Introduction
AuraNote ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Chrome extension and related services.
Information We Collect
Personal Information
- Email Address: Used for authentication and account verification
- Device Information: Browser type, operating system, and device identifiers for multi-device sync
- Usage Data: Feature usage patterns and interaction logs to improve the extension
Content Data
- Notes: All text content, formatting, and metadata you create within the extension
- Timestamps: Creation and modification dates for your notes
- Sync Status: Information about whether notes have been synced to the cloud
Automatically Collected Information
- Authentication Tokens: JWT tokens for secure session management
- IP Address: Collected during API requests for security purposes
- Browser Storage Data: Local Chrome storage for offline functionality
How We Use Your Information
Primary Functions
- Authentication: Verify your identity and manage your account access
- Data Synchronization: Sync your notes across multiple devices
- Note Sharing: Enable secure sharing of notes via links and QR codes
- Offline Access: Store notes locally for offline use
Service Improvement
- Bug Detection: Identify and fix technical issues
- Feature Development: Analyze usage patterns to improve existing features and develop new ones
- Performance Optimization: Monitor and enhance application performance
Communications
- Verification Codes: Send email verification codes for authentication
- Service Updates: Notify you about important changes to the service
- Support: Respond to your inquiries and provide customer support
Data Storage and Security
Storage Locations
- Local Storage: Chrome browser storage for offline notes and cache
- Cloud Storage: SQLite database hosted on our secure servers (Render.com)
- Geographic Location: Primary servers located in the United States
Security Measures
- Encryption: All data transmitted between your browser and our servers is encrypted using HTTPS/TLS
- Authentication: Secure JWT-based authentication system
- Access Control: Role-based access controls to limit data access
- Session Management: 24-hour access tokens with 60-day refresh tokens
- Regular Backups: Automated backups to prevent data loss
Third-Party Services
We use the following third-party services:
Mailjet
- Purpose: Email delivery service for verification codes
- Data Shared: Email addresses
- Privacy Policy: https://www.mailjet.com/privacy-policy/
Nebius AI
- Purpose: AI-powered content processing and enhancement using open-source large language models
- Model: Qwen2.5-72B-Instruct (open-source model)
- Data Shared: Note content (only when you use AI features)
- Privacy Policy: https://nebius.com/privacy-policy
Render.com
- Purpose: Cloud hosting infrastructure
- Data Shared: All application data
- Privacy Policy: https://render.com/privacy
Data Sharing and Disclosure
We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:
With Your Consent
- When you explicitly share notes via public links
- When you grant permission for specific integrations
Legal Requirements
- To comply with applicable laws, regulations, or legal processes
- To respond to lawful requests from public authorities
- To protect our rights, privacy, safety, or property
Content Moderation and Safety
Shared notes are public by design. We do not pre‑screen all content, but we may review and remove public/shared content reported by users or required by law. We may preserve content and related logs for a limited time to investigate abuse, handle appeals, and comply with legal obligations. We will report child sexual abuse material (CSAM) to the appropriate authorities.
Service Providers
- With third-party service providers who assist in operating our service (as listed above)
- These providers are contractually obligated to protect your data
Your Rights and Choices
Access and Control
- View Data: Access all your notes and account information within the extension
- Export Data: Download your notes in standard formats
- Delete Data: Remove individual notes or your entire account
- Opt-Out: Disable cloud sync to keep notes local-only
Account Management
- Logout: Sign out from any device at any time
- Account Deletion: Permanently delete your account and all associated data
- Email support@auranote.xyz to request account deletion
- Data will be deleted from active systems within 30 days and from backups within 90 days, subject to preservation required by law (e.g., valid legal requests)
Communication Preferences
- You can manage email notifications in the extension settings
- You cannot opt out of essential service emails (e.g., verification codes)
Data Retention
- Active Accounts: We retain your data as long as your account is active
- Inactive Accounts: Accounts inactive for 365 days may be archived or deleted
- Deleted Data: Permanently deleted within 30 days of deletion request
- Backups: May persist in encrypted backups for up to 90 days
Children's Privacy
AuraNote is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If we discover that we have collected information from a child under 13, we will delete it immediately.
International Data Transfers
Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws different from your jurisdiction. We ensure appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.
Cookies and Tracking
AuraNote does not use cookies for tracking purposes. We use:
- Local Storage: For saving your preferences and offline data
- Session Storage: For temporary authentication state
- No Third-Party Tracking: We do not use analytics or advertising cookies
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any changes by:
- Updating the "Last Updated" date at the top of this policy
- Displaying a notice within the extension
- Sending an email notification for significant changes
Your continued use of AuraNote after changes constitutes acceptance of the updated policy.
Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
- Email: support@auranote.xyz
- Website: https://www.auranote.xyz
- Response Time: We aim to respond within 48 hours
Compliance
AuraNote complies with:
- GDPR (General Data Protection Regulation) for European users
- CCPA (California Consumer Privacy Act) for California users
- Chrome Web Store Developer Program Policies
- Google API Services User Data Policy
Data Security Limitations
While we implement industry-standard security measures, no system is entirely secure. We cannot guarantee:
- Absolute protection against all security breaches or cyberattacks
- Prevention of unauthorized access despite our security efforts
- Protection of data transmitted through third-party networks beyond our control
- Recovery of data in the event of catastrophic system failure
You acknowledge these risks when using AuraNote. We recommend maintaining personal backups of sensitive data.
Third-Party Service Dependencies
Our service depends on third-party providers (Mailjet, Nebius AI, Render.com). We are not liable for:
- Service interruptions or data loss caused by third parties
- Third-party privacy policy changes
- Data breaches occurring at third-party services
- Unavailability of third-party services affecting our functionality
Your Consent
By using AuraNote, you consent to this Privacy Policy and agree to its terms. You acknowledge the security limitations and risks associated with cloud storage and internet services.