
Adding a photo is entirely optional. You can retake or remove it at any time in the app.
2.4 Subscription data
If you subscribe, the purchase is processed by Apple through the App Store, and entitlement is managed through RevenueCat, our subscription provider. We receive only the minimum information required to grant your subscription (an anonymous app-user identifier and subscription status). We never receive your card details or billing address. See RevenueCat's privacy policy at revenuecat.com/privacy.
2.5 Analytics
Alya uses PostHog to understand, in aggregate, how the app is used (for example which screens are opened) so we can improve it. Events are tied to an anonymous identifier, not to your name, email or birth details. We do not sell your data and we do not use it to target you with advertising. See PostHog's privacy policy at posthog.com/privacy.
2.6 Account
Alya does not require an account. We do not ask for your email or password, and we do not know who you are.
03 · Legal basis (GDPR)
Where GDPR applies, processing is based on:
- Performance of the service (Art. 6(1)(b)): to compute your chart, generate the readings you request, process a face/palm photo you provide, and manage your subscription.
- Consent (Art. 6(1)(a)): for the optional camera/photo permission and for adding a photo.
- Legitimate interest (Art. 6(1)(f)): for anonymous, aggregated usage analytics and diagnostic logs, to keep the service working and improve it.
Your birth date, time and place can, in some readings, touch on sensitive topics. Alya does not use this data to infer or record any special-category information about you; it is used solely to compute an astrological chart at your request.
04 · Data retention
- Local data (birth details, chart, readings, photos): kept as long as the App is installed. Uninstalling the App immediately and permanently deletes all local data.
- Data sent to generate a reading, and face/palm photos: processed in transit and in memory only. Not retained by us.
- Server logs: standard request logs (IP, timestamp, status code) are kept up to 7 days by Cloudflare for operational purposes, then deleted.
- Subscription status: kept as long as your subscription is active, plus the time needed to comply with tax and accounting obligations (up to 10 years under Georgian law).
05 · Your rights
Under the GDPR and equivalent laws, you have the right to:
- Access the data we process about you
- Rectify inaccurate data
- Erase your data
- Restrict or object to processing
- Portability
Since all personal data is stored locally, you can exercise most of these rights yourself: edit your birth details in the app, retake or remove a photo, or uninstall the App to erase everything. Subscription billing records held by Apple must be requested through Apple.
For any other request, contact us at byebedapp@gmail.com. You also have the right to lodge a complaint with your local data protection authority.
06 · Permissions requested by the App
- Camera: only if you choose to take a face or palm photo for a reading.
- Photo library: only if you choose to pick an existing photo for a face or palm reading.
- Notifications: to send your daily reading reminder, if you enable it.
All permissions are optional. Refusing a permission only disables the related feature; the rest of the app works normally.
07 · Minors
Alya is not targeted at anyone under 16. We do not knowingly collect data from children.
08 · International transfers
To generate readings, data may be transmitted to servers operated by Cloudflare, OpenRouter and the underlying model providers, which may be located outside your country (including the United States). These providers offer appropriate safeguards (such as Standard Contractual Clauses) for international transfers. Subscription and analytics providers (Apple, RevenueCat, PostHog) may likewise process data outside your country under equivalent safeguards.
09 · Security
Local data is protected by iOS sandboxing and device encryption (when enabled by the user). All network calls to our server component and providers are served exclusively over HTTPS.
10 · Changes
We may update this Privacy Policy. Material changes will be reflected by updating the "Last updated" date. Continued use of the App after such changes constitutes acceptance.
11 · Contact
For any question regarding this policy, contact us using the details below.
Email: byebedapp@gmail.com
Alya
© 2026 Louis Hubert Cottineau. All rights reserved.