Welcome and thank you for visiting our website at https://auraframes.com/. At Aura, we understand how important your privacy is, which is why we take the protection of personal data very seriously. We process your data in accordance with the applicable laws and principles regarding personal data, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), when applicable.
This privacy notice (the “Privacy Notice”) describes how Aura collects, uses, and shares your personal data (i.e., information that personally identifies you, such as your name, phone number, email address or billing information, or other data that can be reasonably used to infer this information).
This Privacy Notice applies to your use of Aura websites, Aura mobile applications, Aura frames and other products, and all other digital and online services provided by Aura (collectively, the “Services”) and describes Aura’s privacy practices and procedures relating to the Services. This Privacy Notice does not apply to information collected by Aura offline, or to third-party websites, applications, or services.
Aura Home Inc. dba Aura Frames
50 Eldridge Street, Suite 5D
New York, NY 10002
If you have any comments or questions about how we collect and use your personal data, communication can be directed to our postal address, via email to email@example.com or by telephone to +1 (646) 630-7237.
We need to process your personal data to operate our organization and provide you with certain Services. Before accessing, using, or interacting with the Services you should carefully review the terms and conditions of this Privacy Notice. Your use of the Services is further governed by our Terms of Service located at https://auraframes.com/terms, which is also incorporated into your agreement with Aura by this reference.
By accepting our Privacy Notice and Terms of Service, you are confirming that you have read and understood these policies, including how and why we use your information. If you don’t want us to collect or process your personal data in the ways described in this Privacy Notice, you should not use the Services.
The Services are not directed to children under the age of 16. You may not use the Services if you are under the age of 16. If you are under the age of 16, you should not provide any information on our Services.
Aura collects information about you and your use of the Services through various means, including when you provide information to us and when we automatically collect information about you when you access, use, or interact with the Services. Such processing is performed to provide you with the Services. In some instances, you may be able to choose what information to provide, but sometimes we require certain information for you to use and for us to provide you the Services.
The data we process is determined by the context in question: For example, it may vary depending on whether you have downloaded and are using our mobile application, been invited to download and use the Aura mobile applications, integrated your Alexa® or Google® accounts or devices with the Services, submitted an inquiry to our customer service team, or sent us a job application.
We obtain the categories of personal data listed below from the following categories of sources:
When you download and use our mobile application, we collect and process the following data:
When you visit our website, we collect and process the following data:
When you use an Aura frame, we may collect and process the following data from sensors built into the frame. What we collect depends on the type of Aura frame you are using:
If you have been invited to download and use an Aura mobile application, regardless of whether you accept the invitation, we collect and process the following data:
When you send an inquiry, we collect and process the following data:
The types of information Aura may collect about you include:
We generally process the information you provide to us on the legal basis of Aura’s legitimate interests in performing the function or service you requested. Where appropriate, we may rely on alternate legal bases, such as your consent to certain types of processing.
The exact data we collect will depend on how you interact with us. Below we have listed the personal data that we may collect:
Photographs and Related Information: Aura Users may upload their photographs to Aura frames, the Aura mobile application, and other Aura Services by using the Aura mobile application. We ask for your consent to access your photos stored on your device when you first use the Aura mobile application. Once you’ve granted us this permission, we process your photographs on an ongoing basis. The Aura Services are designed to make it simple for you to select and upload your photos to your Aura frame. To make that possible, Aura securely uploads your photos to our servers so that you can instantly send them to any of your frames anywhere in the world with a single tap. The Aura mobile application also permits to organize your best photos into “smart” albums. By default, Aura uploads all photos from your photo library and sends them to your frames instantly.
To opt-out from these automatic uploads, new users should:
To opt-out from these automatic uploads, existing users should:
After completing this process, Aura will only upload to its servers those photos that you specifically selected to be displayed on your frame.
Aura also allows users to connect their Google Photos account to upload photographs from Google Photos to the Services.
Aura does not own your photos. Aura will never use your photos for any purpose other than providing you with the Services. Aura will never sell or publish any of your photos without your explicit permission and consent.
Aura uses photo-recognition software to improve our Services, efficiency, interest in Services for users and obtaining insights into usage patterns of our Services. Aura does not use photographs and associated photograph data to target advertising or other marketing to individuals.
When you use our mobile application we will collect metadata associated with the photographs, such as location data about where the photo was taken and the camera or device that took the photo. We may also analyze the photographs you upload to group the photos by like characteristics, including by grouping photographs that may contain images of the same individuals. We may also collect information related to how you use the Services, including actions you take in your account (like adding, positioning, viewing, and removing photos in the mobile application). We use this information to provide and improve our Services and develop new services and features.
“Aura Analog” Subscription: The “Aura Analog” program permits the participating US customers to receive up to 5 personalized analog prints per month for the duration of the subscription. To participate in the program, we will ask you to purchase the subscription and upload the selected photos through the Aura mobile app. The analog prints of your selected photos will include the photo credit, timestamp and location on the back. For “Aura Analog” Subscription related questions please contact us at firstname.lastname@example.org or +1 (646) 630-7237.
Account Registration: In order to use the Aura mobile application and upload photos to an Aura frame you must create an account. When you create an account, we collect your name, email, and information about your device, and we request your permission to access your photos.
Contact and Device Data: We collect name, phone number and email address when you fill out a contact form to send an inquiry. We also collect technical information on your device type, hardware, unique device identifiers, time zone settings, IP address, and operating system version, as well as analytics data about how a device uses the Services.
Correspondence Information: If you sign up for updates from Aura or email us, we may keep your message, email address, and contact information to respond to your requests, provide the requested products or Services, and to provide notifications or other correspondences to you.
If you do not want to receive communications from us in the future, please let us know by sending us an email requesting the same to email@example.com or by following the unsubscribe instructions found in any email we send. Please note requests to remove your email address from our lists may take some time to fulfill. We may also still contact you as needed to provide important announcements or notifications regarding the Services, including communications related to purchases or other transactions you make with us.
Support Information: You may provide information to us via a support request submitted through email or the Services. We will use this information to assist you with your support request and may maintain this information to assist you or other users with support requests. Please do not submit any information to us via a support submission, including confidential or sensitive information that you do not wish for Aura or our Service Providers to have access to or use in the future.
Form Information: We may use forms to request certain information from you on the Services, such as your contact information to assist with contacts or service requests. This information may include personal data.
We use automatic data collection and analytics technologies to collect aggregate and user-specific information about your equipment, patterns of use, communication data and the resources that you access and use on the Services, including your IP address, browsing, and navigation patterns. This information is used to improve our Services.
We generally process information collected automatically on the legal basis of Aura’s legitimate interests in assessing the use of its Services. Where appropriate, we may rely on alternate legal bases, such as your consent to certain types of processing.
Information we collect automatically through your use of the Services includes:
The technologies we use for this automatic data collection may include:
IP Addresses: We automatically collect the IP addresses of users of certain Services, such as website visitors, those that log in to the Services, and those who post messages to the communities and forums. We process this information on the basis of our legitimate interests in protecting the Services and providing the Services to you.
Location Information: Neither the Aura applications nor the Aura frames capture or record location data, but they are associated with connected Wi-Fi, IP address and Internet service provider information. Note that photos uploaded to the Services will frequently contain location-related metadata (including the GPS location where the photo was taken) and we may use that information to classify photos (for example, by grouping photos taken in a single location).
Unique Identifiers: When you use or access the Services, we may access, collect, monitor, store on your device, and/or remotely store one or more “Unique Identifiers,” such as a universally unique identifier (“UUID”). A Unique Identifier may remain on your device persistently, to help you log in faster and enhance your navigation through the Services. Some features of the Services may not function properly if use or availability of Unique Identifiers is impaired or disabled.
Analytics Information: We use data analytics to ensure site functionality and improve the Services. We use mobile analytics software to allow us to understand the functionality of the Services on your phone. This software may record information such as how often you use the Services, what happens within the Services, aggregated usage, performance data, app errors and debugging information, and where the Services were downloaded from. We do not link the information we store within the analytics software to any personally identifiable information that you submit within the mobile application.
Log File Information: When you use our Services, we may receive log file information such as your IP address, browser type, access times, domain names operating system, the referring web page(s), pages visited, location, your mobile carrier, device information (including device and application IDs), search terms, and cookie information. We receive log file data when you interact with our Services, for example, when you visit our website, sign in to our Services, or interact with our email notifications. Aura uses log file data to provide, understand, and improve our Services, and to customize the content we show you. Aura may link this log file to other information Aura collects about you via the Services.
Aura uses the information we receive about you for the purposes described in this Privacy Notice. We generally process personal data received about you through our Services on the legal basis of Aura’s legitimate interests in providing the Services and their functionality to you where such processing is necessary for the purposes of the legitimate interests pursued by Aura or by our Service Providers related to the Services. Where appropriate, we may rely on alternate legal bases, such as your consent to certain types of processing.
Aura will generally use your information in the following circumstances on the legal basis of legitimate interests to provide the Services requested:
Providing and Improving Our Services: We may use your information to improve and customize our Services, including sharing of your information for such purposes, and we do so as it is necessary to pursue our legitimate interests of improving our Services for our users. We may use your information to organize and catalogue your photos into categories using photo-recognition software. This usage is also necessary to enable us to pursue our legitimate interests in understanding how our Services are being used and to explore and unlock ways to develop and grow our business. It is also necessary to allow us to pursue our legitimate interests in improving our Services, efficiency, interest in Services for users and obtaining insights into usage patterns of our Services. We use your information to provide and improve the Services and our products, for billing and payments, for identification and authentication, for targeted online and offline marketing including through tools like Facebook Custom Audience and Google Customer Match, to contact users or interested parties, and for general research and aggregate reporting.
Keeping Our Services Safe And Secure: We may also use your information for safety and security purposes, including sharing of your information for such purposes, and we do so because it is necessary to pursue our legitimate interests in ensuring the security of our Services, including enhancing protection of our community against spam, harassment, intellectual property infringement, crime, and security risks of all kind.
Third-Party Advertisements: Aura may utilize the services of third-party advertising companies, including Google and others, to serve ads to you when you use other sites across the Internet, including to perform remarketing services. These third parties may collect information about your visits to certain pages of our Services and may use technology like cookies to store information about your use of the Services. The information collected may be reported back to us, and we may link this information to personal data we have collected about you. This information allows us to track which other websites have linked visitors to our Services, what pages of our Services are used by and are of interest to visitors, so we may provide better, more targeted advertising regarding our business and Services. More information about interest-based advertising and similar practices may be available at http://www.networkadvertising.org/consumer/opt_out.asp.
Our Legal Bases for Processing Personal Data: If European data protection law applies to the processing of your information, we process your information for the purposes described in this Privacy notice, based on the following legal grounds:
When we’re providing a product or service: We process your data to provide and support a product or service you’ve asked for under a contract, including but not limited to delivering our Terms of Service.
When we’re providing a product or service: We process your data to provide and support a product or service you’ve asked for under a contract, including but not limited to delivering our Terms of Service.
When we’re pursuing legitimate interests: We process your information for our legitimate interests and those of third parties while applying appropriate safeguards that protect your privacy. This means we process your information for things like:
We process your data when we have a legal obligation to do so, for example, if we’re responding to a legal process or an enforceable governmental request.
We ask for your consent to process your information for certain specific purposes and give you the right to withdraw that consent at any time.
When you access or use the Services, we collect, use, share, and otherwise process your personal data as described in this Privacy Notice. Aura will not share, sell, rent, or otherwise disclose your private personal data to third parties without your consent or as otherwise disclosed in this Privacy Notice.
Aura will share your information in the following circumstances on the legal basis of the legitimate interests of providing the requested Services:
Within Aura: We may share and process information internally within Aura and with our subsidiaries and affiliates. Aura’s personnel may have access to your information as needed to provide and operate the Services in the normal course of business. This includes information regarding your use and interaction with the Services.
Authorized Contributors Associated with your Aura Frame: If you are one of several contributors to an Aura frame, other contributors to that frame will be able to see your email address and the pictures you add to the shared frame.
Service Providers: Aura works with various organizations and individuals to help provide the Services to you (“Service Providers”), such as website and data-hosting companies and companies providing analytics information, like Google Analytics. Aura needs to engage such third-party Service Providers to help us operate, provide, and market the Services. These third parties have only limited access to your information and may use your information only to perform these tasks on our behalf. Information we share with our Service Providers may include both information you provide to us and information we collect about you, including personal data and information from data collection tools like cookies, web beacons, and log files.
Aura takes reasonable steps to ensure that our Service Providers are obligated to reasonably protect your information on Aura’s behalf. If Aura becomes aware that a Service Provider is using or disclosing information improperly, we will take commercially reasonable steps to end or correct such improper use or disclosure.
We share personal data with our Service Providers on the legal basis of Aura’s legitimate interests in providing you with the Services. Our engagement of Service Providers is often necessary for us to provide the Services to you, particularly where such companies play important roles like helping us keep our Services operating and secure. Aura will not share, sell, rent, or otherwise disclose your private personal data to third parties without your consent or as otherwise disclosed in this Privacy Notice.
Business Transactions: Aura may purchase other businesses or their assets, sell our business assets, or be involved in a bankruptcy, merger, acquisition, reorganization or sale of assets (a “Business Transactions”). Your information, including personal data, may be among assets sold or transferred as part of a Business Transaction. In some cases, Aura may choose to buy or sell assets. Such transactions may be necessary and in our legitimate interests, particularly our interest in making decisions that enable our organization to develop over the long term.
Safety and Lawful Requests: We may be required to disclose Services user information pursuant to lawful requests, such as subpoenas or court orders, or in compliance with applicable laws. We generally do not disclose user information unless we have a good faith belief that an information request by law enforcement or private litigants meets applicable legal standards. We may share your information when we believe it is necessary to comply with applicable laws, to protect our interests or property, to prevent fraud or other illegal activity perpetrated through the Services or using Aura name, or to protect the safety of any person. This may include sharing information with other companies, lawyers, agents, or government agencies. Nothing in this Privacy Notice is intended to limit any legal defenses or objections that you may have to a third party’s, including a government’s, request to disclose your information.
Aggregated Non-Personal Data: We may disclose aggregated, non-personal data received from providing the Services, including information that does not identify any individual, without restriction. Aura may share demographic information with business partners, but it will be aggregated and de-personalized so that personal data is not revealed.
Firstly we would like to inform you of your rights as an affected person. These rights are standardized in Articles 15 - 22 EU-GDPR. These cover:
To exercise these rights, please contact our Data Protection Officer at firstname.lastname@example.org. The same applies if you have any queries on data processing at our company. You also have the right to lodge a complaint directly with the Data Protection Supervisory Authority.
Please note the following in connection with your right to object:
If we process your personal data for the purpose of direct mail, you have the right to object to this form of data processing at any time without giving reasons. This also applies to profiling insofar as it is associated with direct mail.
If you object to data processing for direct marketing purposes, we will no longer process your personal data for these purposes. Exercising your right to object is free of charge and can be carried out informally, ideally via email to: email@example.com.
In the event that we process your data to protect legitimate interests, you may object to this type of processing at any time for reasons relating to your particular situation; this also applies to profiling based on these provisions.
We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds that outweigh your interests, rights, and freedoms, or the data processing is being used to assert, exercise or defend legal claims.
The California Consumer Privacy Act (CCPA) goes into effect January 1, 2020 and provides consumers (California residents) with specific rights regarding their personal data. This section describes your CCPA rights and explains how to exercise those rights.
You have the right to request that we disclose certain information to you about our collection and use of your personal data over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
You have the right to request that we delete any of your personal data that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request your personal data from our records unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our Service Provider(s) to:
If you are 16 years of age or older, you have the right to direct us to not sell your personal data at any time (the “right to opt-out”). We do not sell the personal data of consumers we actually know are less than 16 years of age, unless we receive affirmative authorization (the “right to opt-in”) from either the consumer who is between 13 and 16 years of age, or the parent or guardian of a consumer less than 13 years of age. Consumers who opt-in to personal data sales may opt-out of future sales at any time.
Once you make an opt-out request, we will wait at least twelve (12) months before asking you to reauthorize personal data sales.
You do not need to create an account with us to exercise your opt-out rights. We will only use personal data provided in an opt-out request to review and comply with the request.
We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not:
California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our website that are California residents to request certain information regarding our disclosure of personal data to third parties for their direct marketing purposes. To make such a request, please send an email to firstname.lastname@example.org.
Aura seeks to ensure all individuals are provided with the rights mandated by their governing jurisdiction. Not all of the rights discussed in this Privacy Notice will apply to each individual data subject and may not apply to you depending upon your jurisdiction.
You may benefit from a number of rights in relation to your information that we process. Some rights apply only in certain limited cases, depending on your location. If you would like to manage, change, limit, or delete your personal data, you can do so by contacting us. Upon request, Aura will provide you with information about whether we hold any of your personal data. In certain cases where we process your information, you may also have a right to restrict or limit the ways in which we use your personal data. In certain circumstances, you also have the right to request the deletion of your personal data, and to obtain a copy of your personal data in an easily accessible format.
If we process your information based on our legitimate interests as explained in this Privacy Notice, or in the public interest, you can object to this processing in certain circumstances. In such cases, we will cease processing your information unless we have compelling legitimate grounds to continue processing or where it is needed for legal reasons. Where we use your data for direct marketing purposes, you can always object using the unsubscribe link in such communications or changing your account settings.
Aura provides certain tools and settings within the Services to help you access, correct, delete, or modify your personal data associated with the Services. Aura welcomes you to contact us regarding the information we have collected about you, including regarding the nature and accuracy of the data that has been collected about you, to request an update, modification, or deletion of your information, to opt-out of certain Services uses of your information, or to withdraw any consent you may have granted to Aura.
Please note requests to delete or remove your information do not necessarily ensure complete or comprehensive removal of the content or information posted and removed information may persist in backup copies indefinitely. Please note that if you choose to delete your information or opt out of the collection and use of your information, you understand that certain features, including but not limited to access to the Services, may no longer be available to you.
Aura will retain your information only for as long as is necessary for the purposes set out in this Privacy Notice, for as long as an account is active, as described in this Privacy Notice, or as needed to provide the Services to you. Aura will retain and use your information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your information to comply with applicable tax/revenue laws), resolve disputes, enforce our agreements, and as otherwise described in this Privacy Notice. We also retain log files for internal analysis purposes. These log files are generally retained for a brief period of time, except in cases where they are used for site safety and security, to improve site functionality, or we are legally obligated to retain them for longer time periods. We may delete your personal data from our systems as part of a data retention plan.
Users may opt-out of receiving certain communications from Aura by following the unsubscribe process described in email communication, or by contacting us using the contact information provided above. However, please note you may not opt-out of certain Services-related communications, such as account verification, changes or updates to features of the Services, or technical and security notices.
Aura does not currently employ a process for automatically responding to “Do Not Track” (DNT) signals sent by web browsers, mobile devices, or other mechanisms. Per industry standards, third parties may be able to collect information, including personal data, about your online activities over time and across different websites or online services when you use Services. You may opt out of online behavioral ads at http://www.aboutads.info/choices/. You also may limit certain tracking by disabling cookies in your web browser.
The security of your personal data is important to us. Aura takes reasonable efforts to secure and protect the privacy, accuracy, and reliability of your information and to protect it from loss, misuse, unauthorized access, disclosure, alteration, and destruction. Aura implements security measures as we deem appropriate and consistent with industry standards. As no data security protocol is impenetrable, Aura cannot guarantee the security of our systems or databases, nor can we guarantee that personal data we collect about you will not be breached, intercepted, destroyed, accessed, or otherwise disclosed without authorization. Accordingly, any information you transfer to or from Services is provided at your own risk.
The United States, EEA Member States, and other countries all have different laws relating to privacy and data protection. When your information is moved from your home country to another country, the laws and rules that protect your personal data in the country to which your information is transferred may be different from those in the country in which you live. For example, the circumstances in which law enforcement can access personal data may vary from country to country. In particular, if your information is in the United States, it may be accessed by government authorities in accordance with U.S. law.
Please be advised information Aura collects about you via the Services may be transferred, processed and/or accessed by us in the United States, or another country where we, or our Service Providers operate. Please be aware that the privacy laws and standards in certain countries, including the rights of authorities to access your personal data, may differ from those that apply in the country in which you reside. If you are located outside the United States and choose to allow us to collect information about you, please be aware that Aura may transfer your personal data to the United States and process and store it there. We will transfer personal data only to those countries to which we are permitted by law to transfer personal data, and we will take steps to ensure that your personal data continues to enjoy appropriate protections.
You can choose whether or not you want to use the Services. However, if you want to use the Services, you need to agree to our Terms of Service, which set out the contract between Aura and the users of the Services. We cannot provide many of the Services without your agreement to this contract, and without moving your personal data to Aura entities and Service Providers in various jurisdictions. Therefore certain processing of your personal data is done on the legal basis of processing necessary for the performance of the contract between you, as a user of the Services, and Aura.
Despite Aura’s safety and privacy controls, we cannot guarantee the Services are entirely free of illegal, offensive, or otherwise inappropriate material, or that you will not encounter inappropriate or illegal conduct or content from other users when using the Services. You can help Aura by notifying us of any unwelcome contact or inappropriate content by contacting us at email@example.com.
Aura may modify this Privacy Notice from time to time. The most current version of this Privacy Notice will govern our use of your information and will be located at https://auraframes.com/privacy.
You may contact us to obtain prior versions. We will notify you of material changes to this policy by posting a notice at the Services or by emailing you at an email address associated with your account, if applicable, and provide an “at a glance” overview of any changes.
Updated July 2019