privacy policy.

Last updated: February 1, 2026

At OpenAura, your privacy is not just a feature — it's a fundamental principle. This Privacy Policy explains how we collect, use, and protect your personal information when you use the OpenAura application and services (the "Service").

1. Information We Collect

Information you provide

• Account information: Email address, password (hashed), and display name when you create an account
• Payment information: Processed securely through Stripe. We do not store your full credit card number
• Messages: The content of your conversations with AI personalities on the platform
• Creator content: Personality data, knowledge bases, and preferences provided by Creators

Information collected automatically

• Device information: Device type, operating system, and app version
• Usage data: Features used, session duration, and crash reports
• IP address: Used for security purposes and approximate location

2. How We Use Your Information

We use your information to:

• Provide and operate the Service
• Process payments and manage your account
• Improve and personalize your experience
• Ensure safety and enforce our community guidelines
• Communicate with you about the Service
• Comply with legal obligations

3. What We Do NOT Do

We believe in earning your trust. Here's what we will never do:

• We do not sell your data. Not to advertisers, not to data brokers, not to anyone.
• We do not run ads. Our business model is based on the value of conversations, not your attention.
• We do not track you across apps or websites. No cross-platform tracking. No fingerprinting.
• We do not use your conversations to train AI for other purposes. Your messages are used solely to provide the Service.
• We do not share your conversations with Creators. Creators cannot read individual user conversations.

4. Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS) and at rest, secure authentication through Supabase, and regular security audits. Access to user data is strictly limited to authorized personnel who need it to operate the Service.

5. Data Retention

We retain your account information for as long as your account is active. Conversation history is retained to provide conversation continuity. You can delete your account and all associated data at any time through the app settings. Upon account deletion, your data is permanently removed within 30 days.

6. Third-Party Services

We use the following third-party services:

• Supabase: Authentication and database hosting
• Stripe: Payment processing
• AI providers: Language model APIs for generating AI personality responses

Each third-party service has its own privacy policy governing how they handle data. We only share the minimum data necessary with these services.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access, correct, or delete your personal data
• Object to or restrict certain processing of your data
• Export your data in a portable format
• Withdraw consent for optional data processing

To exercise any of these rights, contact us at privacy@openaura.app.

8. Children's Privacy

OpenAura is not intended for users under the age of 17. We do not knowingly collect personal information from children. If we learn that we have collected data from a child under 17, we will delete it promptly.

9. International Data Transfers

Your data may be processed in countries other than your own. We ensure appropriate safeguards are in place for all international data transfers in compliance with applicable data protection laws.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes through the Service or by email. The "Last updated" date at the top indicates the most recent revision.

11. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, contact us at privacy@openaura.app.