Skip to main content
Aurora

Privacy Policy

Last updated: May 2, 2026

1. Information Collection

When you use Aurora, we collect and store the following information:

  • Account Information: Name, email address, and encrypted password when you create an account
  • Authentication Data: Email verification status, last sign-in timestamps, and authentication tokens
  • Payment Information: Stripe customer ID and subscription status (payment details are processed by Stripe and not stored by us)
  • Usage Data: Download history, product access, and promo code usage
  • Waitlist Information: If you join the waitlist, we collect name, email, Discord username, platform preference, and optional feedback
  • Technical Data: IP addresses and user agents for security, rate limiting, and fraud prevention
  • Analytics: Website usage statistics through Rybbit Analytics (privacy-focused, no cookies)

2. Use of Information

We use the collected information for the following purposes:

  • To create and manage your account and provide access to downloads
  • To process payments and manage subscriptions through Stripe
  • To send you important account-related emails (verification, password resets, security notifications)
  • To prevent fraud, abuse, and unauthorized access through rate limiting and IP tracking
  • To analyze website usage and improve our services (via privacy-focused analytics)
  • To manage waitlist entries and communicate about product availability
  • To comply with legal obligations and protect our rights

3. Data Storage and Security

We take data security seriously and implement the following measures:

  • Encrypted Storage: Passwords are hashed using bcrypt before storage
  • Secure Transmission: All data is transmitted over HTTPS/TLS encryption
  • Database Security: User data is stored in a secure PostgreSQL database with restricted access
  • Token Security: Email verification and password reset tokens are hashed and expire after a set time
  • Access Controls: Administrative access is restricted to authorized personnel only
  • Regular Updates: We keep our systems updated with security patches

While we implement security best practices, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security of your data.

4. Third-Party Services

We use the following third-party services that may process your data:

  • Stripe: Payment processing. Stripe handles payment card information according to their privacy policy. We only store your Stripe customer ID.
  • Zoho Mail: Email delivery service for account-related emails (verification, password resets, notifications)
  • Rybbit Analytics: Privacy-focused website analytics (no cookies, no personal data collection)
  • Discord: Optional integration for community features and notifications

These services have their own privacy policies. We recommend reviewing them to understand how they handle your data. We are not responsible for the privacy practices of third-party services.

5. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:

  • Service Providers: With trusted third-party services (Stripe, Zoho Mail) necessary to provide our services
  • Legal Requirements: When required by law, court order, or government regulation
  • Protection of Rights: To protect our rights, property, or safety, or that of our users
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice to users)
  • With Your Consent: When you explicitly authorize us to share your information

6. User Rights and Data Control

You have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Update or correct inaccurate information through your account settings
  • Deletion: Request deletion of your account and associated data (contact support@auroramediacenter.com)
  • Data Portability: Request your data in a portable format
  • Opt-Out: Unsubscribe from marketing emails (account-related emails cannot be opted out)
  • Account Management: Access and manage your account settings, products, and download history through your dashboard

To exercise these rights, contact us at support@auroramediacenter.com. We respond within the timelines required by applicable law, which is generally within 45 days, with an additional extension period where legally permitted and when reasonably necessary.

7. Notice at Collection (Categories, Purposes, Retention)

We collect personal information categories listed in this policy to provide account access, licensing, download delivery, support, fraud prevention, and service analytics.

  • Account and identity data (name, email, account settings): retained while your account is active and up to 24 months after closure for fraud prevention, account recovery, and legal obligations.
  • Authentication and security data (sign-in history, token records, rate-limit data, IP/user-agent logs): retained for security operations and incident response, generally 30 to 180 days depending on log type, and longer when required for investigations.
  • Payment and access data (Stripe customer references, entitlement status, transaction-linked records): retained for tax, accounting, fraud prevention, and dispute handling obligations, generally 7 years where required by law.
  • Usage and operations data (download history, promo usage, support-related activity): retained while the account is active and then for a limited period necessary to enforce terms, investigate abuse, and maintain records.
  • Waitlist submissions: retained until the waitlist cycle is completed, the request is fulfilled, or a deletion request is processed.
  • Marketing suppression data (unsubscribe records): retained as needed to honor opt-out preferences and prevent unintended re-subscription.

Where exact retention periods cannot be fixed in advance, we determine retention based on the nature of the data, legal obligations, security needs, and dispute-prevention requirements.

8. Regional Rights (GDPR, California, Texas and Other U.S. States)

Depending on your location and applicable law, you may have rights to access, delete, correct, and obtain a portable copy of your personal data. You may also have rights to opt out of certain data uses under applicable state law.

  • EU/EEA/UK (GDPR-equivalent rights): access, correction, deletion, restriction, portability, objection, and complaint rights.
  • California (CCPA/CPRA): right to know, delete, correct, and non-discrimination for exercising privacy rights.
  • Texas (TDPSA) and similar U.S. state laws: access, correction, deletion, portability, and appeal rights for denied requests.

9. Selling or Sharing of Personal Information

We do not sell personal information. We also do not share personal information for cross-context behavioral advertising. You can manage non-essential analytics preferences at Your Privacy Choices.

10. How to Exercise Rights and Appeals

You can submit a privacy request by emailing support@auroramediacenter.com with your request type and account email. Authenticated users may also submit account-related data requests through account support channels. We may verify your identity before fulfilling a request.

  • Request methods: support@auroramediacenter.com and authenticated account support channels.
  • Verification: we verify identity to protect account data and prevent unauthorized disclosure.
  • Response timing: we respond within applicable legal timelines, generally within 45 days, with extension where legally permitted.

If your request is denied and your jurisdiction provides appeal rights (including Texas), you may request an appeal by replying to our decision email within 30 days, or by emailing support@auroramediacenter.com with your original request details. We will review and respond within applicable legal timelines. If we deny your appeal where required by law, we will provide information on how to submit a complaint to the relevant regulator, including the Texas Attorney General for Texas residents.

11. Children's Privacy

Aurora is not intended for children under 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

12. International Users and Data Transfers

Aurora is operated from the United States. If you are located outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States where our servers and databases are located. By using our services, you consent to this transfer. We take appropriate measures to ensure your data is protected in accordance with this Privacy Policy regardless of where it is processed.

13. Privacy Policy Updates

We reserve the right to update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy in the Application and updating the "Last updated" date. Your continued use of the Application after any such changes constitutes your acceptance of the new Privacy Policy. We encourage you to review this Privacy Policy periodically for any changes.

14. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

This Privacy Policy is effective as of the date listed above and will remain in effect except with respect to any changes in its provisions in the future.