Privacy Policy
Last updated: May 31, 2026
AstroPath places essential importance on the protection of your personal data. This policy explains what data we collect, why, how long we keep it, and what your rights are.
1. Data Controller
The data controller for personal data is:
- Identity: Kylian Stomp — sole proprietor (auto-entrepreneur)
- Address: 200 rue de la Croix Nivert, 75015 Paris, France
- SIRET: 843 079 526 00037
- Email: yourastropath@protonmail.com
For any question regarding your personal data or to exercise your rights, you can contact us at the email address above with the subject: "GDPR — [your request]".
2. Data collected
We only collect data strictly necessary for the provision of our services.
| Category of data | Data concerned | When is it collected? |
|---|---|---|
| Identity | Last name, first name(s), birth name where applicable | During the order, via the product form |
| Contact details | Email address | During the order |
| Birth data | Date, time, place (city, zip code, country) of birth | During the order (essential for calculating the birth chart or numerological profile) |
| Business data (where applicable) | Company name, creation date, registered office address, sector of activity | When ordering a "business" product |
| Payment data | Card number, expiration date, CVC (processed exclusively by Stripe) | At checkout — never stored on our servers |
| Connection data | Technical logs from our host (IP address, browser, timestamp) | Automatically when visiting the site |
3. Purposes of processing
Your data is collected and processed for the following purposes:
- Performance of the contract: preparation and sending of your personalized reading;
- Customer relationship management: answering your questions, order tracking, after-sales service;
- Legal and accounting obligations: billing, accounting bookkeeping, tax compliance;
- Site security: fraud and abuse prevention.
We never use your data for commercial prospecting purposes without your prior consent.
4. Legal bases for processing
The legal bases on which we rely are:
- Contract performance (article 6.1.b of the GDPR) for data necessary to fulfill your order;
- Compliance with legal obligations (article 6.1.c of the GDPR) for the retention of invoices and accounting data;
- Legitimate interest (article 6.1.f of the GDPR) for site security and fraud prevention.
5. Retention period
| Category | Duration |
|---|---|
| Order data (identity, contact, birth data) | 3 years from the last order, for customer relationship purposes |
| Invoices and accounting data | 10 years (legal obligation — article L123-22 of the French Commercial Code) |
| Payment data (at Stripe) | In accordance with Stripe's retention policy — see https://stripe.com/privacy |
| Server technical logs | 13 months maximum (CNIL recommendation) |
6. Recipients and subcontractors
Your data is never sold, rented or given to third parties. However, it may be transmitted to the following technical subcontractors, strictly within the framework of their missions:
Stripe (payment processing)
Stripe Payments Europe, Limited (Ireland) and Stripe, Inc. (United States). Processes bank payments. PCI-DSS Level 1 compliant.
Privacy policy: https://stripe.com/privacy
Formspree (form reception)
Formspree, Inc. (United States). Receives your form data and transmits it to us by email.
Privacy policy: https://formspree.io/legal/privacy-policy/
Cloudflare (hosting)
Cloudflare, Inc. (United States) hosts the site and operates the CDN network that accelerates its consultation.
Privacy policy: https://www.cloudflare.com/privacypolicy/
Wise Business (bank transfers)
Wise Payments Limited (United Kingdom). Receives funds from payments via Stripe. No customer data is directly shared with Wise.
Privacy policy: https://wise.com/privacy-policy
7. Transfers outside the European Union
Some of our subcontractors (Stripe, Formspree, Cloudflare) are based in the United States. These transfers are governed by the Standard Contractual Clauses approved by the European Commission and/or by certification to the EU-US Data Privacy Framework, ensuring an adequate level of protection for your data.
8. Security
We implement technical and organizational measures to protect your data against loss, unauthorized access, modification or disclosure. In particular:
- Secure HTTPS connection of the site;
- Payment processed exclusively via Stripe (PCI-DSS Level 1 certified);
- Access to data limited to the person responsible for processing;
- Encrypted professional email (Proton Mail).
9. Your rights
In accordance with the GDPR and the French Data Protection Act, you have the following rights at any time:
- Right of access: obtain a copy of the data we hold about you;
- Right of rectification: have inaccurate or incomplete data corrected;
- Right of erasure ("right to be forgotten"): have your data deleted, subject to our legal retention obligations;
- Right of limitation: temporarily suspend the use of your data;
- Right of portability: receive your data in a structured format;
- Right of objection: object to the processing of your data on legitimate grounds;
- Right to set post-mortem directives on the fate of your data after your death.
To exercise these rights, write to us at yourastropath@protonmail.com with the subject "GDPR — [your request]". We will respond within a maximum of one month.
10. Complaint to the CNIL
If you consider that your rights are not respected, you can lodge a complaint with the French National Commission for Information Technology and Civil Liberties (CNIL):
- Address: 3 place de Fontenoy — TSA 80715 — 75334 PARIS CEDEX 07, France
- Website: https://www.cnil.fr
11. Cookies
This site does not use any advertising tracking cookies or behavioral analytics tools (Google Analytics, Facebook Pixel, etc.). Only cookies strictly necessary for the operation of the site (user session, cart, security) may be deposited — these cookies do not require your prior consent within the meaning of the ePrivacy Directive.
12. Modifications
This policy may be modified at any time to adapt to legal or technical changes. The date of the last update appears at the top of this page. We invite you to consult it regularly.