Privacy Policy
Last updated: January 1, 2026 · Effective immediately
Your privacy matters. Surfing Earth is designed with a privacy-first approach — your personal birth data never leaves your device unless you choose to create an account.
1. Information We Collect
We collect only what is necessary to provide the service:
- Account information — when you sign up, we collect your email address and (optionally) your name via Google or Apple OAuth.
- Subscription data — if you subscribe to Pro, Stripe processes your payment. We receive only a customer ID and subscription status — never your full card details.
- Usage data — basic server logs (IP address, request timestamps) for security and uptime monitoring. These are not linked to your identity.
2. Information We Do NOT Collect
- Birth date and time — stored locally in your browser only (localStorage). Never transmitted to our servers.
- Birth location — stored locally in your browser only. Location lookups are made directly from your browser to OpenStreetMap Nominatim and timeapi.io, not through our servers.
- Astrological readings — all calculations (horoscope, biorhythm, numerology, etc.) are performed in your browser. Results are never sent to or stored on our servers.
- Browsing behaviour — we do not use advertising trackers, analytics pixels, or third-party tracking cookies.
3. How We Use Your Information
- To authenticate your account and maintain your session.
- To manage your Pro subscription and process payments via Stripe.
- To send transactional emails (account confirmation, password reset) — no marketing emails without your explicit consent.
- To maintain service security and prevent abuse.
4. Data Storage and Security
Account data is stored in Supabase (PostgreSQL), hosted on secure cloud infrastructure with encryption at rest and in transit. Payment data is handled entirely by Stripe, a PCI-DSS Level 1 certified payment processor. We never store credit card numbers.
5. Third-Party Services
Surfing Earth uses the following third-party services:
- Supabase — authentication and user data storage. Privacy Policy
- Stripe — payment processing. Privacy Policy
- Google / Apple OAuth — optional sign-in. Governed by their respective privacy policies.
- Tomsk SOS (sos70.ru) — live Schumann Resonance data source. No personal data is shared.
- NOAA SWPC / NASA DONKI — space weather data. No personal data is shared.
- OpenStreetMap Nominatim — city name geocoding (browser-direct). No personal data is shared with us.
6. Cookies
We use only essential cookies required for authentication (session tokens). We do not use advertising or analytics cookies. You can clear cookies at any time via your browser settings.
7. Your Rights
You have the right to:
- Access — request a copy of the data we hold about you.
- Deletion — request deletion of your account and all associated data.
- Portability — receive your data in a machine-readable format.
- Correction — request correction of inaccurate data.
To exercise these rights, email us at privacy@surfingearth.com.
8. Data Retention
Account data is retained for as long as your account is active. If you delete your account, all personal data is permanently removed within 30 days. Server logs are retained for 90 days for security purposes.
9. Children's Privacy
Surfing Earth is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, contact us at privacy@surfingearth.com.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. Continued use of the service after changes constitutes acceptance of the updated policy.
11. Contact
For privacy-related questions or requests:
© 2026 SurfingEarth.com · Legal · Back to App