Privacy Policy
Last updated: March 5, 2026
AstroSession (βweβ, βourβ, βthe appβ) is an astronomy observation planner for Unistellar telescope users. This policy explains what data we collect, how we use it, and your rights.
1. What We Collect
Account Information
- Email address β used for sign-in and account identification
- Display name (Google sign-in only) β shown in the sidebar greeting
Observation Preferences
- Location (latitude, longitude, address) β used to calculate object visibility
- Filter settings (altitude, azimuth, declination, moon separation, session duration) β personalizes results
Personal Watchlists & Priorities
- Watchlist entries β comet, asteroid, and manual RA/Dec targets you add
- Priority overrides β your accept/ignore decisions on suggested targets
We do not collect passwords directly β authentication is handled by Supabase, which stores passwords as salted hashes.
2. What We Do NOT Collect
- No browsing history or page analytics
- No cookies beyond session authentication tokens
- No device fingerprinting
- No advertising identifiers
- No telemetry or usage tracking
3. How We Use Your Data
Your data is used only to provide the app's core functionality:
| Data | Purpose |
|---|---|
| Account identification and sign-in | |
| Location | Calculate rise/set/transit times for your observing site |
| Filter settings | Personalize which objects appear in your session |
| Watchlists | Show your saved targets alongside shared catalogs |
| Priorities | Remember your accept/ignore decisions |
We do not use your data for advertising, profiling, or any purpose beyond operating AstroSession.
4. Third-Party Services
AstroSession integrates with external services for astronomy data. None of your personal data is sent to these services:
| Service | What It Does | Personal Data Sent |
|---|---|---|
| JPL Horizons API | Comet/asteroid positions | None |
| SIMBAD (CDS) | Star/galaxy/nebula coordinates | None |
| Google Places API | Address autocomplete (client-side) | Search text only (not stored) |
| Unistellar | Cosmic event priorities | None |
Authentication Providers
| Provider | Data Received | Purpose |
|---|---|---|
| Google OAuth | Email, display name | Sign-in only |
| Supabase | Manages auth sessions | Database and authentication |
When you sign in with Google, we receive only your email address and display name. We do not request access to your Google Drive, Calendar, Contacts, or any other Google services.
5. Data Storage & Security
- All data is stored in Supabase (hosted on AWS infrastructure)
- Data is encrypted in transit via HTTPS/TLS
- Every database table uses Row Level Security (RLS) β you can only access your own data
- Authentication tokens are stored in your browser's
sessionStorage(cleared when you close the tab) - We do not store data on any other servers or services
6. Data Retention
- Your data is stored as long as your account exists
- Deleting your account permanently removes all associated data via cascading deletion
- We do not retain backups of deleted user data
7. Your Rights
- Access your data β settings, watchlists, and priorities are visible in the app
- Modify your data β edit settings, add/remove items, change priorities at any time
- Delete your account and all data β contact us at the email below
- Export your data β observation plans can be downloaded as CSV or PDF
8. Children's Privacy
AstroSession is not directed at children under 13. We do not knowingly collect data from children under 13. If you believe a child has provided us with personal data, please contact us.
9. Changes to This Policy
We may update this policy from time to time. Changes will be reflected in the βLast updatedβ date above. Continued use of AstroSession after changes constitutes acceptance of the updated policy.
10. Contact
For privacy questions, data deletion requests, or concerns:
vamshi.kiran2012@gmail.com