Plain English, no tracking sales.

Account. Your email address and Firebase user ID when you sign in. If you sign in with Google, we also receive your display name. We never see your password — Firebase Auth handles it.

Location. When you tap “Use my location” we read your device’s GPS reading (latitude + longitude). The browser / phone shows the permission prompt; we don’t bypass it. We send these coordinates to our weather provider (Open-Meteo) and dark-site catalog server to compute your forecast. We do not store your real-time location on our servers — only the saved locations you explicitly name.

Saved locations. Any place you save (label + lat/lon + Bortle estimate) is stored on our server, tied to your account.

Push token. If you allow notifications, we store the FCM / APNs token your device produces so we can send you the sunset Tonight verdict + (Pro) surprise-clear alerts. Tokens are opaque; we can’t read anything about your device from them.

Session log. When you tap “Skipped / Backyard / Drove” after a night, we store the outcome, lat/lon at log time, the forecast-match thumbs you submitted, and an optional short note + one optional photo URL. This powers the “X nearby observers matched this forecast” badge — aggregated counts only, no individual session log is shown to other users.

Subscription receipts. If you buy StarryPic Pro through the App Store or Play Store, we store your subscription state (active / expired) and the platform’s transaction ID for receipt verification. We don’t see your card; Apple and Google handle payment entirely.

Analytics. We use PostHog (self-hosted options available) to count product events: which screens load, which features get used, which paywall tier gets tapped. PostHog gets your Firebase user ID + email so we can see “this same user opened iOS and web,” but it never gets your raw location or session log content.

Card numbers, tax IDs, banking information — Apple and Google take payment.

Browsing history outside StarryPic.

Address book / contacts.

Real-time location tracking (we only read GPS when you tap a button).

Anything from your camera or microphone — Sky AR only reads the live camera feed in memory and never uploads frames.

Servers in Google Cloud, region asia-south1 (Mumbai). Backups stay in the same region. Cloud SQL with encryption at rest; HTTPS in transit.

Sub-processors: Google Firebase Auth (auth + push token validation), Google Cloud SQL (database), Open-Meteo (weather forecasts; receives anonymous lat/lon queries), lightpollutionmap.info (light pollution overlay tiles; receives tile-grid coordinates), Apple App Store + Google Play (payments), Anthropic (LLM provider for narrative generation — receives anonymized forecast metrics, no user identifier), PostHog (analytics), Sentry (error reporting; receives stack traces, may include the user ID for grouping).

Account, locations, session log: until you delete them or your account.

Push tokens: refreshed whenever you sign in; pruned automatically when FCM marks them unregistered.

Analytics events: PostHog retention default (currently 7 years on free tier).

Sentry errors: 90 days.

Delete your account. Email hello@starrypic.com from your account address. We delete your account, locations, session logs, and push tokens within 7 days. Aggregated forecast-match counts persist (no individual data, no way to back-trace).

Export your data. Same address. We send a JSON dump within 7 days.

Opt out of analytics. Use the “Disable analytics” toggle in app Settings (when available; pending implementation), or install a content blocker that blocks PostHog on web. Functional features keep working without analytics.

Opt out of pushes. Turn notifications off in your device’s settings, or sign out — the token is unregistered.

StarryPic is not directed at children under 13. We don’t knowingly collect data from them. If you believe a child has provided data, email us and we’ll delete it.

We’ll update this page when we add new data flows or sub-processors. Material changes get an email to your account address. The effective date at the top reflects the latest version.

hello@starrypic.com

See also: Terms of Service.