phal.ai

Privacy Policy

Last updated: May 24, 2026

Introduction

This policy explains what data phal.ai collects, why we collect it, where it’s stored, and what control you have over it. It applies to everyone who uses the Service — guest sessions and signed-in accounts alike.

We aim for minimum-necessary data. We don’t sell data, we don’t run ads, we don’t embed third-party trackers.

Data we collect

Account data

Your email address, captured when you sign in via magic link. We never store passwords — authentication is link-based only.

Chart data

Birth details (date, time, place) that you provide voluntarily when you ask us to compute a chart. Coordinates are resolved via geocoding; planetary positions are computed locally using the Swiss Ephemeris library — no chart math is sent to any third-party API.

Chat history

Every message you send and every response we generate, stored so the assistant has continuity across sessions and so you can revisit past conversations.

Memory facts

Specific facts you explicitly ask us to remember (e.g. “remember my partner’s birth details”). These are stored as structured records, visible to you, and editable or deletable at any time.

Usage & debugging data

Anonymized request traces (prompts, tool calls, latencies, errors) sent to Langfuse for observability — used to debug failures and improve answer quality. Traces include the prompt and model output but not your name or contact details.

Payment data

Payments are handled entirely by Paddle as our Merchant of Record. We never see or store your card details. We receive only billing event metadata (order ID, amount, currency, country, tax breakdown) needed to credit your account and meet our tax obligations.

How we use your data

  • To generate answers to your chart-related questions.
  • To maintain conversational continuity across sessions.
  • To process payments and credit your account.
  • To debug failures and improve answer quality over time.
  • To detect and prevent fraud, abuse, and violations of our terms.
  • To send essential transactional email (sign-in links, receipts).

Where your data is stored

  • Database: Neon Postgres, US East region.
  • Observability: Langfuse Cloud, United States.
  • Email delivery: AWS SES, us-east-1.
  • Web frontend: Vercel edge network, globally distributed.
  • Application backend: Fly.io, primary region iad (US East).

Sharing

We do not sell your data, and we do not share it with third parties for their own use. We rely on a small number of essential service providers to operate the Service; each is bound by its own privacy policy:

  • Paddle — payment processing and tax compliance.
  • Anthropic — large-language-model inference for answer generation.
  • AWS SES — transactional email delivery.
  • Langfuse — observability and quality monitoring.
  • Cloudflare — DNS and CDN.
  • Neon, Vercel, Fly.io — hosting infrastructure.

Retention

  • Active accounts: we retain your data for as long as your account is active.
  • Deleted accounts: 30 days after deletion, all personal data (email, chart, chat history, memory facts) is purged from our primary database. Backups age out within 35 days.
  • Billing records: retained for 7 years as required by Indian tax law, in pseudonymized form (order ID + amount; not linked to chart or chat content).

Your rights

You can, at any time:

  • Access and export your chat history and memory facts.
  • Correct or update any data you provided.
  • Delete your account and request purge of associated data.
  • Withdraw consent for non-essential processing.

Email hello@phal.ai for any of these requests; we respond within 7 business days.

Cookies

We use a single httpOnly session cookie to keep you signed in. No third-party analytics cookies, no advertising cookies, no cross-site trackers.

Children

phal.ai is not directed at children under 18. We do not knowingly collect data from anyone under 18. If you believe a minor has created an account, email us and we will delete it.

Changes to this policy

We may update this policy as the Service evolves. Material changes will be announced via email or an in-app notice with reasonable notice before they take effect.

Contact

Privacy questions, data requests, anything else: email hello@phal.ai.