Privacy Policy

Last updated: November 29, 2025

Introduction

Welcome to Aura. We respect your privacy and are committed to protecting your personal data. This privacy policy will inform you about how we handle your personal data, your privacy rights, and how the law protects you.

Information We Collect

We collect and process the following types of information:

  • **Account Information**: Name, email address, and password when you create an account
  • **Financial Data**: Transaction records, income, expenses, savings, and investment information that you input into the app
  • **Usage Data**: Information about how you use our application, including features accessed and time spent
  • **Device Information**: IP address, browser type, operating system, and device identifiers

How We Use Your Information

We use your personal data for the following purposes:

  • **Service Provision**: To provide and maintain our financial management services
  • **AI Features**: To power AI-driven insights, categorization, and personalized recommendations
  • **Account Management**: To manage your account and provide customer support
  • **Communication**: To send you updates, security alerts, and support messages
  • **Improvement**: To analyze usage patterns and improve our services
  • **Security**: To detect, prevent, and address technical issues and security threats

Data Security

We implement industry-standard security measures to protect your data:

  • **Encryption**: All data is encrypted in transit using SSL/TLS and at rest using AES-256 encryption
  • **Access Control**: Strict access controls ensure only authorized personnel can access your data
  • **Regular Audits**: We conduct regular security audits and vulnerability assessments
  • **Secure Infrastructure**: Our servers are hosted in secure data centers with 24/7 monitoring

Payment Processing - Polar

Polar acts as our Merchant of Record for all payment transactions. When you make a purchase:

  • **Direct Contract**: You enter into a contract with Polar, not directly with Aura
  • **Payment Data**: Polar collects and processes your payment information via Stripe, including name, billing address, email, and credit card details
  • **Data Storage**: We never store or have access to your credit card information - Polar and Stripe handle all payment data securely
  • **PCI Compliance**: Polar uses Stripe which is PCI DSS compliant and maintains industry-standard security for payment processing
  • **Data Sharing**: Polar shares necessary order information with us (name, email, purchase details) to fulfill your order and provide product support
  • **Legitimate Interest**: Data sharing is based on legitimate business interest for order fulfillment, not marketing purposes unless you explicitly consent
  • **Polar's Privacy Policy**: For detailed information about how Polar handles your payment data, visit polar.sh/legal/privacy

Data Sharing and Third Parties

We do not sell your personal data. We may share your information only in the following circumstances:

  • **Payment Processor (Polar)**: Acts as Merchant of Record and processes all payments, billing, and refunds via Stripe
  • **Service Providers**: With trusted third-party service providers who assist in operating our platform (cloud hosting, AI services)
  • **Legal Requirements**: When required by law, court order, or government regulation
  • **Business Transfers**: In the event of a merger, acquisition, or sale of assets
  • **With Your Consent**: When you explicitly authorize us to share your information

Your Privacy Rights

You have the following rights regarding your personal data:

  • **Access**: Request a copy of your personal data
  • **Correction**: Request correction of inaccurate or incomplete data
  • **Deletion**: Request deletion of your personal data (right to be forgotten)
  • **Portability**: Request transfer of your data to another service
  • **Objection**: Object to processing of your personal data
  • **Withdrawal**: Withdraw consent at any time where we rely on consent

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this privacy policy. When you delete your account, we will permanently delete your data within 30 days, except where we are required to retain it for legal or regulatory purposes.

Cookies and Tracking

We use cookies and similar tracking technologies to enhance your experience. You can control cookie settings through your browser preferences. Essential cookies are required for the application to function properly.

Children's Privacy

Our services are not intended for users under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the 'Last Updated' date. We encourage you to review this policy periodically.

Contact Us

If you have any questions about this privacy policy or our data practices, please contact us at:

support@withaura.app