Privacy Policy
Effective Date: April 28, 2026 Last Updated: April 28, 2026
Aurra is a product of Quantum Edge Solutions LLC ("Aurra," "we," "us," or "our"), a New Jersey limited liability company based in Clifton, NJ. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use the Aurra service available at aurra.us and app.aurra.us (collectively, the "Service").
By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.
1. Information We Collect
1.1 Information You Provide Directly
When you create an account or use the Service, we collect:
- Account information: name, email address, and authentication identifiers from your sign-in provider (Google, etc.) via Clerk, our authentication provider.
- Billing information: when you subscribe to a paid plan, payment is processed by Stripe. We do not store your full credit card numbers; we receive only a customer ID and subscription status from Stripe.
- Content you upload: documents (PDFs, Word files, text files, etc.) that you choose to upload to the Service for memory extraction.
- Communications: messages you send to us via support@aurra.us or other channels.
1.2 Information from Connected Services
When you connect third-party services to the Service (such as Slack or Notion) via OAuth, we receive:
- From Slack: workspace name, workspace ID, channel content from channels where the Aurra bot is invited, user IDs and display names of message authors, and a bot access token.
- From Notion: workspace name, page content from pages you authorize the integration to access, and an access token.
- From other connectors you authorize: similar metadata and content from those services as required to provide memory extraction.
You control which services are connected and can disconnect them at any time from your dashboard.
1.3 Information Automatically Collected
- Usage data: pages viewed, features used, queries made to your memory, API calls, and timestamps.
- Device data: IP address, browser type, operating system, and similar technical identifiers.
- Cookies: we use cookies and similar technologies for authentication and analytics. See Section 7.
2. How We Use Your Information
We use the information we collect to:
- Provide the Service: extract decisions, action items, and context from your connected services and uploaded documents; answer your questions about your company memory using semantic search and large language models.
- Process payments: through Stripe, our payment processor.
- Authenticate users: through Clerk, our authentication provider.
- Improve the Service: analyze usage patterns to fix bugs, improve performance, and develop new features.
- Communicate with you: respond to support requests, send service announcements, and (with your consent) marketing communications.
- Comply with legal obligations: respond to lawful requests from authorities and enforce our Terms.
We do not sell your personal information or your company memory data to third parties.
3. AI Processing and Subprocessors
To provide the Service, we share limited data with the following subprocessors:
| Subprocessor | Purpose | Data Shared |
|---|---|---|
| Anthropic (Claude API) | Generate AI summaries, extract decisions, answer queries | Memory content and your queries |
| OpenAI (Embeddings API) | Generate vector embeddings for semantic search | Memory text |
| Supabase | Database and storage hosting | All Service data |
| Railway | Backend application hosting | All Service data |
| Vercel | Frontend application hosting | Page requests, no memory content |
| Stripe | Payment processing | Email, billing identifiers |
| Clerk | Authentication | Email, name, sign-in identifiers |
We have data processing agreements with these subprocessors and they are contractually required to protect your data. We do not permit them to use your data for their own model training or marketing purposes.
4. How We Share Information
We share information only as described below:
- With your consent: when you direct us to share data with a connected service or third party.
- Within your organization: if you are part of a workspace, decisions and memories captured may be visible to other authorized members of that workspace as configured by the workspace owner.
- With subprocessors: as listed in Section 3, solely to provide the Service.
- For legal reasons: to comply with a subpoena, court order, or other legal obligation; to protect our rights, property, or safety; or to investigate fraud or security incidents.
- In a business transfer: if Quantum Edge Solutions LLC is acquired, merged, or sells substantially all of its assets, your information may be transferred as part of that transaction. We will notify you before your data becomes subject to a different privacy policy.
5. Data Retention
- Account and memory data: retained for as long as your account is active.
- After account deletion: we delete your memories, uploaded documents, and connector tokens within 30 days of account deletion. Backups may be retained for up to 90 days before being purged.
- Billing records: retained for 7 years to comply with tax and accounting obligations.
- Aggregated, anonymized usage data: may be retained indefinitely.
To delete your account, email support@aurra.us.
6. Your Rights
Depending on your location, you may have the following rights regarding your personal information:
- Access: request a copy of the personal information we hold about you.
- Correction: request that we correct inaccurate information.
- Deletion: request that we delete your personal information.
- Portability: request a copy of your data in a portable format.
- Objection / restriction: object to or restrict certain processing.
- Withdraw consent: withdraw consent at any time where we rely on consent for processing.
To exercise any of these rights, email support@aurra.us. We will respond within 30 days.
For California residents (CCPA/CPRA): you have the right to know, delete, correct, and opt out of "sale" or "sharing" of personal information. We do not sell or share personal information as those terms are defined under California law.
For EEA, UK, and Swiss residents (GDPR): our legal bases for processing are (a) performance of our contract with you, (b) compliance with legal obligations, (c) our legitimate interests in operating and improving the Service, and (d) your consent where required.
7. Cookies
We use the following types of cookies:
- Strictly necessary: required for authentication and security (set by Clerk).
- Functional: remember your preferences and settings.
- Analytics: help us understand how the Service is used (aggregated only).
You can control cookies through your browser settings. Disabling strictly necessary cookies will prevent you from using the Service.
8. Security
We implement reasonable technical and organizational measures to protect your information, including:
- HTTPS/TLS encryption for all data in transit.
- Encryption at rest for databases and backups.
- Access controls and audit logging on production systems.
- Rate limiting and security headers on all API responses.
- Regular review of subprocessor security postures.
No method of transmission or storage is 100% secure. We cannot guarantee absolute security, but we will notify affected users in accordance with applicable law if a security breach affecting their data occurs.
9. Children's Privacy
The Service is not intended for individuals under 16. We do not knowingly collect personal information from children. If you believe we have collected information from a child, contact support@aurra.us and we will delete it.
10. International Data Transfers
The Service is hosted in the United States. If you access the Service from outside the U.S., your information will be transferred to and processed in the U.S. By using the Service, you consent to this transfer. For transfers from the EEA, UK, or Switzerland, we rely on Standard Contractual Clauses or equivalent safeguards.
11. Third-Party Services
The Service integrates with third-party services such as Slack, Notion, Google, Stripe, and Anthropic. Their handling of your data is governed by their own privacy policies. We encourage you to review them.
12. Changes to This Policy
We may update this Privacy Policy from time to time. We will post the updated policy on this page and update the "Last Updated" date. Material changes will be communicated via email or in-app notice.
13. Contact Us
For questions about this Privacy Policy or our privacy practices, contact:
Quantum Edge Solutions LLC (d/b/a Aurra) Email: support@aurra.us Location: Clifton, New Jersey, USA