phal.ai

Privacy Policy

Last updated: July 3, 2026

Introduction

This policy explains what data phal.ai collects, why we collect it, where it’s stored, and what control you have over it. It applies to everyone who uses the Service.

We aim for minimum-necessary data. We don’t sell data, we don’t run ads, we don’t embed third-party trackers.

Data we collect

Account data

Your email address, captured when you sign in via magic link. We never store passwords — authentication is link-based only.

Chart data

Birth details (date, time, place) that you provide voluntarily when you ask us to compute a chart. Coordinates are resolved via geocoding; planetary positions are computed locally using the Swiss Ephemeris library — no chart math is sent to any third-party API.

Chat history

Every message you send and every response we generate, stored so the assistant has continuity across sessions and so you can revisit past conversations.

Memory facts

Specific facts you explicitly ask us to remember (e.g. “remember my partner’s birth details”). These are stored as structured records, visible to you, and editable or deletable at any time.

Usage & debugging data

Anonymized request traces (prompts, tool calls, latencies, errors) sent to Langfuse for observability — used to debug failures and improve answer quality. Traces include the prompt and model output but not your name or contact details.

Payment data

Payments are processed by Razorpay. We never see or store your card details. We receive only billing event metadata (order ID, payment ID, amount, currency, refund status) needed to credit your account and meet our tax obligations.

How we use your data

  • To generate answers to your chart-related questions.
  • To maintain conversational continuity across sessions.
  • To process payments and credit your account.
  • To debug failures and improve answer quality over time.
  • To detect and prevent fraud, abuse, and violations of our terms.
  • To send essential transactional email (sign-in links, receipts).

Where your data is stored

  • Database: Neon Postgres, US East region.
  • Observability: Langfuse Cloud, United States.
  • Email delivery: AWS SES, us-east-1.
  • Web frontend: Vercel edge network, globally distributed.
  • Application backend: Fly.io, primary region iad (US East).

Sharing

We do not sell your data, and we do not share it with third parties for their own use. We rely on a small number of essential service providers to operate the Service; each is bound by its own privacy policy:

  • Razorpay — payment processing.
  • Anthropic — large-language-model inference for answer generation.
  • AWS SES — transactional email delivery.
  • Langfuse — observability and quality monitoring.
  • Cloudflare — DNS and CDN.
  • Neon, Vercel, Fly.io — hosting infrastructure.

Retention

  • Active accounts: we retain your data for as long as your account is active.
  • Deleted accounts: 30 days after deletion, all personal data (email, chart, chat history, memory facts) is purged from our primary database. Backups age out within 35 days.
  • Billing records: retained for 7 years as required by Indian tax law, in pseudonymized form (order ID + amount; not linked to chart or chat content).

Research contribution (opt-in)

You may choose to contribute a de-identified copy of your data to the research corpus we use to improve timing-window accuracy and confidence calibration for all users. This is strictly opt-in — your data is never included without your explicit consent.

What is shared

  • Chart geometry: sign, house, and nakshatra positions.
  • Life events reduced to month, category, and age only (e.g. “Career · age 28 · July 2019”).

What is never shared

  • Your name or email address.
  • Your birth date, birth time, or birth place.
  • Event descriptions, notes, or any text that names you.

De-identification and re-identification risk

Your contribution is pseudonymized, not fully anonymous. A determined attacker who already holds outside records — e.g. a public birth registry or knowledge of your life events — could in principle re-identify you from the chart geometry alone. We therefore keep the research corpus private and access-controlled; it is never published openly.

Consent versioning

We record the version of this disclosure at the time you opt in. If the scope of data sharing changes materially in a future version, we will ask for fresh consent before including your data under the new terms.

Withdrawing consent

You can withdraw at any time via Account → Privacy or by asking the assistant in chat. Opting out removes your contribution from every future corpus build. Data already used in past research runs cannot be retroactively removed (it was aggregated and de-identified), but no new extractions will be made after opt-out.

Your rights

You can, at any time:

  • Access and export your chat history and memory facts.
  • Correct or update any data you provided.
  • Delete your account and request purge of associated data.
  • Withdraw consent for non-essential processing.

Email hello@phal.ai for any of these requests; we respond within 7 business days.

Cookies

We use a single httpOnly session cookie to keep you signed in. No third-party analytics cookies, no advertising cookies, no cross-site trackers.

Children

phal.ai is not directed at children under 18. We do not knowingly collect data from anyone under 18. If you believe a minor has created an account, email us and we will delete it.

Changes to this policy

We may update this policy as the Service evolves. Material changes will be announced via email or an in-app notice with reasonable notice before they take effect.

Contact

Privacy questions, data requests, anything else: email hello@phal.ai.