Privacy Policy
Aurae (“Aurae,” “we,” “us”) is a companion app that remembers what you tell it and reflects patterns back to you over time. This policy explains what we collect, why, and what control you have over it. We’ve tried to write it in plain language rather than only legal boilerplate.
Aurae is not a medical device, a crisis service, or a substitute for therapy or professional mental health care. If you are in crisis or thinking about harming yourself, please contact a crisis line or emergency services in your area.
What we collect
Information you provide directly
- Account information.Your email address (via Sign in with Apple or a magic-link email sign-in) and, if you choose to add it, your birth date, birth time, and birth place — used only to compute astrological chart context that shapes Aurae’s tone, and never presented to you as evidence for anything Aurae says.
- Conversation content.The messages you send Aurae, and Aurae’s replies. This is the core of the product — Aurae remembers specific things you’ve told it so it can refer back to them later, notice patterns across conversations, and occasionally reflect a pattern back to you once there’s real, repeated evidence for it.
- Preferences. Your chosen accent color, appearance (light/dark/system), and language.
Information we derive from your conversations
To make Aurae’s memory and Insights features work, we process your conversation content into structured data, including:
- Specific facts you’ve stated, each tied to the exact words you used (we don’t invent or paraphrase facts as if they were things you said).
- Recurring patterns, interests, goals, decisions, and values that come up more than once over time.
- Named people you mention and specific things you’ve said about them.
- Broad communication-style and disposition signals (e.g. whether you tend to prefer short or detailed replies), and general emotional-tone trends over time.
- Occasional generated summaries: weekly reflections and, rarely, a longer “finale” reflection once a pattern has enough independent, real evidence behind it.
None of this is used to diagnose, label, or categorize you clinically — Aurae is deliberately built to avoid personality-type labels or clinical-sounding language.
Information we collect automatically
- Device push token, only if you enable notifications — used solely to occasionally let you know Aurae has noticed something worth telling you. This is deliberately rare; we do not send generic “just checking in” notifications, and the notification itself never contains the content of what Aurae noticed.
- Basic technical data needed to operate the service securely (e.g. authentication tokens, request timestamps).
Subscription information
If you subscribe, purchases are handled entirely by Apple through the App Store and StoreKit. We receive a signed transaction confirming your entitlement status — we never receive or store your payment card details, which Apple keeps entirely on its own systems.
How we use your information
- To generate Aurae’s responses to you, informed by what you’ve told it before.
- To power Insights and Journal — the patterns, milestones, and reflections Aurae surfaces back to you.
- To detect and respond to messages that indicate you may be in crisis or acute distress (see “Crisis and safety detection” below).
- To operate, maintain, and secure the service, and to fix problems when something breaks.
- We do not sell your data. We do not use your conversation content for advertising, and Aurae does not use any third-party advertising or ad-tracking framework.
Crisis and safety detection
Every message you send is checked, automatically, for language that may indicate a mental health crisis — first by a fast keyword check, and, if that finds nothing, by a secondary, more careful automated check. This is fully automated: no one reviews your conversations in real time, and detection does not involve a human moderator reading your messages as they happen. If a message is flagged, Aurae responds with a fixed, pre-written message pointing you toward real crisis resources, and a private, internal record is kept (which conversation triggered it, and at what severity) so this system can be reviewed and improved over time. This internal safety record is deleted along with the rest of your data if you delete your account.
Who we share information with
- AI providers (Anthropic, OpenAI).Your conversation content is sent to these providers’ APIs to generate Aurae’s replies and to power language-understanding features. Under their standard commercial API terms, these providers do not use API data to train their models. We do not have a broader data-sharing relationship with them beyond processing your requests.
- Supabase. Our database, authentication, and file-storage provider, which stores your account and conversation data on our behalf.
- Apple.Handles sign-in (Sign in with Apple) and subscription purchases; Apple’s own privacy policy governs what it does with that information.
- We do not sell, rent, or otherwise share your personal information with data brokers or advertisers.
Your control over your data
You can, at any time, from within the app:
- Turn memory off. A single toggle in Profile controls whether Aurae keeps remembering what you tell it going forward.
- Browse and delete individual memories. Every specific fact Aurae has stored is visible and individually deletable.
- Export everything. Request a complete copy of your data as a downloadable file.
- Delete your account entirely.This is a genuine, permanent, hard delete — not a soft “deactivation.” It removes your account and every table of data associated with it in one operation, including the safety records described above.
Deleting a specific memory does not rewrite anything Aurae has already said to you in past conversation history — it only affects what Aurae can draw on going forward.
Data retention
We keep your data for as long as your account is active, or until you delete a specific piece of it or your account entirely. There is no anonymous, un-consented retention: if you sign in but never actively engage with the app, your data is limited to what you’ve explicitly provided.
Children’s privacy
Aurae is not directed at, and is not intended for use by, children. We do not knowingly collect personal information from anyone under the age required by applicable law in their country (in the United States, 13; in the EU/UK, 16 unless local law sets it lower — Aurae’s own recommended minimum age is 17). If you believe a child has provided us with personal information, please contact us using the details below so we can delete it.
Your rights
Depending on where you live, you may have the right to access, correct, export, or delete your personal information, and to object to or restrict certain processing. The in-app export and delete tools described above are the fastest way to exercise most of these rights directly; you can also contact us using the details below for anything those tools don’t cover.
Changes to this policy
If we make a material change to this policy, we’ll update the “Last updated” date above and, where required, notify you directly.
Contact us
Questions about this policy or your data can be sent to support@joinaurae.com.