1. Overview
CosmosDaily ("we", "us", "our") operates the website at cosmosdaily.space (the "Service"). This Privacy Policy describes how we collect, use, and share information about you when you use our Service, and your rights in relation to that information.
By using the Service you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
We collect information in the following ways:
- Account information — if you create an account (currently in beta), we collect your name, email address, and profile picture via Google Sign-In.
- Usage data — we may log your IP address, browser type, pages visited, referring URL, and the date/time of your visit for analytics purposes.
- User-generated content — comments or other content you submit to the Service.
- Contact form data — your name, email address, and message when you contact us.
3. How We Use Your Data
We use the information we collect to:
- Provide, maintain, and improve the Service
- Personalise your experience (e.g. article recommendations)
- Respond to your enquiries
- Monitor usage and detect technical issues
- Comply with legal obligations
We will never sell your personal data to third parties, nor use it for targeted advertising.
4. Third-Party Services
The Service integrates with the following third-party providers, each with their own privacy practices:
- Supabase — database and authentication. Data is stored on servers within the EU. See supabase.com/privacy.
- NASA Open APIs — astronomy image and data feeds. No personal data is sent to NASA.
- The Space Devs API — launch data. No personal data is transmitted.
- Google Sign-In — if you choose to sign in with Google, Google's privacy policy applies to authentication data.
5. Cookies & Local Storage
We use browser localStorage to store your theme preference (dark/light) and cache NASA picture-of-the-day data to reduce API requests. These are not tracking cookies and contain no personal information.
If you are signed in, Supabase stores a session token in localStorage to keep you logged in. This token is cleared when you sign out.
We do not use advertising cookies or third-party tracking pixels.
6. Data Security
We take reasonable technical and organisational measures to protect your data. All data transmission is encrypted via HTTPS. Database access is restricted and row-level security is enforced in Supabase.
No method of transmission over the internet is 100% secure. While we strive to use commercially acceptable means to protect your data, we cannot guarantee absolute security.
7. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- The right to access the personal data we hold about you
- The right to rectify inaccurate data
- The right to erase your data ("right to be forgotten")
- The right to restrict or object to processing
- The right to data portability
To exercise any of these rights, please contact us. We will respond within 30 days.
8. Children's Privacy
The Service is not directed at children under 13. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
9. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes by updating the "Last updated" date at the top of this page. We encourage you to review this policy periodically.
10. Contact
If you have any questions about this Privacy Policy, please reach us via our contact form.