Effective Date: April 8, 2026
1. What We Collect
When you use Bruha, we collect:
- Account info: Email address (via Google OAuth or magic link)
- Profile info: Display name, date of birth, sex, zodiac sign (provided by you)
- Reading history: Cards drawn, reading text, dates, life context you enter
- Usage data: Anonymous analytics via PostHog (page views, feature usage)
- Device info: Timezone (for notifications), push notification subscription
2. What We Don't Collect
- We do not sell your data to third parties
- We do not use your data for advertising
- We do not share your readings with other users
- We do not store your Google password
3. How We Use Your Data
- Readings: Your birth info and reading history are sent to Claude (Anthropic) to generate personalized readings. Anthropic does not retain this data.
- Notifications: Your timezone is used to send daily push notifications at 8 AM your local time.
- Analytics: PostHog tracks anonymous usage patterns to improve the app. No personal data is sent to PostHog.
- Payments: Subscription billing is handled by PayMongo. We do not store credit card information.
4. Where Your Data Lives
Your data is stored in Supabase (PostgreSQL) with row-level security enabled. Only you can access your own readings and profile data. Data is encrypted in transit (HTTPS) and at rest.
5. Data Deletion
You can delete your account and all associated data at any time from the Settings page. This permanently removes your profile, all readings, and push notification subscriptions. This action cannot be undone.
6. Third-Party Services
- Supabase: Database and authentication
- Anthropic (Claude): AI reading generation
- PayMongo: Payment processing
- PostHog: Anonymous analytics
- Vercel: Hosting
7. Browser Fingerprinting
Bruha uses browser fingerprinting to enforce guest reading limits. When you use Bruha without an account, a one-way hash is generated from non-identifying browser attributes (screen resolution, timezone, language, canvas rendering). This hash is used solely to limit free readings per device.
- No personal data is stored from fingerprints — only a non-reversible hash
- The hash cannot be used to identify you personally
- Fingerprint data is not shared with any third party
- Creating an account removes reliance on fingerprinting for your usage
8. Product Analytics (PostHog)
Bruha uses PostHog for anonymous product analytics. We track events such as:
- Card pulls and reading views
- Signup starts and completions
- Paywall impressions
- Share taps and push notification opt-ins
- Reading feedback (thumbs up/down)
This data helps us improve the app, identify bugs, and understand which features provide value. No personally identifiable information is sent to PostHog. You can opt out by enabling your browser's "Do Not Track" setting.
9. Cookies
Bruha uses essential cookies for authentication and rate limiting. We do not use tracking cookies or third-party advertising cookies.
10. Children
Bruha is not intended for users under 18. We do not knowingly collect data from minors.
11. Changes
We may update this policy. Continued use after changes constitutes acceptance.
12. Contact
Privacy questions? Reach us at hello@bruha.app