Combien de temps pour recevoir mon thème natal ?

Ton thème est généré et envoyé par e-mail en quelques minutes (environ 15 min), automatiquement après le paiement. Aucune attente, aucune intervention manuelle.
L'analyse est-elle vraiment personnalisée ?

Oui. Chaque thème est calculé à partir de ta date, ton heure et ton lieu de naissance exacts : les positions planétaires, maisons et aspects sont uniques à ton ciel. Ce n'est pas un texte générique réutilisé.
Qu'est-ce que le thème draconique ?

C'est une seconde lecture de ton ciel, recalculée à partir des nœuds lunaires (l'axe « karmique »). Elle éclaire ta vocation d'âme et tes axes d'évolution, en complément du thème natal classique — les deux sont inclus.
Quelles données sont nécessaires ?

Trois informations : ta date, ton heure et ton lieu de naissance — plus ton e-mail pour la livraison. Rien d'autre n'est demandé, et les données de génération sont supprimées automatiquement après livraison.
Que faire si je ne connais pas mon heure de naissance ?

L'heure est nécessaire pour calculer précisément les maisons et l'ascendant. Si tu ne la connais pas, tu peux l'obtenir gratuitement via ton acte de naissance intégral auprès de la mairie de ta commune de naissance.
Privacy policy

PRIVACY POLICY — AstralPro

Last updated: May 13, 2026

This Privacy Policy describes how AstralPro collects, uses, retains and protects the personal data of users and customers of the astralpro.fr website. It complies with the General Data Protection Regulation (GDPR — EU Regulation 2016/679) and the French Data Protection Act of 6 January 1978 as amended.

1. Data controller
GRIMAULT Dorian (Sole proprietor)
Trade name: AstralPRO
Address: 10 Place de la Loriette, 85290 Mortagne-sur-Sèvre, France
SIREN: 104472626 — RCS La Roche-sur-Yon 104472626
Email: [email protected]

GRIMAULT Dorian is the sole data controller within the meaning of Article 4(7) GDPR. AstralPro has not appointed a Data Protection Officer (DPO) as this is not mandatory given the nature and volume of processing carried out.

2. Data collected

2.1 Data provided directly by the customer when ordering
- First name (birth)
- Birth city
- Birth date
- Birth time
- Email address

This data is strictly necessary for the astrological calculation of the natal chart and for delivery of the product by email.

2.2 Data collected automatically
- IP address: used for two purposes only — (1) rate-limiting (anti-abuse), stored in server RAM for a maximum of 60 seconds (sliding window), then automatically erased; (2) determining your country of connection in order to automatically adapt pricing to your geographic region, as part of a purchasing power parity policy. Your IP is never stored in the database nor retained beyond the active session. You may manually change your country via the site selector.
- Device type (mobile/desktop): inferred from the browser's User-Agent, immediately anonymized, never associated with a customer identifier.
- Country: inferred from the Stripe payment address at the time of transaction.

2.3 Data generated automatically
- Sun, moon and ascendant astrological signs: calculated from birth data, stored in anonymized aggregated statistics (never linked to a customer identifier).
- Time and day of the order: stored in anonymized statistics.
- Birth month (without year): stored in anonymized statistics for aggregated analysis.

2.4 Customer reviews (optional)
If you post a review on the website: first name (free, can be a pseudonym), rating from 1 to 10, text comment, language. The author's IP address is not stored (used only temporarily for rate-limiting).

2.5 Browser local storage
The website uses only browser local storage (localStorage) to remember your preferred language. This data remains on your device and is never transmitted to the AstralPro server. It is necessary for the multilingual functioning of the site and does not require separate consent (strictly necessary cookie within the meaning of the French CNIL).

2.6 Cookies and third-party trackers
AstralPro does not use any advertising cookie, tracking pixel (Facebook, Google), or third-party analytics tool (Google Analytics, Hotjar, Matomo, Plausible). No cookie banner is therefore necessary.

3. Purposes and legal bases for processing

3.1 Generation and delivery of the ordered astrological chart
Legal basis: performance of the sales contract (Art. 6.1.b GDPR).
This data is used to automatically generate the report by artificial intelligence, via Anthropic's Claude API. Without this data, AstralPro is technically unable to provide the ordered service.

3.2 Billing and compliance with accounting and tax obligations
Legal basis: legal obligation (Art. 6.1.c GDPR — Articles L123-22 and L123-23 of the French Commercial Code).

3.3 Anonymized aggregated statistics
Legal basis: legitimate interest of the data controller (Art. 6.1.f GDPR), namely the continuous improvement of the service. The data used is strictly anonymized (no direct or indirect identifier of the customer).

3.4 Rate-limiting
Legal basis: legitimate interest of the data controller (Art. 6.1.f GDPR), namely protecting the service against denial-of-service attacks and fraudulent use.

3.5 Customer communication in case of technical incident
Legal basis: performance of the contract (Art. 6.1.b GDPR). In case of generation or delivery failure, AstralPro may contact the customer via the email provided to resolve the incident.

4. Retention periods

Subscriptions (Daily Horoscope, Monthly Transits) — To provide the service, AstralPro retains the birth data (date, time, place) and the generated content for the entire duration of the subscription (legal basis: Art. 6.1.b GDPR). Upon cancellation, this personal data and the generated content are deleted within a maximum of 90 days following the end of the subscription period. Billing data is retained for the legal duration required by accounting and tax obligations, regardless of cancellation.

| Data | Duration | Justification |
|------|----------|---------------|
| First name, city, date and time of birth | 7 days after the order | Strictly necessary for delivery (pending_themes table) |
| Complete generated chart (HTML/PDF) | 7 days after the order | Allows online access during this period (the PDF remains accessible for life in the customer's email inbox) |
| Customer email (AstralPro server side) | 7 days after the order | Delivery time + technical incident resolution |
| Billing data (amount, date, currency, Stripe ID, language, country) | 10 years | Accounting obligation (Art. L123-22 of the French Commercial Code). Note: the customer's email is not retained in the AstralPro billing database but remains traceable via Stripe for accounting purposes. |
| IP address (rate-limiting) | 60 seconds maximum (RAM) | Anti-abuse security (Art. 6.1.f GDPR) |
| Anonymized statistics (astro signs, country, language, etc.) | Indefinite retention | Strictly non-identifying data |
| Customer reviews (first name, rating, comment, language) | Indefinite retention unless deletion request | Public display on the site |

Beyond the 7-day period, generation data (first name, city, date and time of birth, complete chart, email) is automatically and permanently deleted by a daily purge script.

5. Recipients and sub-processors

Your data is transmitted only to the technical service providers necessary for the execution of the service, strictly limited to what is necessary for them:

| Sub-processor | Role | Location | Data transmitted | Legal framework |
|---------------|------|----------|------------------|-----------------|
| Stripe Payments Europe Ltd | Payment processing | Ireland (EU HQ) — USA servers | Email, first name, amount, country | DPF + Standard Contractual Clauses (SCC) |
| Plus Five Five, Inc. (trade name: Resend) | Sending the email containing the PDF | USA | Email, first name, PDF content | DPF + SCC |
| Anthropic Ireland, Limited (contracting entity for EEA/UK/Switzerland residents under Anthropic's Commercial Terms) | Text content generation via Claude (AI) | Ireland (EU) — USA servers (Anthropic, PBC) | First name, date/time/city of birth, language | Intra-EU processing for the contract; transfers to USA governed by SCC + Data is not used to train Anthropic models (Commercial Terms) |
| Astrologer API (Giacomo Battaglia) | Astronomical calculations (planetary positions, houses, aspects) | Italy (EU) | Birth date, time and GPS coordinates (no email or first name) | Intra-EU processing — GDPR directly applicable |
| Nokia of America Corp (Rapid) | Technical intermediary platform (API gateway) between AstralPro and Astrologer API | USA | Same data as Astrologer API (routed through the Rapid platform) | DPF + SCC |
| Nominatim (OpenStreetMap Foundation) | City geocoding (city → GPS coordinates) | Germany (EU) | City name entered (no associated customer data) | Intra-EU processing — GDPR directly applicable |
| Railway Corp | Backend server and database hosting | USA | All stored data | DPF + SCC |
| Cloudflare, Inc. | Frontend hosting (static HTML) | USA | Anonymized access logs (no PII) | DPF + SCC |

Transfers outside the European Union are governed by: (1) the EU-US Data Privacy Framework (DPF) for certified US sub-processors, and (2) the Standard Contractual Clauses adopted by the European Commission. Your data is neither resold to third parties nor used for advertising purposes.

6. Your rights

In accordance with Articles 15 to 22 of the GDPR, you have the following rights:

- Right of access (Art. 15): obtain confirmation that your data is being processed and receive a copy.
- Right of rectification (Art. 16): have inaccurate data concerning you corrected.
- Right to erasure (Art. 17): request the deletion of your data, subject to legal retention obligations (in particular accounting).
- Right to restriction of processing (Art. 18): request the temporary suspension of processing.
- Right to portability (Art. 20): receive your data in a structured, commonly used and machine-readable format.
- Right to object (Art. 21): object to processing on legitimate grounds.
- Right to withdraw consent at any time (Art. 7), without affecting the lawfulness of processing carried out before such withdrawal.

To exercise these rights, contact [email protected] specifying your request and providing proof of identity. A response will be provided within a maximum period of 30 days (extendable to 90 days for complex requests, with prior notice).

You also have the right to lodge a complaint with the competent supervisory authority. In France, this is the CNIL (French Data Protection Authority):
- Website: www.cnil.fr
- Address: 3 Place de Fontenoy, 75007 Paris, France
- Phone: +33 1 53 73 22 22

In your country of residence, you may also contact your local data protection authority.

7. Security measures

AstralPro implements the following technical and organizational measures to protect your data:

- Encrypted HTTPS connection (TLS 1.3) on the entire site
- Postgres database hosted at Railway with strong authentication and restricted access
- Stripe webhooks verified by HMAC signature (anti-forgery)
- Systematic validation and sanitization of incoming data (anti-XSS, anti-SQL injection)
- Rate-limiting per IP address (anti-DDoS and anti-brute-force)
- Administrator access protected by strong API key (HTTP header X-Admin-Key)
- Automatic daily purge of expired data (GDPR purge script)
- No banking data stored (managed exclusively by Stripe, PCI DSS Level 1 certified)
- No customer password stored (the service does not require account creation)

8. Breach notification

In the event of a personal data breach likely to result in a high risk to your rights and freedoms, AstralPro undertakes to:
- Notify the CNIL within 72 hours in accordance with Article 33 GDPR
- Directly inform the persons concerned as soon as possible in accordance with Article 34 GDPR

9. Minors

The AstralPro service is not intended for persons under 15 years of age. No personal data is knowingly collected from minors under 15 years of age. If you are a parent or guardian and notice that your child has transmitted personal data to AstralPro, please contact [email protected] to request its immediate deletion.

10. Modifications to this policy

AstralPro reserves the right to modify this Privacy Policy at any time to reflect changes in the service, applicable legislation or data protection practices. The date of the last update appears at the top of this document. In case of substantial modification, customers will be informed by email when their contact details are available.

11. Multilingual version

This Privacy Policy is drafted in French. Translations into other languages (English, Spanish, German, Italian, Portuguese) are provided for informational purposes only. In the event of any discrepancy between versions, the French version prevails.

12. Contact

For any question regarding this Privacy Policy or your rights:
Data controller: GRIMAULT Dorian
Email: [email protected]
Postal address: 10 Place de la Loriette, 85290 Mortagne-sur-Sèvre, France

You may also contact the CNIL directly: www.cnil.fr