Privacy Policy

STELTRA // EFFECTIVE DATE: MAY 3, 2026 // LAST UPDATED: MAY 3, 2026

Steltra provides this policy to explain our practices regarding the personal data used for interpretive resonance modeling. We emphasize data minimization and the use of self-hosted processing.

01 // Information We Collect

We collect information necessary to provide and secure our modeling services:

  • Account Information: Email address and password. Passwords are stored using secure one-way hashing (bcrypt).
  • Birth Data: Date and time of birth. This information may be personal data depending on the context and combination with other identifiers.
  • Geospatial Data: Birth location coordinates and city-level location data you provide. We do not perform continuous live GPS tracking.
  • Technical Metadata: Usage logs, search queries, and limited diagnostic metadata which may include browser type and IP address.

02 // Lawful Basis for Processing

Under the GDPR and similar frameworks, we process your data based on the following legal grounds:

  • Consent: For the processing of birth data and the generation of your interpretive resonance model.
  • Contractual Necessity: To manage your account and process payments for subscription services.
  • Legitimate Interests: For security monitoring, debugging, and optimizing service performance.
  • Legal Obligation: Where required by tax, accounting, or other applicable laws.

03 // Data Processing and AI

Our architecture is designed to limit the exposure of your sensitive data:

  • Self-Hosted Inference: Archetype and profile generation are performed by our self-hosted inference engine.
  • AI Third-Party Policy: We do not send birth data, coordinates, or generated profiles to third-party generative AI providers for profile generation.
  • Pseudonymization: We use SHA-256 hashing for search query logs to reduce direct identifiability.

04 // Cookies and Analytics

We use cookies to ensure site functionality and analyze performance:

  • Essential Cookies: Required for authentication, security, and payment processing.
  • Analytics Cookies: We use Google Analytics (via Google Consent Mode v2) to understand usage trends. These are only active if you provide explicit consent.
  • Management: You can manage your preferences via our consent banner or your browser settings.

05 // Third-Party Integrations

We interact with specific providers to maintain our service:

  • Geocoding (OpenStreetMap/Nominatim): To translate city names into coordinates. We comply with their usage policies, including User-Agent identification requirements.
  • Payments (Stripe): For subscription management. We store technical identifiers (e.g., Stripe Customer ID), while card details are handled exclusively by Stripe.
  • Email Delivery: We use SMTP services to send transactional emails, such as password resets.

06 // Data Retention and Deletion

We retain personal data only for as long as necessary to provide our services and comply with legal obligations.

  • Active Systems: Requesting a "Hard Delete" removes your personal data from our active databases and production systems.
  • Backup Systems: Erased data may persist in backups until the end of our natural rotation cycle. We apply restoration controls to ensure that data in backups is not actively used and is only restored under controlled recovery procedures.

07 // Interpretive Nature of Content

Steltra provides an interpretive and conceptual model for self-reflection. Generated archetypes, resonance indexes, and profiles are based on algorithmic interpretations and are not medical, psychological, or diagnostic conclusions. They should not be used as a substitute for professional advice.

08 // Your Rights and Contact

You have the right to access, rectify, or erase your data, and to object to or restrict its processing.

Contact: info@steltra.app

SECURE KERNEL // PRIVACY_LOCKED // STELTRA_2026