Privacy Policy

2.1 Personal Information You Provide

2.2 Information We Automatically Collect

• Technical Data: IP address (for rate limiting and security)
• Usage Data: Pages visited, features used, API requests made
• Device Information: Browser type, device type, operating system
• Timestamps: Account creation, last login, report generation times

2.3 Generated Content

• Calculated spiritual insights and reports
• AI-generated interpretations and analyses
• Cached calculation results for performance
• Report metadata and generation history

2.4 Voice Recordings and Biometric Data (DreamStorm)

2.5 User-Generated Content (DreamStorm)

3.1 Core Service Functions

• Generate personalized spiritual insights and reports
• Calculate astrological positions, numerology, and other spiritual systems
• Create and maintain your user account
• Store and retrieve your personalized reports
• Cache calculations to improve performance and user experience
• Generate personalized guided meditations from your dreams and goals
• Create meditation audio using your cloned voice (if you opt-in)
• Enhance and process uploaded images for meditation visuals

3.2 Platform Operations

• Authenticate and authorize access to your account
• Implement rate limiting to ensure fair usage
• Monitor system performance and troubleshoot issues
• Prevent fraud, abuse, and unauthorized access
• Comply with legal obligations and enforce our Terms of Service

3.3 Communication

• Send account-related notifications and updates
• Respond to your inquiries and support requests
• Notify you of important changes to our service or policies

4.1 Third-Party APIs

We use external services to provide accurate calculations:

• Divine API: Western astrology calculations (birth charts, planetary positions)
• Human Design API: Human Design chart generation and activations
• OpenStreetMap Nominatim: Converting birth locations to coordinates (free, open-source geocoding service)

Data shared: Birth date, time, and location coordinates (never your name or email). These services are used solely for calculations and do not store your personal data.

4.2 AI and Content Generation

We use multiple AI services for personalized content generation:

4.3 Infrastructure and Storage

• Supabase: Database hosting, user authentication, and data storage (including meditation audio and images)
• Vercel: Web hosting and application deployment
• Upstash Redis: Caching and rate limiting

4.4 Payment Processing

• Stripe: Secure payment processing for premium features

We do not store payment card information. All payment data is handled securely by Stripe.

4.5 Data We Never Share

We will never sell, rent, or share your personal information for marketing purposes or with data brokers.

5.1 Data Storage Architecture

5.2 Data Retention

• Account Data: Retained as long as your account is active
• Reports: Stored indefinitely for your access unless you request deletion
• Cache Data: Automatically expires after 24 hours
• Logs: Technical logs retained for 90 days for troubleshooting

5.3 Security Measures

• Passwords are hashed and never stored in plain text
• API keys and sensitive credentials are encrypted
• Rate limiting prevents abuse and unauthorized access
• Regular security updates and monitoring
• Access controls and authentication for all administrative functions
• Voice data encrypted at rest and in transit
• Images stored in private buckets with signed URL access only

6.1 Essential Cookies

We use essential cookies for:

• User authentication and session management
• Security and fraud prevention
• Maintaining your preferences and settings (including voice preferences)

6.2 No Tracking or Analytics

We do not use third-party analytics, advertising cookies, or social media tracking pixels. We do not track your activity across other websites.

7.1 Access and Control

• View Your Data: Access your profile and generated reports through your account
• Update Information: Modify your birth information, name, or preferences
• Download Reports: Export your personalized insights and reports
• Delete Account: Request complete account and data deletion
• Delete Voice Profile: Remove your voice clone from Settings → DreamStorm → Voice Profile
• Download Meditations: Export meditation audio files (MP3 format)
• Delete Meditations: Remove individual meditation audio and associated data

7.2 Data Subject Rights (GDPR/CCPA)

If you are in the EU, UK, or California, you have additional rights:

• Right to Know: Request details about data collection and use
• Right to Delete: Request deletion of your personal data (including voice data)
• Right to Correct: Request correction of inaccurate information
• Right to Portability: Receive your data in a portable format (JSON, MP3, PNG)
• Right to Object: Object to certain data processing activities
• Right to Limit Use of Sensitive Data: Opt-out of voice recording (disables personalized meditation audio)

7.3 Exercising Your Rights

To exercise these rights, contact us at support@dreamstorm.ai. We will respond within 30 days and may require identity verification to protect your privacy.

8.1 Accuracy and Reliability

• DreamStorm uses AI to generate meditation scripts, images, and audio
• AI-generated content may contain inaccuracies or unexpected results
• We do not guarantee the quality, accuracy, or safety of AI outputs
• You should review all AI-generated content before use

8.2 Content Moderation

• We implement safety filters to prevent harmful content
• AI services may refuse to process requests that violate their policies
• We are not responsible for AI service availability or performance