Privacy Policy

At Aura AI, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, applications, and services (collectively, the "Service"). Please read this policy carefully.

1. Information We Collect

1.1 Information You Provide

We collect information that you voluntarily provide when using our Service:

Data Type	Examples	Purpose
Account Information	Email address, name, password	Account creation and authentication
Profile Information	Display name, profile picture (if provided)	Personalize your experience
Payment Information	Billing details (processed by LemonSqueezy)	Process subscriptions and purchases
Content Data	Images, prompts, generated videos	Provide AI generation services
Communications	Support emails, feedback, chat messages	Customer support and service improvement

1.2 Information Collected Automatically

When you access our Service, we automatically collect certain information:

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Data: Pages visited, features used, time spent, click patterns
• Technical Data: Error logs, performance metrics, API usage
• Cookies: Session cookies, preference cookies, analytics cookies
• Location Data: Approximate location based on IP address

1.3 Information from Third-Party Services

When you authenticate using third-party services:

• Google OAuth: Email address, profile name, profile picture
• Firebase: Authentication state, user identifiers
• LemonSqueezy: Payment status, subscription details

2. How We Use Your Information

2.1 Primary Uses

We use your information to:

• Provide Services: Process AI generation requests, manage your account
• Process Payments: Handle subscriptions and power-up purchases
• Communicate: Send service updates, respond to inquiries, provide support
• Improve Services: Analyze usage patterns, fix bugs, develop new features
• Security: Detect fraud, prevent abuse, protect user accounts
• Legal Compliance: Comply with laws, regulations, and legal requests

2.2 Marketing Communications

With your consent, we may send:

• Product updates and new feature announcements
• Tips and tutorials for using Aura AI
• Special offers and promotions
• User surveys and feedback requests

You can opt out of marketing emails at any time using the unsubscribe link in each email.

3. How We Share Your Information

3.1 Service Providers

We share data with trusted third-party providers who help us operate our Service:

3.2 Business Transfers

If Aura AI is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your data becomes subject to a different privacy policy.

3.3 Legal Requirements

We may disclose your information if required to:

• Comply with legal obligations or court orders
• Enforce our Terms of Service
• Protect rights, property, or safety of Aura AI, users, or the public
• Investigate fraud or security issues

3.4 With Your Consent

We may share information with other parties when you explicitly consent to such sharing.

4. Data Retention

4.1 Active Accounts

We retain your data while your account is active and for as long as needed to provide services.

4.2 Deleted Accounts

When you delete your account:

• Personal information is deleted within 30 days
• Generated content is removed from our servers
• Backup copies may persist for up to 90 days
• Anonymous usage data may be retained for analytics

4.3 Legal Requirements

Some data may be retained longer if required by law, including:

• Transaction records: 7 years (tax and accounting requirements)
• Communication logs: Up to 2 years (dispute resolution)
• Security logs: Up to 1 year (fraud prevention)

5. Data Security

We implement industry-standard security measures to protect your information:

5.1 Technical Safeguards

• Encryption: Data in transit uses TLS/SSL encryption
• Authentication: Secure password hashing, OAuth integration
• Access Controls: Role-based access, least privilege principle
• Monitoring: Continuous security monitoring and logging
• Backups: Regular encrypted backups with secure storage

5.2 Organizational Safeguards

• Employee training on data protection
• Confidentiality agreements with staff and contractors
• Regular security audits and vulnerability assessments
• Incident response procedures

5.3 Your Responsibility

You can help protect your account by:

• Using a strong, unique password
• Not sharing your login credentials
• Logging out on shared devices
• Reporting suspicious activity immediately

6. Your Privacy Rights

6.1 Access and Portability

You have the right to:

• Access your personal data
• Request a copy of your data in a portable format
• Know what data we collect and how we use it

6.2 Correction and Update

You can:

• Update your account information at any time
• Correct inaccurate data
• Request corrections to data you cannot edit yourself

6.3 Deletion

You have the right to:

• Delete your account and associated data
• Request removal of specific data
• Withdraw consent for data processing

6.4 Objection and Restriction

You can:

• Object to certain data processing activities
• Restrict how we use your data
• Opt out of marketing communications

6.5 How to Exercise Your Rights

To exercise any of these rights, contact us at ivan@auraai.app. We will respond within 30 days.

7. Cookies and Tracking Technologies

7.1 Types of Cookies We Use

Cookie Type	Purpose	Duration
Essential Cookies	Authentication, security, basic functionality	Session / 1 year
Analytics Cookies	Understand how users interact with our Service	2 years
Preference Cookies	Remember your settings and preferences	1 year
Marketing Cookies	Deliver relevant ads (with consent)	90 days

7.2 Managing Cookies

You can control cookies through:

• Our cookie consent banner (appears on first visit)
• Browser settings (block or delete cookies)
• Opt-out tools for analytics and advertising

Note: Disabling essential cookies may affect Service functionality.

8. Children's Privacy

Aura AI is not intended for users under 18 years old. We do not knowingly collect personal information from children. If you are between 13-18, you may use our Service only with parental consent.

If we discover we have collected data from a child under 13, we will delete it immediately. Parents who believe we may have collected information from their child should contact us at ivan@auraai.app.

9. International Data Transfers

9.1 Where We Store Data

Your data may be processed and stored in:

• United States (primary servers)
• European Union (GDPR-compliant storage)
• Other countries where our service providers operate

9.2 Data Protection Standards

When transferring data internationally, we ensure adequate protection through:

• Standard Contractual Clauses (EU Commission approved)
• Privacy Shield frameworks (where applicable)
• Service provider agreements with privacy commitments

10. Third-Party Links and Services

Our Service may contain links to third-party websites and integrate with external services. This Privacy Policy does not apply to those third parties.

We recommend reviewing the privacy policies of any third-party services you use. We are not responsible for their privacy practices.

11. AI-Generated Content

11.1 Content You Upload

• Images you upload are processed by AI models to generate videos
• Uploaded content is stored temporarily during processing
• We do not use your uploaded images to train AI models
• Content is deleted after generation unless saved in your account

11.2 Generated Content

• You own the rights to content you generate
• Generated content is stored in your account until you delete it
• We may use anonymous, aggregated data to improve our models
• We do not claim ownership of your generated content

11.3 Prompts and Text Inputs

• Text prompts are processed to generate images and videos
• Prompts may be analyzed to improve AI accuracy
• We do not share your prompts with third parties

12. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

• Right to Know: What personal information we collect and how we use it
• Right to Delete: Request deletion of your personal information
• Right to Opt-Out: Opt out of the "sale" of personal information (we do not sell data)
• Right to Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise these rights, contact us at ivan@auraai.app.

13. European Privacy Rights (GDPR)

If you are in the European Economic Area (EEA), you have rights under the General Data Protection Regulation:

• Legal Basis: We process your data based on consent, contract, or legitimate interests
• Data Protection Officer: Contact our DPO at ivan@auraai.app
• Supervisory Authority: You may lodge a complaint with your local data protection authority
• Cross-Border Transfers: Protected by Standard Contractual Clauses

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be effective when posted on this page with an updated "Last Updated" date.

For material changes, we will:

• Send email notification to registered users
• Display a prominent notice on our website
• Request renewed consent where required by law

Continued use of the Service after changes constitutes acceptance of the updated policy.

15. Data Breach Notification

In the unlikely event of a data breach affecting your personal information, we will:

• Notify affected users within 72 hours of discovery
• Inform relevant supervisory authorities as required by law
• Provide details about the breach and steps taken
• Offer guidance on protecting your account

16. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature. Currently, there is no industry standard for responding to DNT signals. We do not respond to DNT signals at this time, but we provide cookie controls and opt-out options as described above.

© 2025 Aura AI. All rights reserved.