Last updated: May 2026 · GDPR & DSG compliant
Aurora is committed to protecting your privacy. We collect only what is necessary, store it securely in Europe, and never sell your data.
We collect minimal data necessary to provide the Aurora service:
• Account data: Email address, name, OAuth provider ID (when using GitHub/Google login)
• Subscription data: Plan tier, billing status, token usage counters
• Usage metadata: Number of requests per type (chat, agent, autocomplete) — NOT the content of your conversations
• BYOK keys: Encrypted API keys if you choose to store them with us
We do NOT store the content of your AI conversations on our servers.
• All data is transmitted over HTTPS/TLS 1.3
• Passwords are hashed using bcrypt (never stored in plain text)
• BYOK API keys are encrypted at rest using AES-256
• Our infrastructure is hosted in the EU (GDPR/DSGVO compliant) and Switzerland (DSG compliant)
• Database access is restricted to production services only
• Supabase: Authentication and database (EU region)
• Stripe: Payment processing (we never store card details)
• LiteLLM: AI model routing proxy (self-hosted on our servers)
• We do NOT use Google Analytics, Facebook Pixel, or similar tracking tools
You have the right to:
• Access all personal data we hold about you
• Delete your account and all associated data
• Export your data in JSON format
• Withdraw consent at any time
To exercise these rights, email us at: privacy@aurorahelix.com
Questions about privacy? privacy@aurorahelix.com