.png)
Privacy Policy
1. Introduction
At AURA AI ("we," "us," or "our"), we take the protection of your personal data
seriously.
This privacy policy has been developed to ensure compliance with the General Data
Protection Regulation (GDPR) and other applicable data protection laws. It explains
how we collect, process, and store your data while providing the services of the
AURA AI ("the app"). Our goal is to ensure transparency regarding how your data is
used and to protect your privacy.
By using the AURA AI, you agree to the terms set forth in this statement. If you do
not agree with this policy, please do not use the app.
2. Data Controller
The responsible entity for processing personal data in accordance with the GDPR is:
● Name: Tim Kußler
● Address: c/o Block ServicesStuttgarter Str. 10670736 Fellbach
● Email: auraappcontact@gmail.com
If you have any questions about this privacy policy or how your personal data isprocessed, please contact us at the email address provided above.
3. Collected Data
We collect and process various types of personal data to effectively provide the app'sservices. This includes:
3.1. Uploaded Images
● Images uploaded by users for analysis are temporarily stored and processedvia Supabase and OpenAI APIs.
● These images are deleted immediately after processing and are not retainedlonger than technically necessary.
3.2. Usage Data
● Information on how users interact with the app, including accessed features,usage frequency, and other engagement metrics.
● Usage data is collected to understand user behavior and improve appperformance.
3.3. Device Data
● Technical details such as IP address, device type, operating system, and appversion.
● This data helps ensure compatibility, troubleshoot issues, and maintain appsecurity.
3.4. Payment Data
If users make payments within the app, we collect and process payment-relatedinformation via RevenueCat, including:
● Subscription details (e.g., subscription type, renewal period)
- Transaction details (e.g., payment amount, payment date)
● Billing information (e.g., name, email address)
RevenueCat serves as the payment processor for subscriptions and in-apppurchases. It processes payments securely and stores sensitive payment details(e.g., credit card numbers) in compliance with relevant security standards (e.g.,PCI-DSS).
We do not store sensitive payment information directly in the app. Payment data isretained only as long as necessary to process the subscription and manage useraccounts. Data related to subscription management may be retained for extendedperiods, e.g., for handling renewals and transaction history.Subscription Cancellation:
Users can cancel their subscription at any time via the App Store (for iOS users) byfollowing these steps:
1. Open the Settings app on your device.
2. Tap your name at the top.
3. Tap "Subscriptions."
4. Select the subscription you want to manage.
5. Tap "Cancel Subscription" to stop automatic renewal.
Please note that the cancellation will take effect at the end of the current billingperiod, and you will continue to have access to the subscribed service until then.
4. Purpose of Data Processing
We process your data exclusively for the following purposes:
● AI-driven services: To generate personalized AURA Lines and providecustomized insights using OpenAI APIs.
● Image analysis: To temporarily process uploaded images via Supabase.
● Subscription management: To manage, process, and maintain subscriptionsand payments via RevenueCat.
● App improvement: To enhance functionality, performance, and userexperience based on usage data, including feedback and interaction metrics.
● Legal compliance: To comply with applicable laws, including data protectionregulations.Your data will not be used for purposes other than those stated above unless youhave explicitly consented.
5. Third-Party Services
We use trusted third-party providers to deliver essential app functionalities. Theseinclude:
5.1. Supabase
● Purpose: Used for temporary processing of uploaded images.
● Compliance: Supabase meets GDPR requirements and provides secure dataprocessing within the European Union.
5.2. OpenAI
● Purpose: Used to generate AI responses, including Aura/Rizz Lines,questions, and insights based on user inputs.
● Data Deletion: User inputs and images are deleted immediately afterprocessing.
● Compliance: Data is processed according to EU Standard ContractualClauses (SCCs) to ensure GDPR compliance.
5.3. RevenueCat
● Purpose: Used for managing subscriptions and payment processing.
● Data Sharing: No sensitive personal data is shared with RevenueCat.
RevenueCat securely processes subscription details.We have carefully selected these providers to ensure that your data is processedsecurely and in compliance with GDPR standards.We store personal data only as long as necessary to fulfill the purposes mentioned inthis policy or as required by law. Specifically:● Uploaded images: Deleted immediately after processing.● Usage and device data: Retained as long as necessary for troubleshooting,analysis, or legal requirements.If you request the deletion of your data, we will comply unless legal retentionobligations exist.
6. Data Retention
We store personal data only as long as necessary to fulfill the purposes mentioned inthis policy or as required by law. Specifically:
● Uploaded images: Deleted immediately after processing.
● Usage and device data: Retained as long as necessary for troubleshooting, analysis, or legal requirements.
If you request the deletion of your data, we will comply unless legal retentionobligations exist.
7. Your Rights
Under GDPR, you have the following rights regarding your personal data:
7.1. Right of AccessY
ou may request a copy of the data we process about you.
7.2. Right to Rectification
You have the right to correct inaccurate or incomplete data.
7.3. Right to Erasure (Right to be Forgotten)
You may request the deletion of your data, subject to legal retention obligations.
7.4. Right to Restriction
You can request that we limit the processing of your data.
7.5. Right to Data Portability
You may request the transfer of your data to another provider in a structured,machine-readable format.
7.6. Right to ObjectYou can object to the processing of your data, particularly for analysis or marketingpurposes.
To exercise any of these rights, contact us at auraappcontact@gmail.com. We aim torespond to all requests within 14 days.
8. Liability for Third-Party Services
We use third-party services (Supabase, OpenAI, RevenueCat) to provide the app.While we strive to ensure uninterrupted service, we do not assume liability fortemporary outages, disruptions, or inaccuracies caused by these providers.
9. Security Measures
We implement technical and organizational measures to protect your personal datafrom unauthorized access, alteration, and destruction. This includes encryption,secure storage, and restricted access.
10. Changes to this Privacy Policy
We may update this privacy policy periodically to reflect changes in legalrequirements, third-party services, or app functionalities.Users are encouraged to review this privacy policy periodically to stay informed abouthow we protect their personal data.Significant changes to this privacy policy will be communicated to you vianotifications in the app or by email.
For questions or concerns regarding this privacy policy, please contact us at:
Email: auraappcontact@gmail.com