Leyra
Leyra
Where light, intuition, and the stars meet.
Privacy

Privacy notice

Leyra is designed around a simple promise: remembered guidance should remain under your control. This notice explains what Leyra collects, why it is used and how to ask for help with your data.

Who controls Leyra data

Leyra.uk is operated from the UK. For privacy questions, data requests, account deletion requests or concerns, contact support@leyra.uk.

This notice is written for the current launch service and will be updated when legal entity, vendor or infrastructure details change.

What Leyra collects

  • Account details: email address, display name, encrypted password record, confirmation state and account settings.
  • Birth and profile details: birth date for account readings, and optional birth time/place, tone preference, focus area and reflective/profile answers.
  • Reading and ritual history: saved readings, moon/tarot activity, journal/check-in signals, profile-memory states and related preferences.
  • Subscription details: Leyra plan, Stripe customer/subscription references, subscription status and billing-portal state. Leyra does not store full card details.
  • Email preferences and delivery signals: whether ritual email is enabled, delivery mode, frequency, email kind, optional weekly reflection email day and preference changes.
  • Feedback and support context: message, category, optional contact email if supplied, page path, browser/device context and account tier when signed in.
  • First-party analytics: only after optional analytics consent, Leyra records first-party page/event data such as path, page title, referrer without query strings, viewport, language, timezone, anonymous session ID and event labels.
  • Public share-card signals: Leyra may record privacy-safe card views, channel clicks, copy/download events and free-reading/pricing CTAs after analytics consent. These events use public paths and labels, not private reading text or account memory.
  • Home Screen install and offline app signals: Leyra links app-install metadata, may remember if you dismiss the install suggestion in that browser, and registers a service worker that caches only public static shell assets plus a safe offline page. Push subscription device reminder details is collected only when a signed-in user explicitly enables browser reminders on that device.
  • Safety and quality records: AI safety-review rows can include prompt/output excerpts so unsafe or low-confidence readings can be investigated and improved.

Why Leyra uses data

Leyra uses data to provide accounts, confirm email addresses, generate sign-based and personalised readings, remember optional profile context, manage subscriptions, deliver selected emails, keep the service secure, answer support requests, improve usability during launch and maintain safety guardrails.

The usual lawful bases are contract where data is needed to provide the service you request, legitimate interests for security, support, safety and product-quality work, consent for optional analytics storage, and legal obligation where records must be kept for accounting, tax, dispute or regulatory reasons.

Home Screen install, static cache and push reminders

The installable web app layer lets Leyra be added to a phone Home Screen using browser support. Leyra now registers a conservative service worker so static shell assets and a no-private-data offline page can load more reliably. Personal readings, account pages, billing pages, profile memory, saved history, tarot results, analytics/API responses and private admin routes are excluded from the cache by design.

Leyra supports an explicit browser push opt-in for signed-in users. When you enable reminders, Leyra stores the the device reminder details needed to manage that reminder so that reminders can be managed safely. Leyra does not use push for third-party advertising and does not include private reading text in notifications. You can disable the current browser subscription from your profile delivery settings or your browser/device notification settings. Reminder preferences also store morning/evening channels, quiet hours and delivery records before scheduled pushes are enabled.

Public share cards

Daily, moon and tarot share cards are public growth surfaces. They are generated from public date/sign/moon/tarot copy only and must not include private reading text, journal answers, profile-memory answers, paid tarot history, email addresses, confirmation tokens or billing context.

Weekly reflection

Weekly reflection summaries and optional weekly reflection emails use aggregate theme signals such as repeating theme, one thing that helped and one question to carry. The email copy avoids raw private journal answers and can be paused from profile delivery settings.

AI, vendors and sharing

Leyra uses AI-assisted writing inside safety rules. Sensitive account-memory prompts are handled inside Leyra’s approved private AI setup unless a future policy clearly says otherwise. Leyra aims to minimise prompt context and avoid sending more profile memory than is needed for the reading tier and feature being used. Pro tarot keeps card selection deterministic, but may use the approved Leyra AI setup to shape the interpretation text from the chosen card, orientation and relevant profile context.

Leyra may also use infrastructure, email-delivery and payment vendors. Stripe handles checkout, customer billing and card details. Leyra keeps subscription references and status, not full card numbers.

Retention

Account, subscription and reading records are retained while the account is active and for a reasonable period afterwards where needed for support, safety, billing, fraud prevention or legal obligations. Launch analytics and feedback are intended for short operational review rather than permanent profiling. Self-service export, profile-memory deletion, account deletion/deletion-request handling, anonymisation and retention operations are available from signed-in privacy controls.

Your controls and rights

You can edit email preferences, profile basics and optional profile-memory material inside your account. Signed-in users can also open Privacy controls to download a data export, delete profile memory, start account deletion and see what account-linked records exist. Leyra also publishes a public account deletion and Meta app data deletion instructions page. You can also contact support to request access, correction, deletion, export or restriction of your data.

UK users can raise unresolved data-protection concerns with the Information Commissioner’s Office. Please contact Leyra first where possible so the issue can be investigated quickly.

Age and underage accounts

Leyra is intended for adults. If you are under 18, do not create a paid account or provide reflective profile answers without appropriate parent/guardian involvement. If Leyra becomes aware that an account has been created by someone who should not be using the service, the account may be restricted or deleted.

Professional-advice boundary

Leyra readings are for reflection, wellbeing and entertainment. They are not medical, legal, financial, emergency, therapy or professional advice. In an emergency or crisis, contact local emergency services or an appropriate crisis-support organisation.

Profile memory and personal context

Leyra may store profile preferences you enter, such as reading tone, preferred length, spiritual/practical balance, current focus, topics to avoid, topics to handle gently and whether Leyra memory is active or paused.

These settings are used to personalise Leyra readings and reflection features inside Leyra. They are not used to train shared AI models. If memory is paused, Leyra should not use stored check-ins, reading history, tarot history or profile-answer memory as generation context, apart from current account basics and explicitly saved style or safety-boundary settings.

You can update these settings from Profile basics, use Privacy controls to export your data, and delete profile memory. Future “What Leyra Remembers” controls will make individual memory items visible, editable, pausable and removable.

Daily check-ins and emotional weather

Leyra daily check-ins may store mood, energy, need, an optional short note, the remember-mode choice, channel, safety-scan result and timestamps. The check-in can shape the day’s reading immediately.

If you choose “use for today only”, Leyra should not promote that check-in into future profile memory or active themes. If you choose “remember as a pattern” and memory is active, Leyra may use the short summary as a gentle pattern signal. Optional notes are scanned before storage and may be suppressed if they match high-risk safety rules.

Reading pipeline context, feedback and audit records

Leyra may store a short reading-support record when a reading is generated. This records which consented sources were used, such as profile settings, today’s check-in, recent reading memory, tarot memory or structured feedback signals, plus a private reference for the reading support record. It is designed to support personalisation and safety without keeping long raw histories in admin screens.

When you rate a reading as helpful, vague, too intense, not right today or explicitly ask Leyra to remember something, Leyra may store that structured feedback so future readings can adapt within your memory-consent setting. You can export these rows from Privacy controls, and deleting profile memory removes the feedback-learning and reading-support records linked to your account.

Personal context

Active themes and memory candidates

Leyra may suggest short active themes from remembered check-ins and reading feedback when memory consent is active. These are user-visible, confidence-scored and removable; they are used only to make Leyra readings feel more personal and are not shared model training data.

Personal context controls

What Leyra Remembers

Signed-in users can review the profile preferences, boundaries, daily check-ins, feedback signals, active themes, pending memory candidates and context-use audit rows Leyra may use for personalisation. Memory can be paused or resumed, and data export/delete controls remain available from the same account area.

Ask Leyra

Guided reflections and memory consent

Ask Leyra stores the question, generated answer, the question, answer, safety decision and reading-support details so you can review private reflections and so Leyra can audit safety. When memory is paused, Leyra should not use active themes, remembered check-ins or reading memory for the answer. If you explicitly ask to remember a reflection, Leyra creates a memory candidate for you to review rather than silently adding hidden memory.

WhatsApp prototype

WhatsApp Ask Leyra gate and inbound storage

Before live WhatsApp use, Leyra treats WhatsApp as a gated inbound Ask Leyra prototype. Inbound test messages may be stored with hashed phone/WhatsApp identifiers, message text, command status, safety-review scores and admin-only response previews. Live outbound WhatsApp sending remains disabled until the policy, privacy, retention and STOP/DELETE MEMORY checks are complete.

WhatsApp safety queue and command audit

When WhatsApp testing is enabled, Leyra may store private request records and admin preview decisions so STOP, START, HELP, STATUS, PRIVACY and DELETE MEMORY requests can be checked before any live pilot. These records are private account or contact records and are not used for public share cards.

WhatsApp waitlist

WhatsApp pilot sign-ups

If you join the WhatsApp pilot waitlist, Leyra stores the email address you submit and the page context needed to process the request inside the feedback/admin inbox. This does not enable live WhatsApp replies, and it does not give WhatsApp-derived memory permission.