Privacy Policy
Last updated: 2026-05-06
Plain summary
aura is an AI dating coach. You upload screenshots or paste text from your dating conversations; our AI reads what’s there and gives you intelligence, reply suggestions, and a Rizz Score. We treat that content like healthcare data. Active subscribers’ chat content is encrypted at rest until you delete your account; people without an active subscription or trial don’t accumulate persistent chat content. We never sell your data, never use it to train AI models, and never log chat content.
Who runs aura
“aura”, “we”, “us” refers to the operator of the aura app and the tryaura.dating website. The operator is the data controller for the personal data described below. For privacy questions, write to privacy@tryaura.dating.
What aura does with your data
We process the data below to operate the app, generate reply suggestions, prevent abuse, comply with our legal obligations, and improve product quality. We do not sell or share personal information for cross-context behavioural advertising.
Data we collect
| Data | Why we have it | Retention |
|---|---|---|
| Email address | Authentication (magic-link OTP) | Until account deletion |
| Chat screenshots and pasted text | AI analysis and reply generation | Active subscribers and users in their free trial: encrypted at rest until you delete your account. People without an active subscription or trial: any chat content is auto-deleted within 24 hours. |
| Reply session history (last incoming message + generated suggestions) | Outcome tracking and Rizz Score | Until account deletion (both states) |
| Intelligence observations (interest level, coaching prose, trend headlines) | The Timeline tab and the Rizz Score history | Until account deletion |
| Bio analyses (rewritten bio, score, “what’s working/hurting” notes) | The Bio Optimiser. The original bio text is not stored — only the rewritten output and short structured notes. | Until account deletion |
| Voice tag, dating DNA, optional leaderboard display name | Personalising replies; the leaderboard if you opt in | Until account deletion |
| Wins, Battles, battle votes | The community tabs. Wins are anonymous by default. Approved wins are publicly visible inside the app. | Until you delete the entry or your account |
| Age confirmation flag and timestamp | Regulatory requirement before NSFW content is unlocked | Until account deletion |
| Subscription status (RevenueCat customer ID, entitlement, store receipts) | Verifying paid features server-side | Until account deletion |
| Device push token | Push notifications via OneSignal | Until account deletion or push opt-out |
| Image policy-violation log (image_strikes) | Abuse prevention. 3 lifetime strikes freezes uploads on the account. | Until account deletion |
| Operator audit log (admin actions) | Security incident response and dispute investigation | 18 months, then truncated |
| Rate-limit counters and hashed IP buckets | Abuse and DoS prevention. We hash the IP with a salt before storing. | Rolling windows of 1 minute / 1 day; the raw IP is never stored |
| Product analytics events (PostHog) | Product quality. Events are schema-validated client-side and never carry chat content, reply text, bio text, names, phone numbers, or message bodies. | Anonymised; configured per PostHog defaults |
| Waitlist email (web only) | Letting you know when aura opens to the public | Until you ask us to remove it, or until launch |
| Creator program application (full name, email, country, date of birth, social handles, follower total, portfolio URL, “why aura” statement) | Reviewing applications to the trial-batch creator program at /creators. Date of birth is used to enforce the 18+ eligibility check. | Until you withdraw your application or 24 months after a final decision, whichever comes first |
Where your data lives
Database, authentication, and image storage run on Supabase, hosted on Amazon Web Services in the US East region (Virginia). Edge functions run on Supabase’s Deno runtime in the same region. If you access aura from outside the United States, your personal data is transferred to and processed in the United States. Where required for transfers from the EEA, UK, or Switzerland, we rely on the European Commission’s Standard Contractual Clauses with our processors.
Third-party processors
- Supabase— Postgres database, authentication, file storage, edge functions. Hosted on AWS US East.
- Anthropic— Claude Sonnet 4.6 for text analysis and reply generation, and Claude vision for reading the conversation out of your screenshots. Anthropic does not use API inputs to train its models per our zero-retention API agreement.
- OpenAI —
omni-moderation-latestscans every uploaded image for sexual, violent, or illegal content before it lands in storage. OpenAI is also a soft fallback for text analysis if Anthropic is unavailable. OpenAI does not use API inputs to train its models per our API agreement. - RevenueCat— subscription state, receipts, server-side entitlement verification.
- OneSignal— push notifications. Push payloads contain UI hints (e.g. “your streak is at risk”), not chat content.
- PostHog— anonymised product analytics. We self-host the PostHog ingestion path and never send PII or chat content.
- Brevo and Slack— we forward waitlist emails to Brevo for transactional follow-ups and to a private Slack channel so the founder sees signups in real time.
- Vercel — hosts the marketing site at tryaura.dating, including this page.
How we protect your data
- Persistent chat content for paid users is encrypted at rest with column-level
pgcryptoencryption; the key lives in Supabase Vault and is never written to logs or migrations. - Free-state (non-subscribed, non-trial) chat content is auto-deleted within 24 hours.
- Every uploaded screenshot passes through a server-side moderation pipeline before it reaches storage: MIME sniffing against the declared file type, then OpenAI’s image moderation classifier for sexual / violent / illegal content. Hash-matching against known CSAM databases via a third-party provider (PhotoDNA-equivalent) is a post-launch addition; until that vendor is contracted, the OpenAI classifier is the in-flight check. Images that fail any check are deleted from storage immediately, the attempt is logged, and three lifetime violations freeze further uploads on the account.
- All images are stored in private Supabase Storage buckets. Reads use signed URLs that expire within 5 minutes.
- Session tokens are stored in the device secure enclave (Expo SecureStore) — never in plain storage or cookies.
- Personally identifiable information (phone numbers, emails, street addresses, names of people other than you, URLs) is replaced with tagged placeholders before any chat content is sent to an AI provider. The original mapping stays on your device.
- The mobile app strips EXIF and GPS data from images on the device before upload; the upload screen also blocks screenshots and screen recordings while it is open.
- Rate limits are applied per-user and per-IP at every write endpoint (default 30 requests/minute, 500/day per user; higher for read paths). Raw IP addresses are hashed with a server-side salt before they become rate-limit keys.
Third parties in your screenshots
Most screenshots you upload include a person you are talking to who has not consented to our processing. We mitigate this by:
- Redacting their name, phone number, email, and any URLs before any chat content is sent to an AI provider.
- Never indexing or making chat content searchable by a third party’s identifier.
- Holding non-subscriber chat content for at most 24 hours.
- Refusing uploads of content depicting minors, refusing to generate sexual content involving minors under any circumstance, and removing and reporting any such content if it surfaces.
If you are the person on the other side of one of these conversations and you want us to delete what we hold about you, write to privacy@tryaura.datingwith enough detail to identify the conversation (e.g. the platform, a date range, and a phone number or handle); we will locate and delete the matching content.
Legal bases (for users in the EEA, UK, and Switzerland)
- Performance of a contract— processing your uploads to generate reply suggestions and run the app you signed up for.
- Legitimate interests— abuse prevention (moderation, rate limits, strikes), security incident response, and basic product analytics. We’ve weighed these against your rights and use the minimum data needed.
- Consent— NSFW reply suggestions (you confirm you are 18+), push notifications (you opt in on the device prompt), and the optional public leaderboard (off by default).
- Legal obligation— age verification before NSFW features, retention of moderation records for incident response.
Your rights
You can exercise the following rights at any time from the Profile tab in the app. Where the app surfaces a button, that button is the fastest path; otherwise email privacy@tryaura.dating.
- Access and portability— export all data we hold about you as JSON via “Export your data”. Image attachments are included as time-limited signed URLs you can download.
- Erasure— “Delete account” irreversibly wipes your profile, chat history, uploaded images, RevenueCat subscriber record, OneSignal device, and Supabase auth user.
- Rectification— correct your profile fields in the Profile tab; for everything else, email us.
- Restriction and objection— you can stop uploading at any time, opt out of analytics by contacting us, or revoke push permission in your device settings.
- Withdraw consent— turn off NSFW in settings, opt out of the leaderboard, or disable push notifications.
- Lodge a complaint— if you are in the EEA, UK, or Switzerland you have the right to complain to your local data protection authority. We’d prefer you write to us first so we can fix it.
Notice for residents of California and other US states
If you are a California resident, the California Consumer Privacy Act (CCPA / CPRA) gives you specific rights: to know what personal information we collect and how we use it, to delete it, to correct inaccuracies, and to limit our use of sensitive personal information. Similar rights apply in Colorado, Connecticut, Virginia, Utah, Texas, Oregon, and other US states with comprehensive privacy laws.
We treat the chat content you upload as sensitive personal information. We do not sell personal information, we do not share personal information for cross-context behavioural advertising, and we do not use sensitive personal information for any purpose beyond providing the service you asked for. To exercise any of these rights, email privacy@tryaura.dating. We will not discriminate against you for doing so.
Children
aura is rated 17+ and is not directed to children under 13 (or under 16 in jurisdictions where that is the threshold). We do not knowingly collect personal information from children. NSFW reply suggestions are gated behind both a paid subscription and a separate confirmation that you are 18 or older. If you believe a child has provided us with personal information, contact privacy@tryaura.dating and we will delete it.
Cookies and tracking on the website
The tryaura.dating marketing site uses Vercel Analytics, which counts page views and Core Web Vitals without cookies and without tracking you across other sites. The mobile app does not use web cookies.
Data protection contact
aura is operated by an independent founder. We are not currently required by law to appoint a Data Protection Officer, and we have not appointed one. The contact point for any privacy enquiry, subject access request, or breach notification is privacy@tryaura.dating; the operator handles these personally. If you are a regulator and need a postal contact, write to that address and we will respond with one.
We have not yet appointed an EU representative under GDPR Article 27. If you are an EEA, UK, or Swiss resident, you can contact us directly at the address above; we will respond in English. You also have the right to lodge a complaint with your local supervisory authority.
Data breaches
If a personal data breach affects your information, we will notify the relevant supervisory authority within 72 hours of becoming aware of it (GDPR Article 33) and notify you directly without undue delay if the breach is likely to result in a high risk to you (GDPR Article 34). Notifications are sent to the email address on file.
Changes to this policy
We will notify users of material changes via in-app notification and update the “Last updated” date above. Continued use after an update means you accept the revised policy.
Contact
For privacy inquiries: privacy@tryaura.dating
For security issues: security@tryaura.dating