Privacy Policy
App: Northnode ("the app")
Data controller: Bastian Alejandro Cuesta Hidalgo
Privacy contact: privacy@northnode.app
Last updated: July 7, 2026
Your chart and birth details live on your device. Anything you share with your connections travels end-to-end encrypted — only you and that person can read it. There are no accounts tied to your real identity or your Apple ID, we don't sell data, and we don't use advertising trackers.
What data we handle, and where
- Your birth details (the name you type, date, optional time and place) and the birth chart derived from them: stored on your device. They are not sent to our servers.
- People you add by their birth date (contacts): also on your device. We don't upload address books or third-party data.
- Real connections between users (optional, by code): to connect with someone else on Northnode, we create an anonymous account for you (a random identifier; no Apple ID, no email, no real name). Our backend (Supabase, EU region) stores: the display name you choose (in the clear, so the other person sees "X wants to connect"), your anonymous identifier, an invite code and a public key, and the connection graph (who connects with whom, as anonymous identifiers). The birth details and chart you share with a connection travel end-to-end encrypted (Curve25519 + AES-GCM): the key lives on the devices, and we cannot read them.
- The premium deep analysis (deep-dive and weekly read): to write the richer text, we send a third-party cloud AI provider only non-identifying facts (the astrological aspects, the scores and the relationship type). Never your birth date, your name or your place. The rest of the app works without this (it falls back to template-based text).
- Anonymous usage stats (optional): to measure retention and improve the app, we send our backend (EU) a random install identifier (not derived from your Apple ID, your birth date, name or place, or your social identity), the version, the language and whether you're premium, along with which screens are used. Never your birth date, your name, your chart or who you connect with. You can turn this off in Settings → Privacy.
- Notifications (optional daily reminder): scheduled on your device. We don't send any notification tokens to a server. You can disable them in iOS Settings.
Date and place of birth are personal data, but not special-category data under Article 9 GDPR (they are not health, religion, etc.).
What we don't do
- No accounts tied to your real identity (no Apple ID, no email, no legal name).
- No advertising SDKs, no trackers, and no identifiers for cross-app or cross-site tracking (which is why you won't see Apple's tracking prompt).
- We don't sell your data or share it with data brokers.
Purchases (App Store)
Subscriptions and purchases are handled by Apple (StoreKit). We don't receive your card details; payment processing is done by Apple under its own policy.
Where data is hosted
The backend (connections and anonymous stats) is hosted in the European Union region (Supabase). The cloud AI provider may process the non-identifying facts of the analysis; where that involves an international transfer outside the EEA, it relies on appropriate safeguards (e.g. standard contractual clauses).
Legal basis (GDPR)
- Consent to enter and process your birth details (you enter them when you create your chart) and for the social features you choose to use.
- Legitimate interest in running and securing the app and improving it via anonymous stats (which you can turn off).
Your rights
You control your data from within the app:
- Access and portability: Settings → Export my data generates a file with what the app stores about you.
- Erasure: Settings → Delete my data removes your profile and contacts from the device and, if you've used connections, your anonymous account data on the server too (profile, encrypted envelopes and connections).
- Rectification: edit your profile in the app.
You can also write to privacy@northnode.app. You have the right to lodge a complaint with your data protection authority (in Spain, the AEPD).
Retention
Local data stays on your device for as long as the app is installed and you don't delete it. Your anonymous account data on the server is kept while you have active connections and is removed when you use "Delete my data" or disconnect. Anonymous stats are retained in aggregate for product metrics.
Minimum age
The app is for people 16 or older. It is not directed at children under that age, and we do not knowingly process children's data.
Changes
If we change how we handle data, we'll update this policy before the change takes effect and reflect it in the date above.
Contact
Bastian Alejandro Cuesta Hidalgo — privacy@northnode.app