Aura Logo

Privacy Policy

Effective: [Month DD, 2025]

Entity: Sky Assistant LLC ("Aura", "we", "us")

Plain-English Summary

Privacy is our priority. Aura gives you a private, zero-judgment space to speak freely. We protect your information with encryption in transit and at rest, strict access controls, and audited processes.

Your conversations. By default, Aura stores your text conversations so Aura can remember context and support long-term growth. If you opt in to help improve Aura, we may use de-identified conversation text to make Aura smarter.

No voice storage by default. If you use voice, audio is processed to generate a response, then discarded—unless you explicitly enable a feature that saves recordings (e.g., voice notes).

You're in control. You can view, export, and delete your data. You can opt out of improvement sharing at any time.

Therapy vs. crisis. Aura supports wellness and therapy journeys, but is not an emergency service. If you're in danger or considering self-harm, contact local emergency services or a crisis hotline immediately.

Transparency. As we add features, this policy may change. We'll update the effective date and notify you of material changes.

Table of Contents

1. Scope

This Privacy Policy explains how Sky Assistant LLC collects, uses, discloses, and safeguards information when you use Aura, our websites, and related services (the "Services"). It also covers our AI assistant Aura, which powers in-app guidance and insights.

2. Information We Collect

A. Account & Identity

Name, email or phone, profile photo (optional), authentication tokens (e.g., Sign in with Google/Apple/Facebook).

B. Therapy & Wellness Content You Provide

Conversation text with Aura, journal entries, mood check-ins, goals, reflections, tasks/events you create, and any files you upload (e.g., documents or images supporting your journey).

C. Assessments & Program Data

Questionnaire responses, session notes you choose to save, progress metrics, and personalization settings.

D. Voice & Media

Voice input: processed to respond. By default, we do not store audio.

If you enable features that require storage (e.g., saved voice memos), we store those files until you delete them.

E. Device & Technical

Device model, OS/app versions, language, time zone, diagnostic logs, and privacy-respecting analytics to keep the app reliable.

F. Payments

If you purchase a subscription, we receive limited billing metadata from our payment processor (we don't store full card numbers).

G. Optional Improvement Data (Opt-In)

If you turn on Help improve Aura, we may use de-identified conversation text to improve features, models, and safety systems. We do not store voice audio for this purpose.

Sensitive information: Your wellness and therapy content may include mental-health data. Where required (e.g., in the EEA/UK), we process this only with your explicit consent and to provide the Services you request.

3. How We Use Information

  • Provide and personalize the Services (Aura's guidance, journaling, insights, recommendations, reminders, program progression).
  • Long-term growth features (recognize patterns over time, suggest exercises, and tailor your plan—only from data you choose to keep).
  • Reliability, safety, and integrity (debugging, preventing abuse/fraud, service quality).
  • Research & development (opt-in only) using de-identified conversation text to improve Aura.
  • Legal compliance and enforcement of our Terms.

We do not use your content for third-party targeted advertising, and we do not "sell" your personal information.

4. When We Share Information

We share data only as needed to run Aura:

  • Service providers/processors (cloud hosting, analytics, crash reporting, optional transcription). They are bound by contract to process data only on our instructions.
  • Clinicians or coaches (only if you explicitly use a therapist/coach feature). Data shared is limited to what's necessary for care. If a provider uses a connected health record, those records are managed by the provider's system and policies.
  • Integrations you authorize (e.g., calendar export).
  • Legal reasons if required by law or to protect rights, safety, or integrity.
  • Business transfers (e.g., merger or acquisition) with comparable protections.

5. Safety Disclosures

If we reasonably believe there is a risk of serious harm, we may review limited information and, where legally permitted, take steps to help keep you safe—such as providing crisis resources or contacting emergency services. We handle these situations with care and only when necessary.

6. Data Retention

  • Conversations, journals, and assessments: retained while your account is active, so features work; you can delete items individually or your account entirely.
  • Opt-in improvement data: retained in de-identified form; voice audio is not stored for improvement.
  • Voice files: only if you enable storage features; retained until you delete them.
  • Logs & analytics are kept for limited periods to ensure reliability and security.

We may retain certain records to comply with the law or resolve disputes.

7. Your Choices and Rights

  • Access & export your data.
  • Edit or delete conversations, journals, and files.
  • Opt out of improvement sharing at any time.
  • Manage permissions (microphone, photos, notifications) in your device settings.
  • Marketing preferences (unsubscribe from non-essential emails).

Region-Specific Rights

GDPR/UK GDPR: Legal bases include contract, consent (especially for mental-health data), legitimate interests (e.g., security), and legal obligation. You may have rights to access, rectify, delete, port, restrict, or object. You can withdraw consent anytime.

CCPA/CPRA and similar US state laws: We do not "sell" personal information. Where "sharing" (for cross-context behavioral advertising) could apply, you can opt out via in-app controls. You have the right to know, delete, correct, and limit certain uses of sensitive information.

8. Children's Privacy

Aura is not directed to children under 13 (or the minimum age in your region). We don't knowingly collect personal information from children. If you believe a child provided data, contact us to remove it.

9. Security

We use administrative, technical, and physical safeguards—encryption in transit and at rest, access controls, and monitoring. No method is 100% secure, but we continuously improve our protections.

10. International Data Transfers

We may process and store information in countries outside your own. When we transfer personal data internationally, we use appropriate safeguards (e.g., Standard Contractual Clauses), as required by law.

11. Third-Party Services

If you connect third-party services (e.g., sign-in providers, calendars), their privacy policies govern their use of your data.

12. Changes to This Policy

We may update this policy as our Services evolve. We'll post updates here and revise the Effective date. For material changes, we'll provide additional notice in-app. Continued use after the effective date means you accept the updated policy.

13. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact:

Sky Assistant LLC

Email: support@talkwithaura.com

Website: www.talkwithaura.com/support