We do not and will not sell your data. Period.
Stardust is an astrological period tracker owned and operated
by a team of three women based in New York City. Given the current political climate, we
have taken rigorous measures to protect users, especially those in states where abortion
is being criminalized. We believe all period trackers should stringently protect the
privacy of users—and be transparent about exactly how they do so.
We will not sell your data
This includes your personal data like email addresses and even more personal information like pregnancy status or location. Instead of selling data, we will one day charge for paid features within the app. Unlike most of our competitors, we have never sold data in the past and we never will. It's not our business model or philosophy. We actually designed this app because we do not want our data sold. Also we wanted a cooler and prettier period tracking experience.
You can delete your data at any time
Just go to the profile and delete your data and poof, it's gone. If you hit this delete button, it is deleted forever, within minutes.
We give you choices for how you login
You can login with Apple, Google, email or phone number. We do not share any data beyond the app name with these login partners.
We use third parties to help us achieve our goals and mission
- Mixpanel: We use mixpanel to help with user analytics, so we can make better product decisions. For example, is anyone actually using this new button we designed or should we get rid of it? We don’t know who is actually tapping the button because we save personal identifiable information in a different place from all other data. We do NOT save IP-addresses and we do NOT send any personal identifiable information to Mixpanel. All user sessions in Stardust are 100% anonymous.
- Rownd: We use Rownd for authentication. They are a privacy focused authentication company. They DO NOT sell any data, ever.
- Firebase: We use Firebase for crash tracking. It does not track any personal data.
- AWS: Our database and servers run through AWS (Amazon) services. User period data is stored on these databases ANONYMOUSLY. We don’t know who any of this data belongs to because it is kept separately and anonymously from your personal identifiable login information, which is stored on Rownd.
- Shake.io: We use Shake for bug and crash reporting. If you shake your phone a dialog will pop up and you can tell us about a bug you’ve encountered. Please do it! NO personal identifiable information is shared with Shake.
- OneSignal: We use OneSignal for sending push notifications. NO personal identifiable information is shared with OneSignal.
- Branch.io: We use Branch to see where people are discovering Stardust. NO personal identifiable information is shared with Branch
How we use your data.
- Email/phone number: We use this for login and to stay in touch with you for product updates and offers. This info is stored with Rownd - a privacy focused authentication platform.
- Birthdate: We use it to look at your astrological chart for natal moon phase and sign.
- Name: We ask you to enter your name to personalize the app experience. It doesn’t have to be your actual name. You can use any username you’d like.
- Period data: We look at your historical period data to predict your future patterns and combine the data with your astrological chart for interesting insights.
- Device data: We collect device data like which version of phone or iOS you’ve got in order to help with bugs and user experience.
- Country data: We can see what country’s app store you downloaded the app from.
- Location data: We ONLY get “Timezone” data to help with lunar position.
- IP Address: WE DO NOT COLLECT IT
What happens if law enforcement sends us a subpoena for your data
We cannot prevent the government from issuing a subpoena, however we will not be able to produce your period data because we cannot connect it to your login information. We do not know which data set belongs to which person.
If law enforcement obtains your phone and forces you to unlock it through biometrics we cannot protect you yet. We are building a way to lock the app with a pin and this will be ready in the coming months. If you live in a place where you are especially vulnerable then we recommend you track your period in a paper journal and hide it somewhere safe.
We are committed to constantly improving our security efforts. If you’d like to consult or contribute please reach out to us at firstname.lastname@example.org
Effective October 19th, 2022
We will not sell your data. Full stop. This includes everything from email address to pregnancy status to location. Instead of selling data, which is how some period trackers earn money, we will one day charge for paid features within the app. We believe this is a healthy way to make sure our incentives remain aligned with those of our users.
Unlike most of our competitors, we have never sold data in the past and never will. It is neither our business model nor our philosophy to do so.
You can delete your data at any time. Your data, your choice. To erase your data, simply hit the delete button within your profile. Within minutes your data will be gone permanently.
We give you choices for how you log in. You can log in with Apple, Google, email, or phone number. We do not share any data beyond the app name with these partners.
We use vetted third parties to help us achieve our mission.
Here’s what to know.
- Mixpanel: We use Mixpanel to help with user analytics, so we can make better product decisions. For example, is anyone actually using this new button we designed or should we get rid of it? In this case (and all cases), we do not know who is actually tapping the button, because we save personal identifiable information in a different place from all other data. We do not save IP-addresses and we do not send any personal identifiable information to Mixpanel. All user sessions in Stardust are 100% anonymous.
- Rownd: We use Rownd for authentication. They are a privacy-focused authentication company. They do not sell any data, ever.
- Firebase: We use Firebase for crash tracking. It does not track any personal data.
- AWS: Our database and servers run through AWS (Amazon) services. User period data is stored on these databases anonymously. We do not know who any of the data belongs to because it is stored separately and anonymously from your personal identifiable login information.
- Shake.io: We use Shake for bug and crash reporting. If you shake your phone a dialog will pop up and you can tell us about a bug you’ve encountered. Please do it—it makes the app better! No personal identifiable information is shared with Shake.
- OneSignal: We use OneSignal for sending push notifications. No personal identifiable information is shared with OneSignal.
- Branch.io: We use Branch to see where people are discovering Stardust. No personal identifiable information is shared with Branch
How we use your data.
Here’s exactly what we use and how we use it.
- Email/phone number: We use this info for login and to stay in touch with you for product updates and offers. This info is stored with Rownd, a privacy-focused authentication platform.
- Birth date: We use this to look at your astrological chart for natal moon phase and sign.
- Name: We ask you to enter your name to personalize the app experience. It doesn’t have to be your actual name! You can use any username you’d like.
- Period data: We look at your historical period data to predict future patterns and combine this data with your astrological chart to yield insights.
- Device data: We collect device data— like which version of phone or iOS you’ve got—in order to help with bugs and user experience.
- Country data: We can see what country’s app store you downloaded the app from.
- Location data: We only get “time zone” data to help with lunar position.
- IP Address: WE DO NOT COLLECT IT.
What happens if law enforcement sends us a subpoena for your data: We cannot prevent the government from issuing a subpoena. However, in such a case we would not be able to produce your period data because we cannot connect it to your login information. We do not know which data set belongs to which person.
If law enforcement obtains your phone and forces you to unlock it through biometrics, we cannot protect you yet. We are building a way to lock the app with a PIN and this will be ready in the coming months. If you live in a place where you are especially vulnerable, we recommend you track your period in a paper journal and store it in a secure place.
Personal data and information we collect from you
- How we use your information
- Your rights
- Retention of your personal data
- Personal data you elect to share with third parties
- Third party links
- Privacy of payments
- Information Applicable to EU Users
- Contact us
1. Personal data and information we collect from you
Personal data you provide to us
When you sign up to use the App, Rownd may collect PII about you such as: your email address and phone number. When you use the App, you may choose to provide Health Data.
Information we collect automatically
When you access or use the App, we may automatically collect the following information (however, such information cannot be tied to you as a person, given our encryption procedures):
a. Device Information: We collect information about the mobile device you use to access the App, including the hardware model, information about the device’s operating system and its version, unique device identifiers and mobile network information.
b. Location Information: We collect your time zone, and information about your mobile service provider, which allows us to infer your general location. We do not collect your IP address.
c. Information Collected by Cookies and Other Tracking Technologies: We use various technologies to collect information about your use of the App, such as frequency of use, which areas and features of our App you visit and your use patterns generally, engagement tracking with particular features, etc. To collect this information, we may send cookies, pixel tags and web beacons to your mobile device or computer. We only use this information for internal purposes, such as improving the Services.
By creating a profile in the App, you explicitly consent that:
b. PLEASE NOTE THAT WE WILL NEVER SELL YOUR PERSONAL DATA.
2. How we use your personal data and information
We may use your information, including your Personal Data, for the following purposes:
a. to analyze, operate, maintain and improve the App, to add new features and services to the App;
b. to customize content you see when you use the App;
c. to provide and deliver the products and services you request, process transactions and send you related information, including confirmations and reminders
d. to send you technical notices, updates, security alerts and support and administrative messages;
e. for billing (invoicing), account management and other administrative purposes, if applies;
f. to respond to your comments, questions and requests and provide customer service;
g. to monitor and analyze trends, usage and activities in connection with our App;
Disclosure of Your Information
We want you to understand when and with whom we may share the information we collect. We only disclose information that we collect through the Services with third parties as follows:
Service Providers. We may share your information with our service providers that perform certain functions or services on our behalf, such as to host the Services or perform analyses. Except as to Rownd, all information provided to our service providers is shared in an anonymized form. Your PII and Health Data cannot be linked by us or our service providers because they have been anonymized from each other.
Other Parties When Required By Law or as Necessary to Protect the Services. We may disclose your anonymized information to third parties in order to protect the legal rights, safety, and security of the Company and the users of our Services; enforce our Terms of Service; and prevent fraud. In addition, the Company may also receive information requests from law enforcement or other government entities and/or be served with a legal process. While the Company may be legally required to produce information in response to such request or legal process, any Health Data that the Company is required to share will remain anonymous such that it cannot be linked back to you.
In Connection With a Transfer of Assets. If we sell all or part of our business, or make a sale or transfer of assets, or are otherwise involved in a merger or business transfer, or in the event of bankruptcy, we may transfer your anonymized information to one or more third parties as part of that transaction.
You will be notified via email and/or a prominent notice on our Site of any change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information.
Choices about how We collect, use and disclose your information
We strive to provide you with the choices regarding our collection, use and disclosure of the information you provide to us. The mechanisms listed below aim to provide you with control over such collection, use and disclosure:
Marketing Communications: If you do not want us to send you marketing or promotional communications, you can opt-out by clicking the “unsubscribe” link in any such promotional emails, checking the relevant box located on the form on which we collect your data or emails us at email@example.com.
Cookies: You have the option to accept or disable cookies at any time through your browser. You may refuse to accept browser cookies by activating the appropriate setting on your browser. If you choose to disable your cookies, your user experience may be limited.
Mobile Analytics: If you are using our App, we use Mobile Device IDs, instead of cookies, to recognize you. We use the Mobile Device IDs and other mobile analytics software solely to allow us to better understand the functionality of our mobile software on your phone.
3. Your rights
Modification, correction and erasure
You are able to modify, correct, erase, and update your Personal Data by writing us at firstname.lastname@example.org
You have a right to access your Personal Data you insert into the App and ask us about what kind of Personal Data we have about you. You can do this by using the app settings or by writing us at email@example.com
California Civil Code Section 1798.83, also known as the “Shine The Light” law, permits our users who are California residents to request and obtain from us, once a calendar year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please send an email to firstname.lastname@example.org
If you are under 18 years of age, reside in California, and have a registered account with the Site, you have the right to request removal of unwanted data that you publicly post on the Site. To request removal of such data, please contact us using the contact information provided and include the email address associated with your account and a statement that you reside in California. We will make sure that the data is not publicly displayed on the Site, but please be aware that the data may not be completely or comprehensively removed from our systems.
To request any other changes or information about our collection, use or disclosure of your information, please email us at email@example.com.
Children Under the Age of 13
Our Services are intended for users who are 13 years of age and older. If you are under the age of 13, you are not permitted to submit any Personal Information to us. If you believe we might have any information from or about a child under 13, please contact us at firstname.lastname@example.org.
4. Retention of your personal data
5. Personal data you elect to share with third parties
All data shared at your direction with a third party such as Apple HealthKit is shared in anonymized form and cannot be linked to you.
We take all reasonable and appropriate measures (including encryption) to protect all collected Personal Data from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction, taking into account the nature of the Personal Data that we process and risks associated with special categories of Personal Data we collect (information about health).
7. Third party links
8. Privacy of payments
To process payments for particular features and functions of the App we may engage third-party payment providers. For example, we use Apple and Google for processing of payments in connection with our subscriptions offered on App Store and Google Play. Please note that we never collect and we are not responsible for the collection or security of banking, financial, and payment information. Such information is processed and stored by Apple and Google only.
9. Information Applicable to EU Users
The General Data Protection Regulation or "GDPR" gives certain rights to individuals in the European Union in relation to their personal data. As available and except as limited under applicable law, the rights afforded to individuals are:
a. Right of Access - the right to be informed of and request access to the personal data we process about you;
b. Right to Rectification - the right to request that we amend or update your personal data where it is inaccurate or incomplete;
c. Right to Erasure - the right to request that we delete your personal data;
d. Right to Restrict - the right to request that we temporarily or permanently stop processing all or some of your personal data;
e. Right to Object:
- The right, at any time, to object to us processing your personal data on
- grounds relating to your particular situation;
- The right to object to your personal data being processed for direct marketing purposes;
f. Right to Data Portability - the right to request a copy of your personal data in electronic format and the right to transmit that personal data for use in another party’s service; and
g. Right not to be subject to Automated Decision-making - the right to not be subject to a decision based solely on automated decision making, including profiling, where the decision would have a legal effect on you or produce a similarly significant effect.
If you wish to exercise any of the above rights, please contact us at email@example.com.
10. Contact us
We are committed to constantly improving our security efforts. If you’d like to consult or contribute please reach out to us at firstname.lastname@example.org.