Privacy Policy

1. Information We Collect

When you use Aurysia Terminal, we collect the following types of information:

• — Account Information: Username, email address, phone number, country code, and country
• — Authentication Data: Hashed passwords, OTP verification records, MFA settings
• — Payment Information: Transaction IDs, plan history, and credit usage (payment card details are processed by Stripe and never stored on our servers)
• — Usage Data: Features accessed, queries made, credits consumed, and session timestamps
• — Technical Data: IP address, browser type, device information, and operating system

2. How We Use Your Information

We use collected information to:

• —Provide and maintain the Service
• —Process payments and manage your subscription
• —Send verification codes (OTP) and security alerts
• —Improve our platform and develop new features
• —Prevent fraud and enforce our Terms of Service
• —Communicate important updates about the Service

3. Payment Processing

Payments are processed through Stripe, a PCI DSS compliant payment gateway. Your phone number is shared with Stripe as required for order creation and payment verification. We do not store credit card numbers, CVVs, or other sensitive payment instrument details on our servers.

4. Data Sharing

We do not sell your personal information. We may share data with:

• — Payment Processors: Stripe, for processing transactions
• — Infrastructure Providers: Cloud hosting and CDN services necessary to operate the platform
• — Legal Requirements: When required by law, court order, or government regulation

5. Data Security

We implement industry-standard security measures including:

• —Passwords are hashed using bcrypt before storage
• —API key authentication for all service requests
• —HTTPS encryption for all data in transit
• —Webhook signature verification (HMAC-SHA256) for payment callbacks
• —Regular security audits and monitoring

6. Data Retention

We retain your account data for as long as your account is active. Upon account deletion, personal data is removed within 30 days, except where retention is required by law or for legitimate business purposes (e.g., transaction records for tax compliance).

7. Your Rights

You have the right to:

• —Access the personal data we hold about you
• —Request correction of inaccurate data
• —Request deletion of your account and associated data
• —Export your data in a machine-readable format
• —Withdraw consent for optional data processing

8. Cookies and Tracking

We use a session cookie (aurysia_session) to maintain your authenticated state. This is a functional cookie essential for the Service to operate. We do not use third-party tracking cookies or advertising trackers.

9. Children's Privacy

The Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. Continued use of the Service after changes constitutes acceptance of the updated policy.