Legal // Data Doctrine

Privacy Policy.

Effective: 2026-07-08 · noctara.io

Sovereignty is our first principle. This page states plainly what data exists, why, and what we will never do with it.

1. What we collect

Account data (email address, authentication credentials via Supabase), usage data you generate on the platform (frequency sessions, streaks, protocol progress), purchase records processed by Stripe, newsletter subscription status, and any comments you post to the Resonance Circle. That is the complete list.

2. What we never do

We do not sell your data. We do not share it with advertisers. We do not run third-party ad trackers. Frequencies are synthesized locally in your browser — your listening activity is stored only to power your own dashboard (streaks, history, charts).

3. Payments

All payments are processed by Stripe. Noctara never sees or stores your card number. We retain order records (product, amount, email, date) to deliver what you purchased and to comply with tax and accounting law.

4. Email

Transactional email (receipts, access grants) is sent as needed. The weekly newsletter ("The Signal") is sent only if you opted in, and every issue contains a one-click unsubscribe link that works immediately.

5. Cookies

We use strictly necessary cookies for authentication (keeping you signed in). No advertising or cross-site tracking cookies.

6. Data retention & deletion

Your data is retained while your account is active. Email trapartist11@gmail.com from your account address to request export or permanent deletion; we will action it within 30 days, except records we are legally required to keep (e.g., payment records).

7. Third-party processors

Supabase (authentication & database), Stripe (payments), Vercel (hosting), Cloudflare (content delivery). Each processes data only as needed to run the service.

8. Changes

If this policy changes materially, we will note it in the newsletter and update the date below. Continued use after changes constitutes acceptance.