Astral Warden
How it worksFeaturesPricingAboutDemo
Sign in Start free
How it worksFeaturesPricingAboutDemo Sign in

Legal

Privacy Policy

Last updated: July 4, 2026

This Privacy Policy explains how Astral Warden, LLC (“Astral Warden”, “we”, “us”) collects, uses, and shares information when you use our website, apps, and the monitoring agent (together, the “Service”). By using the Service, you agree to this policy.

1. Who this applies to

This policy covers people who visit our website, create an account, or install and run the Astral Warden agent on a computer they own or control. If you don't have an account and are only browsing the site, only the “Cookies and consent” section below applies to you.

2. Information we collect

Account information

When you sign up, we use Clerk to authenticate you. We receive and store your name, email address, and (optionally) a profile image and phone number. If you sign in with Google or Apple, we receive basic profile details from those providers. We never see your password.

Billing information

Payments are processed by Polar, which acts as our merchant of record and handles payment and tax. We do not receive or store your full card number. We store your subscription status, plan, and a billing customer identifier so we can provide the Service you've paid for.

Rig monitoring data (the core of the Service)

The agent you install reads from the software and equipment on your imaging computer and sends us a normalized picture of what it observes. This includes:

  • System and host data: disk space, CPU and memory usage, uptime, and agent health.
  • Equipment and software state: mount, focuser, guider, power, weather and roof/safety status, and the state of your capture software (NINA, Voyager) and scheduler.
  • Per-frame quality metadata: for each exposure, values such as filename, target, filter, exposure, sensor temperature, FWHM, HFR, eccentricity, star count, background, and pointing coordinates.
  • Events and logs the agent captures from those sources (e.g. errors, sequence events).

We do not collect your raw image files. Your light frames (the large FITS/XISF files) stay on your equipment and in your own pipeline. Depending on configuration we may store a small thumbnail of a frame. The agent is read-only: it observes and reports, and never writes to your systems or controls your equipment.

Device and notification data

If you enable push notifications, we store a push token and platform (iOS/Android) so we can send alerts through Expo and Apple/Google push services. Alert emails are sent via Resend.

Product usage and diagnostics

We use PostHog (hosted in the EU) to understand how the product is used, and Sentry (also hosted in the EU) to capture errors and crashes so we can fix them. This includes app interactions, device/browser information, and diagnostic data. We configure PostHog to mask personal information where practical. How this is handled on the website, and how we ask for consent, is described under “Cookies and consent” below.

3. How we use information

  • To provide the Service: monitor your rigs, evaluate alert rules, and notify you.
  • To manage your account, subscription, and billing.
  • To provide support and respond to your requests.
  • To secure, maintain, debug, and improve the Service.
  • To comply with legal obligations and enforce our terms.

We do not sell your personal information, and we do not use your imaging data to train third-party models.

4. Legal bases for processing (EEA and UK)

If you are in the European Economic Area or the United Kingdom, we process your personal data on the following legal bases under the GDPR / UK GDPR:

  • Performance of a contract — to create and manage your account and to deliver the core Service you signed up for: collecting your rig's telemetry, evaluating alert rules, and sending you alerts.
  • Legal obligation — to meet tax, accounting, and other legal requirements connected to your subscription.
  • Legitimate interests — to secure, maintain, and debug the Service (including error and performance monitoring via Sentry), to prevent abuse, and to improve the product, in a way that does not override your rights.
  • Consent — for non-essential website analytics (PostHog) where consent is required. You can withdraw consent at any time; see “Cookies and consent” below. Withdrawing consent does not affect processing that already took place.

5. Cookies and consent

We use a small number of cookies and similar local storage, in three categories:

  • Strictly necessary — required to sign you in and keep you signed in (Clerk session), to keep the Service secure, and to remember your cookie choice. These are always on; the Service can't work without them.
  • Analytics — PostHog, to understand how the site and product are used so we can improve them.
  • Advertising — none. We don't run ad or cross-site tracking cookies.

If you visit from the EEA or the UK, we ask for your consent before loading analytics. Analytics stays off until you accept, and you can decline with no loss of functionality. Outside the EEA and UK, analytics loads by default. You can change your mind at any time by clearing this site's storage in your browser, which brings the choice back, and you can control cookies through your browser settings; blocking strictly-necessary cookies may affect sign-in.

6. How we share information

We share information with service providers (“processors”) that help us run the Service, under data processing agreements that require them to protect it. We have a DPA in place with each of the following as of July 4, 2026:

Processor Purpose Location DPA on file
Clerk User authentication and account management United States Yes — Jul 4, 2026
Polar Payments, subscriptions, and tax (merchant of record) United States / EU Yes — Jul 4, 2026
Cloudflare Website and API hosting, compute, and file storage (R2) Global / United States Yes — Jul 4, 2026
Tiger Cloud Managed PostgreSQL/TimescaleDB system-of-record (on AWS) United States Yes — Jul 4, 2026
PostHog Product and website analytics European Union Yes — Jul 4, 2026
Sentry Error and performance monitoring European Union Yes — Jul 4, 2026
Resend Transactional and alert email United States Yes — Jul 4, 2026
Expo, and Apple/Google push services Mobile push notifications Global / United States Yes — Jul 4, 2026

We may also disclose information if required by law, to protect our rights or the safety of others, or in connection with a merger, acquisition, or sale of assets.

7. Where your data is stored and international transfers

Our database and file storage are hosted in the United States. Some providers (for example PostHog and Sentry) store data in the European Union. If you are outside these regions, your information will be transferred to and processed in them. Where required for transfers out of the EEA or UK, we rely on appropriate safeguards, such as the Standard Contractual Clauses, in our agreements with these providers.

8. Data retention

We keep your account information for as long as your account is active, and for a reasonable period afterward as needed for legal, billing, and security purposes. Rig telemetry (events, metrics, and frame metadata) is retained according to your plan's history window and then aged out. When you decommission a rig, its time-series data is purged after a short grace period.

9. Security

All communication with the Service is encrypted in transit (HTTPS). The agent connects outbound-only and opens no inbound ports on your network. We restrict access to personal data to those who need it to operate the Service. No system is perfectly secure, but we work to protect your information using reasonable technical and organizational measures.

10. Your rights and choices

Depending on where you live (for example under GDPR or CCPA/CPRA), you may have the right to access, correct, delete, or export your personal information, to object to or restrict certain processing, and to opt out of certain analytics. You can update much of your account information in the app, and you can contact us to exercise any of these rights. We will not discriminate against you for exercising them.

11. Children

The Service is not directed to children, and we do not knowingly collect personal information from anyone under 16.

12. Changes to this policy

We may update this policy from time to time. If we make material changes, we'll update the date above and, where appropriate, notify you. Continued use of the Service after changes take effect means you accept the updated policy.

13. Contact us

Questions about this policy or your data? Contact us at kyle@astralwarden.com.


Astral Warden

Know your rig is healthy and your data is good from anywhere.

Product How it worksFeaturesPricingAboutDemo
Get started Start free Sign in
Legal Privacy Terms
© 2026 Astral Warden Made for the nights you're not there.

We use privacy-friendly analytics (PostHog) to see how Astral Warden is used and improve it. No ads, no cross-site tracking. Privacy Policy