← Back home

Privacy Policy

Last updated: 14 May 2026

1. Introduction

This Privacy Policy explains how My Numerology ("we", "us", "our") collects, uses, and protects your personal data when you use our website and services. We comply with the EU General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679).

2. Data Controller

My Numerology is the data controller responsible for your personal data. For any privacy-related enquiries, contact us via our support form.

3. Data We Collect

  • Account data: email address, authentication identifiers, preferred language.
  • Reading inputs: the full name and date of birth you submit to generate a numerology reading.
  • Reading history: records of readings you have generated.
  • Billing data: token balances and purchase history. Card details are processed by Stripe and never stored on our servers.
  • Support data: name, email, subject and message you submit through the support form.
  • Technical data: minimal logs needed to operate and secure the service.

4. Legal Basis & Purposes

  • Contract (Art. 6(1)(b) GDPR): to provide the readings and account features you request.
  • Legitimate interests (Art. 6(1)(f) GDPR): to keep the service secure and prevent abuse.
  • Legal obligation (Art. 6(1)(c) GDPR): to retain billing records as required by law.
  • Consent (Art. 6(1)(a) GDPR): where explicitly requested.

5. Where Your Data Is Stored

All personal data is stored on servers located within the European Union. We do not transfer your personal data outside the EU/EEA, except when strictly necessary to provide the service (for example, payment processing via Stripe), in which case appropriate safeguards under Chapter V GDPR apply.

6. Data Retention

We retain account and reading data for as long as your account is active. Billing records are retained for the period required by applicable accounting and tax law. You may request deletion of your account at any time.

7. Sharing With Third Parties

We share data only with processors that help us operate the service, under written data-processing agreements. These currently include our cloud infrastructure provider (EU region) and Stripe for payments. We do not sell your personal data.

8. Your Rights

Under the GDPR you have the right to:

  • Access your personal data (Art. 15).
  • Request rectification of inaccurate data (Art. 16).
  • Request erasure ("right to be forgotten") (Art. 17).
  • Restrict or object to processing (Art. 18, 21).
  • Data portability (Art. 20).
  • Withdraw consent at any time, where processing is based on consent.
  • Lodge a complaint with your local data protection authority (Art. 77).

To exercise these rights, contact us through the support form.

9. Cookies

We use only strictly necessary cookies required to keep you signed in and operate the service. We do not use advertising or tracking cookies.

10. Security

We apply appropriate technical and organisational measures to protect your data, including encryption in transit, access controls, and row-level security on our database.

11. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top reflects the most recent revision.

12. Contact

For privacy questions or to exercise your rights, please reach us via the support form.