Starloom — Privacy Policy

Effective date: May 29, 2026

Starloom is a daily cosmic-astrology app that weaves one personalized reading a day from a private blueprint you create. This policy explains, plainly and honestly, what Starloom does and does not do with your information.

The short version: your personal information stays on your device. Starloom has no accounts, no analytics, no advertising, and no developer servers that collect your data. We — the people who make Starloom — never see your profile or your readings.

Who we are

Starloom is published by Lanternary (the "developer," "we," "us"). The app's bundle identifier is com.lanternary.starloom.

If you have a privacy question, contact us at hello@lanternary.com.

What information Starloom handles

To personalize your reading, Starloom asks you to create a private blueprint. This may include:

• Name (required)
• Date of birth (required)
• Zodiac sign — derived automatically on your device from your date of birth; you do not enter it
• Birth time (optional)
• Birth location (optional — a city or place name you type)
• MBTI personality type (optional)
• Blood type (optional)

Starloom also generates and keeps your daily readings (the woven text for each of the six stones).

Finally, to generate readings, Starloom needs an Anthropic (Claude) API key, which you provide.

Where your information is stored

On your device — and nowhere else that we control.

• Your blueprint and your readings are stored locally on your device in the app's standard on-device storage (AsyncStorage). They are not uploaded to us, and we operate no server, database, or account system that receives them.
• Your API key is stored in your device's operating-system secure store — the iOS Keychain / Android Keystore, via expo-secure-store. It is kept apart from the rest of your data and is not exposed to other apps.

Because everything lives on your device, we cannot see, access, retrieve, reset, or recover any of it. If you delete the app, this information is removed with it.

The only data that leaves your device

Starloom makes one kind of network request: generating your reading.

When Starloom weaves your reading (once per day, or when you pull to refresh), it sends a single prompt — built from your blueprint — to Anthropic's Claude AI, authenticated with your own API key. By default this request is sent directly to Anthropic's API at api.anthropic.com. If you choose to configure one, the request can instead be routed through your own relay that you operate (for example, a Cloudflare Worker you host) before reaching Anthropic; Starloom ships without any such relay, and we do not run one for you.

What this means for you:

• The request contains a prompt derived from your blueprint — including your name and details synthesized from your birth date and any optional traits you added. It is sent only to fulfill your request for a reading.
• The reading is generated using your Anthropic API key, so Anthropic's handling of the request is governed by Anthropic's Privacy Policy and Usage Policies: https://www.anthropic.com/legal/privacy. Per Anthropic's API terms, API inputs and outputs are not used to train Anthropic's models by default. We encourage you to review their policies, because that request is processed by Anthropic, not by us.
• Starloom sends nothing else anywhere. There is no other network call that transmits your personal information, and there is no developer backend that receives, logs, or stores it.

What Starloom does NOT do

To be unambiguous, Starloom does not:

• Have user accounts, logins, or profiles on any server
• Operate a developer backend that collects your data (we run no data-collection server)
• Use analytics, telemetry, crash-reporting, or usage-tracking SDKs
• Show advertising or include any advertising SDKs
• Sell, rent, share, or "monetize" your information
• Track you across apps or websites
• Request access to your contacts, photos, microphone, or precise device location

The optional "birth location" is simply text you type (such as a city name); Starloom does not read your device's GPS or location services.

Children's privacy

Starloom is intended for a general audience and is not directed to children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal information from children — and, in fact, we do not collect personal information from anyone, since your data never leaves your device for us to collect. If you are a parent or guardian and believe a child has entered personal information into the app, note that uninstalling the app removes all on-device data. You may also contact us at hello@lanternary.com.

Your choices and control

Because your data is on your device, you are in control of it:

• Edit or replace your blueprint at any time in the app. Updating your profile re-weaves your reading.
• Refresh a reading with pull-to-refresh, which generates a fresh reading for the day.
• Remove your API key at any time from the API configuration screen ("Clear API key").
• Delete everything by uninstalling Starloom, which removes your blueprint, your cached readings, and your stored API key from the device.

Security

Your API key is held in the operating system's secure store rather than in ordinary app storage. The reading request to Anthropic is sent over an encrypted (HTTPS) connection. No method of storage or transmission is ever 100% secure, but Starloom is deliberately designed to minimize risk by keeping your information on your device and avoiding any developer-side collection.

Changes to this policy

If we change this policy, we will update the "Effective date" above and post the revised version at this URL. Material changes may also be noted in the app or its store listing. Your continued use of Starloom after an update means you accept the revised policy.

Contact

Questions, concerns, or requests about privacy:

Starloom is offered for reflection and entertainment. You author your own destiny.