Privacy Policy

Effective Date: 2026-05-28

1. Introduction

This Privacy Policy delineates the data handling practices of Coffee Break Ideas LLC ("Company," "we," "our," or "us"), located at 30 N Gould St Ste R, Sheridan, WY 82801, USA, concerning the mobile application Astral Age ("App").

This document outlines:

• The limited information processed by the App.
• The purposes and methods of such information processing.
• The engagement of select third-party service providers.
• Your rights and choices available under applicable data protection laws, including the General Data Protection Regulation (GDPR) of the European Union and the California Consumer Privacy Act/California Privacy Rights Act (CCPA/CPRA).

App is developed with a core focus on privacy. We do not collect personal identifiers such as your name, email address, telephone number, demographic information, or payment card details. The data that are transmitted from your device are strictly limited to:

• Anonymous purchase receipts, which are processed by RevenueCat to facilitate your in-app subscription functionality.
• Usage analytics events (Opt-In), consisting of aggregated interaction signals without personal identifiers or advertising IDs, used to improve App reliability and feature prioritization.

By installing or utilizing the App, you acknowledge your understanding and acceptance of the terms outlined in this Privacy Policy. Should you disagree with any provision herein, please refrain from using the App.

2. Information Processed and Purposes

App is engineered to minimize data transmission. We process a minimal set of data categories that do not directly identify you as an individual.

Categories of Data Processed

Anonymous Purchase Receipts

• Description: This category includes non-personal identifiers such as RevenueCat customer ID (App User ID), receipt token, product identifiers, and purchase dates, generated upon the purchase or renewal of a subscription.
• Purpose: These receipts are used to validate your active subscription plan within the App and to enable the restoration of purchases on a new device.
• Recipient: This information is transmitted solely to RevenueCat, Inc. (USA) to ensure your subscription functions correctly across multiple devices.

Usage analytics (Opt-In)

• Description: When enabled, we capture high-level interaction events (e.g., screen views, button taps), app version, language, time zone, and a randomly generated session identifier. We configure analytics to drop IP addresses and do not collect names, emails, phone numbers, precise location, or advertising identifiers.
• Purpose: To understand which features are most valuable, monitor performance, and prioritize reliability improvements.
• Recipient: Processed by PostHog on its EU Cloud infrastructure (eu.posthog.com, hosted in Germany) acting as our processor; not shared with advertisers or data brokers.

Information We Do Not Collect

We affirm that app does not collect the following types of information:

• Personal identifiers (e.g., name, email address, telephone number, postal address).
• Demographic attributes (e.g., age, gender, race, religion, political affiliations, income).
• Payment card numbers; all billing operations are managed by Apple or Google through their respective in-app purchase systems.
• IP addresses, device model identifiers, crash logs, or advertising IDs for cross-site tracking. Analytics are collected only if you opt in, as described above.

Data Stored Locally on Your Device (Not Transmitted)

The following data are stored exclusively on your device and are not transmitted from it:

• Birthdays you enter, including date, time of birth, and optional names.

Legal Bases for Processing (GDPR)

• Anonymous Purchase Receipts: Processing is founded on Contract Performance (Article 6(1)(b) of the GDPR), as this information is essential to deliver the service you have requested (i.e., the subscription).
• Usage Analytics (Opt-In): Processing is based on Consent (Article 6(1)(a) of the GDPR). You may withdraw your consent at any time by disabling analytics within the App.

Data Retention and Deletion

• Purchase Receipts: Anonymous purchase receipts are retained by RevenueCat. To request deletion, please email support@astralage.app. Upon your request, we will initiate RevenueCat's "delete user " procedure, which will erase all associated receipts and the anonymous customer ID.
• Usage Analytics (Opt-In): Aggregated analytics events are retained in PostHog for up to 12 months per our project retention setting. Events are not linked to personal identifiers, so individual deletions are not feasible; if you disable analytics, no new events will be collected.

3. Utilization of Information

The information processed is utilized strictly as follows:

Anonymous Purchase Receipts are used to:

• Verify an active subscription when the App is launched or when you switch to a new device.
• Unlock premium widgets and features commensurate with your subscription status.
• Synchronize entitlement status following refunds or subscription renewals.
• Necessity: This process is indispensable for the App to ascertain whether you have a paid entitlement to premium access.

Usage Analytics (Opt-In) are used to:

• Measure aggregated feature adoption and performance trends to guide product improvements.
• Prioritize reliability fixes by monitoring anonymized interaction patterns without personal identifiers.
• Necessity: Helps us focus development on the most valuable features while maintaining minimal data collection.

We affirm that none of these data categories are used for advertising, cross-site tracking, analytics profiling, or any marketing campaigns.

4. Disclosure to Service Providers

We share the minimal data, as detailed in Section 2, exclusively with trusted third-party service providers whose services are essential for app to operate. We do not sell or rent any data to advertisers, data brokers, or analytics platforms.

Service Provider Details

RevenueCat, Inc.

• Data Shared: Anonymous purchase receipts, product identifiers, transaction dates, and the receipt token.
• Purpose: To verify and synchronize your subscription entitlements across various devices.
• Jurisdiction & Safeguards: Servers are located in the United States. Data transfers from the European Economic Area (EEA) or the United Kingdom (UK) are protected under Standard Contractual Clauses (SCCs).
• Policies: revenuecat.com/privacy

PostHog (EU Cloud)

• Data Shared: Opt-in usage analytics events (screen views, button taps), app version, language, time zone, and a randomly generated session identifier.
• Purpose: To measure aggregated feature usage and performance, helping us improve the App.
• Jurisdiction & Safeguards: Hosted in the European Union on eu.posthog.com (Germany). PostHog acts as our processor under its Data Processing Addendum with SCCs.
• Policies: posthog.com/privacy

Other Potential Disclosures

• Legal or Safety Requirements: We may disclose information if compelled to do so by law, to protect our rights and the safety of others, or to address instances of fraud or security threats.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, we will notify you of any changes concerning the ownership or use of your information, as well as any choices you may have regarding that information.

5. Security Measures

We implement robust security measures to protect the limited data processed by the App.

Transport Security

• Measures: All outbound network traffic from the App utilizes HTTPS/TLS 1.2+ encryption.
• Rationale: This prevents unauthorized interception and modification of data during transit.

Cross-Border Data Transfers

• Measures: Standard Contractual Clauses are in place for data transfers from the EU/UK to our service providers.
• Rationale: This provides a legal framework for such international data transfers.

6. Your Rights and Choices

Because we do not maintain user accounts and do not collect personal identifiers on our servers, your rights apply to the limited data categories we process (anonymous purchase receipts via RevenueCat, opt-in usage analytics, and data stored only on your device).

• Access / Know: Request a summary of data categories processed for you (e.g., RevenueCat receipts status) via support@astralage.app.
• Rectification: If a RevenueCat identifier or related subscription entry appears incorrect, contact support@astralage.app and we will coordinate correction with RevenueCat where feasible.
• Erasure / Deletion: Request deletion of RevenueCat receipts via support@astralage.app. Analytics can be stopped by disabling them; analytics events are not linked to personal identifiers and are removed only through project-wide purges.
• Restriction / Objection: Disable analytics in the App to halt those processing activities.
• Portability: Not applicable to analytics (not person-linked). RevenueCat receipt data can be exported on request to support@astralage.app.
• Non-Discrimination: We will not subject you to adverse treatment for exercising your privacy rights.
• Lodge a Complaint (EU/UK): Contact your Data Protection Authority; DPA contacts: edpb.europa.eu/about-edpb/board/members_en.

Verification may be required to process requests. We endeavor to respond within 30 days (GDPR) or 45 days (CCPA/CPRA) where applicable.

7. International Data Transfers

Information processed by the App may be transferred to and processed in the United States or other countries where our service providers maintain operations. We rely on the following safeguards for such transfers:

• Standard Contractual Clauses (SCCs) executed by RevenueCat, Google, and Apple to govern data transfers from the EEA/UK.
• TLS encryption for data in transit and robust device-level security safeguards as described in Section 5.
• The inherently minimal and non-identifying nature of the data being transferred.

8. Children's Privacy

We do not knowingly collect personal information from children under 13. If a parent or guardian becomes aware that their child has provided us with information without their consent, they should contact us at support@astralage.app. We will take steps to delete such information from our files.

9. Data Retention Schedule

The retention periods for data associated with the App are as follows:

Location: RevenueCat

• Data: Anonymous Purchase Receipts
• Standard Retention: Retained for the duration of an active subscription plus an additional 30 days.
• Early Deletion: Can be deleted earlier upon a user's deletion request submitted to support@astralage.app.

Location: PostHog EU Cloud (Germany)

• Data: Usage Analytics (Opt-In)
• Standard Retention: Retained in aggregated form for up to 12 months per our PostHog project retention setting to monitor feature adoption and stability.
• Early Deletion: Individual deletions are not feasible because events are not linked to personal identifiers; you may disable analytics to stop future collection.

Location: User's Device Storage

• Data: Birthdays entered by the user
• Standard Retention: Persist solely on the user's device.
• Early Deletion: Removed when the App is uninstalled or its data is cleared by the user.

10. Modifications to This Privacy Policy

We reserve the right to modify this Privacy Policy. We will provide 7 days advance notice within the App before any material changes become effective. The "Effective Date" at the commencement of this Policy will indicate when it was last revised. Your continued use of the App after the effective date of any modifications signifies your acceptance of the revised Privacy Policy.

11. Contact Information

Should you have any questions or concerns regarding this Privacy Policy or our data practices, please email us at support@astralage.app.

We aim to respond to all privacy-related inquiries within 30 days of receipt.