Privacy Policy (GDPR)

Last updated: April 2026

At StarsKnow.me, operated by Prisikar Development (based in Helsinki, Finland), your privacy is our priority. This Privacy Policy outlines how we collect, use, process, and protect your personal data in compliance with the General Data Protection Regulation (GDPR).

1. Data Controller

The Data Controller responsible for your personal data is:
Prisikar Development
Helsinki, Finland
Email: contact@prisikar.com

2. Information We Collect

• Identity & Astrological Data: First name, date of birth, time of birth, and location of birth.
• Sensitive Data (Images): Images of your palms uploaded for palmistry analysis.
• Payment Data: Handled securely by our payment processor (Stripe). We do not store your credit card information.
• Technical Data: IP address, browser type, and interaction metrics for service optimization (via Vercel Analytics/Google Analytics).

3. Lawful Basis for Processing

Under GDPR, we process your data under the following lawful bases:

• Explicit Consent (Art. 9 GDPR): For processing palm images, which may be classified as biometric/sensitive data, we rely on your explicit consent granted when uploading the photo.
• Performance of a Contract (Art. 6.1.b GDPR): To generate compatibility reports and provide the services you requested.
• Legitimate Interests (Art. 6.1.f GDPR): To track platform analytics and improve user experience.

4. Data Retention

We employ a strict principle of data minimization:

• Palm Images: Processed entirely ephemerally. Images are sent to our AI engines securely for immediate inference and are discarded immediately afterward. We do not save or store your photos.
• Analysis Results: Stored temporarily during your active session or access window so you can read your results. Once the session expires or is closed, the data is removed.

5. Third-Party Services & International Transfers

We rely on carefully selected third-party Data Processors to deliver our service. These include Google (Gemini) and OpenAI for AI analysis, and Stripe for payments. Some of these processors may transfer data outside the European Economic Area (EEA). We ensure such transfers are protected under adequate safeguards, such as the EU Standard Contractual Clauses (SCCs).

6. Your Rights Under the GDPR

As an EU resident, you have comprehensive rights regarding your personal data:

• Right to Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate data.
• Right to Erasure ("Right to be Forgotten"): Request absolute deletion of your data.
• Right to Restrict Processing: Request suspension of data processing in certain scopes.
• Right to Data Portability: Obtain your data in a structured, machine-readable format.
• Right to Object: Object to processing based on legitimate interests.
• Right to Withdraw Consent: You may withdraw your consent for future processing at any time.

To exercise any of these rights, please contact us at contact@prisikar.com. We will respond without undue delay and at the latest within 30 days. You also have the right to lodge a complaint with the Finnish Data Protection Ombudsman.