Aestro Privacy Policy

Welcome to Aestro (“we,” “our”). We provide services to you through the website www.aestro.me and our mobile applications (collectively referred to as the “Services”). We understand the importance of personal information to you and are committed to protecting your privacy. This Privacy Policy is intended to explain how we collect, use, store, share, and protect your personal information and to inform you of your rights.

1. Introduction

This Privacy Policy applies to the personal information we collect and process during the operation of the Services. Unless otherwise stated, “personal information” in this policy refers to information that can identify a specific person when used alone or combined with other information.

This policy does not apply to the following:

• The privacy practices of third parties that we cannot control.
• Third-party websites, services, or applications that you may access through our Services.
• Processing of job applications or employee-related information.

2. Information We Collect

We collect information to provide you with high-quality services, primarily from the following sources:

a. Information you provide directly

When you create an account, use service features, make purchases, or contact us, you may provide:

• Contact Identifiers: such as your name and email address.
• Account Credentials: such as your username and password.
• Demographic and Characteristic Information: To provide core astrology services (such as horoscope calculations), we may collect your date of birth, time of birth, and place of birth. You can also choose to provide information such as gender.
• Payment Information: When you purchase subscriptions or services, our third-party payment processors (such as Stripe, Apple, Google) collect your payment details (such as credit card numbers). We do not store complete payment card information but receive partial information related to transactions (such as billing zip code).
• Content Information: Content you generate while using the Services, such as notes, diaries, questions, or communication with other users (where applicable).
• Communication Information: Information you provide when you contact us via email or in-app support features.

b. Information we collect automatically

When you use the Services, we automatically collect:

• Device Identifiers and Information: such as IP address, unique device identifiers (like IDFA, GAID), device type, operating system, browser type, and language settings.
• Usage Data: Information on how you interact with the Services, such as features accessed, pages viewed, session duration, clickstream data, and referral sources.
• Approximate Location Information: Location information inferred from your IP address at the city or postal code level.

c. Information we obtain from third parties

• Social Media Platforms: If you log in via third-party platforms (such as Google, Apple, Facebook), we may receive limited information shared by those platforms, such as your name and email address.
• Business Partners and Data Analytics Providers: We receive analytics, security, and fraud prevention services from partners.

3. How We Use Your Information

We use your information for purposes including:

• Providing the Services: Creating and managing your account, generating your personalized horoscope and readings, processing your payments, and providing customer support.
• Personalizing Experience: Recommending relevant content and features based on your usage data and preferences.
• Communication:
  • Sending service-related notifications (e.g., account confirmation, security alerts, policy changes).
  • With your consent (as required by applicable law), sending marketing communications (e.g., newsletters, product updates, special offers). You can always opt out.
• Analysis and Improvement: Analyzing how users use our Services to improve performance, develop new features, and conduct market research.
• Security and Compliance: Monitoring and preventing fraud and abuse, protecting our Services, users, and rights, and complying with legal obligations.

4. How We Share Your Information

We share your personal information only in the following situations, ensuring it is adequately protected:

• Service Providers: We share information with third parties that provide services to us, such as cloud hosting (e.g., AWS), payment processing, data analytics (e.g., Google Analytics, Amplitude), customer support (e.g., Zendesk), email delivery, and marketing. These providers can only process your information according to our instructions.
• Legal Requirements: We may disclose information as necessary to comply with laws, regulations, subpoenas, or governmental requests, or to protect our rights, property, and safety and that of our users or the public.
• Business Reorganization: In the event of a merger, acquisition, asset sale, or bankruptcy, we may share your information as part of a transferred asset.
• With Your Consent: With your explicit consent, we will share information within the scope you approved.

We do not sell or rent your personal information to third parties for their independent marketing purposes.

5. International Data Transfers

Aestro's operating company is located in Indonesia. Your information is primarily processed in Indonesia. However, to provide Services to you, we might transfer and store your information outside Indonesia (for instance, our cloud servers might be located in the USA or other regions).

For Indonesian users: Under Indonesia's Personal Data Protection Law, transferring data outside Indonesia requires ensuring that the recipient country has data protection regulations at par with Indonesia. If the receiving country does not offer an equivalent level of protection, we will ensure your data is adequately protected through legally binding agreements (e.g., agreements containing standard contractual clauses). Your use of our Services indicates your consent to such international transfers.

6. Your Rights and Choices (in compliance with Indonesia's UU PDP)

Under Indonesia’s Personal Data Protection Law, you have the following rights regarding your personal information:

• Right to be Informed: Understand how your personal information is being processed.
• Right to Access and Rectification: Access and update/correct inaccurate personal information.
• Right to Erasure: Request deletion of your personal information.
• Right to Restrict Processing: Restrict processing of your personal information under specific circumstances.
• Right to Data Portability: Receive your personal information in a structured, commonly used, and machine-readable format and transmit it to another controller.
• Right to Withdraw Consent: Withdraw your consent to process your personal information at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
• Right to Object: Object to automated decision-making (including profiling) based on legitimate or public interests.

To exercise your rights, please contact us at admin@agutech.work. To ensure security, we will verify your identity before processing requests.

7. Children’s Privacy

Our Services are not targeted at children under 13. We do not knowingly collect personal information from children under 13. If we become aware of collecting such information, we will take immediate steps to delete it. If you are a parent or guardian and believe we have collected such information from your child, please contact us immediately.

8. Data Security

We implement reasonable administrative, technical, and physical security measures to protect your information from loss, theft, misuse, unauthorized access, disclosure, alteration, and destruction. These measures comply with Indonesia’s Personal Data Protection Law security requirements. However, no method of transmission over the internet or electronic storage is 100% secure; thus, we cannot guarantee absolute security.

9. Data Retention

We will only retain your personal information as long as necessary to fulfill the purposes outlined in this policy unless a longer retention period is required or permitted by law (e.g., for tax, accounting, or compliance purposes). At the end of the retention period, we will securely delete or anonymize your information.

10. Personal Data Controllers and Processors

Under Indonesian law, as the entity determining the purposes and means of processing your personal data, we are the personal data controller. If you have any questions about how we process your data, you have the right to contact us.

11. Changes to This Policy

We may update this Privacy Policy from time to time. In the event of significant changes, we will post the updated policy on the Services and notify you prominently through email or in-app notifications before the changes take effect. Please review this policy regularly. Continuing to use the Services after changes become effective means you accept the updated policy.

12. Contact and Complaints

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal information, or if you wish to exercise your rights, please contact us at: