Privacy Policy

Information We Collect

We collect information in the following categories:

Information You Provide Directly

• Contact information — name, email address, phone number, and company name submitted via our contact form or consultation booking.
• Project details — descriptions, requirements, budget ranges, and timelines you share when requesting a project quote or brief.
• Payment information — when you make a payment via Razorpay, billing details are processed directly by Razorpay. We do not store card numbers or banking credentials on our servers.
• Communications — emails, messages, and feedback you send us through any channel including WhatsApp, email, or our contact form.

Information Collected Automatically

• Device and browser data — IP address, browser type and version, operating system, and device identifiers.
• Usage data — pages visited, time spent on pages, referral sources, click patterns, and navigation paths.
• Cookies and similar technologies — session data, preferences, and anonymous analytics identifiers (see Cookies section below).

Information From Third Parties

• Analytics platforms (Google Analytics) may provide aggregated demographic and interest data about our website visitors.
• If you connect via social media or OAuth services, we may receive basic profile information as permitted by those platforms.

Contact Form Data

When you submit our contact or project inquiry form, we collect your name, email address, phone number, company name, project type, budget range, and project description. This information is used exclusively to:

• Respond to your inquiry and provide a project assessment or quote
• Schedule consultation calls or meetings
• Communicate project details, timelines, and deliverables
• Send invoices or payment requests related to agreed services
• Follow up on submitted proposals (maximum 2 follow-up communications)

Contact form submissions are stored securely in our CRM system and are retained for a period of 24 months from the date of submission, or for the duration of an ongoing client relationship, whichever is longer. You may request deletion of your data at any time by contacting us.

Cookies & Tracking Technologies

Our website uses cookies — small text files stored on your device — to enhance your browsing experience and understand how visitors interact with our site.

Types of Cookies We Use

• Essential cookies — Required for the website to function. These cannot be disabled. They include session management and security tokens.
• Analytics cookies — Set by Google Analytics to collect anonymous usage data such as page views, session duration, and traffic sources. No personally identifiable information is collected through these cookies.
• Preference cookies — Remember your settings and preferences to improve your experience on return visits.
• Marketing cookies — We may use cookies from advertising platforms (e.g., Google Ads) if we run paid campaigns. These track ad interactions in aggregate.

Managing Cookies

You can control and delete cookies through your browser settings. Most browsers allow you to block or delete cookies. Note that disabling cookies may affect the functionality of some parts of our website.

You can opt out of Google Analytics tracking at any time using the Google Analytics Opt-out Browser Add-on.

Analytics

We use Google Analytics 4 to understand how visitors use our website. This service collects anonymous data including:

• Number of visitors and sessions
• Pages viewed and navigation paths
• Time spent on each page
• Geographic region (country/city level, not precise location)
• Device type, browser, and operating system
• Referral sources (search engines, direct, social media)

All analytics data is aggregated and anonymized. We have enabled IP anonymization in our Google Analytics configuration, meaning full IP addresses are never stored by Google. Analytics data is used to improve our website content, design, and user experience.

We may also use Vercel Analytics for performance monitoring of page load times and Core Web Vitals. This data is aggregated and does not identify individual users.

Third-Party Integrations

Our website and services integrate with the following third-party platforms. Each has its own privacy policy governing their data practices:

Payment Processing — Razorpay

All payments are processed by Razorpay, a PCI-DSS compliant payment gateway. When you make a payment, you are submitting your financial information directly to Razorpay. We receive only a payment confirmation and transaction ID. We never store credit/debit card numbers, CVV codes, or banking credentials. Razorpay Privacy Policy →

Scheduling — Calendly

If you book a consultation via Calendly, your name, email, and selected time slot are collected by Calendly. We use this information to prepare for and conduct the meeting. Calendly Privacy Policy →

Messaging — WhatsApp Business

When you contact us via WhatsApp, your messages are processed by Meta (WhatsApp). We store conversation records for project communication purposes and delete them after 24 months or project completion.

Communication — Email (Google Workspace)

Business emails are managed via Google Workspace. All email communications are encrypted in transit. We retain email correspondence for the duration of the client relationship plus 12 months.

Hosting — Vercel

Our website is hosted on Vercel. Server logs, including IP addresses and request data, may be retained by Vercel according to their own data retention policies.

Data Protection

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction:

• All data transmitted to and from our website is encrypted using TLS 1.3 (HTTPS)
• Databases storing personal information are access-controlled with role-based permissions and encrypted at rest
• Payment data is handled exclusively by Razorpay (PCI-DSS Level 1 compliant)
• Employee access to personal data is limited to those who require it to perform their role
• We conduct periodic reviews of our data handling practices and update our security measures in response to emerging threats
• In the event of a data breach that affects your personal information, we will notify affected individuals within 72 hours of becoming aware of the breach

Email Communication Policy

We use email to communicate with you in the following contexts:

• Transactional emails — Responding to contact form submissions, sending project proposals, invoices, payment confirmations, and project updates. These emails cannot be opted out of as they are essential to service delivery.
• Project communication — Ongoing emails related to active projects, deliverable reviews, and client feedback loops.
• Newsletter / Marketing emails — Only sent if you explicitly subscribe via our blog newsletter opt-in. Every marketing email includes a one-click unsubscribe link.

We do not purchase email lists or send unsolicited bulk email. You can opt out of non-essential communications at any time by emailing support@auravonai.comwith the subject line "Unsubscribe" or by clicking the unsubscribe link in any marketing email.

Your Rights

Depending on your location, you may have the following rights regarding your personal data:

• Right to Access — Request a copy of the personal information we hold about you.
• Right to Rectification — Request correction of inaccurate or incomplete personal information.
• Right to Erasure — Request deletion of your personal data, subject to our legal obligations to retain certain records.
• Right to Restriction — Request that we restrict processing of your personal data under certain circumstances.
• Right to Data Portability — Request your data in a structured, machine-readable format.
• Right to Object — Object to the processing of your personal data for direct marketing purposes at any time.
• Right to Withdraw Consent — Where processing is based on your consent, you may withdraw that consent at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at support@auravonai.com. We will respond to your request within 30 days. In some cases, we may need to verify your identity before processing your request.

Security Measures

We maintain industry-standard security practices to protect your information:

• HTTPS encryption enforced across all pages and API endpoints
• Regular security audits and vulnerability assessments
• Secure environment variable management — no secrets committed to version control
• Database access restricted by IP whitelisting and strong authentication
• Third-party integrations audited for security compliance
• Regular data backups with encryption at rest
• Employee security training and access controls

Children's Privacy

Our services are intended for businesses and professional individuals aged 18 and over. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected information from a child, please contact us immediately at support@auravonai.com and we will delete such information promptly.

Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last updated" date at the top of this page
• Notify active clients via email at least 14 days before the changes take effect
• Post a notice on our website for significant updates

Your continued use of our website or services after any changes constitutes acceptance of the updated Privacy Policy. We encourage you to review this page periodically.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us through any of the following channels:

We aim to respond to all privacy-related inquiries within 5 business days.