PRIVACY POLICY

Aura Dijital Hizmetler Anonim Şirketi incorporated and registered in Turkey and whose head office is located at Gülbahçe Mahallesi, Gülbahçe Caddesi İYTE Sitesi Teknopark İzmir A9 Binası No:1/44/41 Urla İzmir/Türkiye (“we”, “our’’, “us’’ or “AURA”) provides the Aura mobile app to users (“you”).


While providing our services, we recognize the importance of your privacy and carry out our activities in line with the applicable data protection regulations including the EU General Data Protection Regulation (“GDPR”) and other related laws.


This Privacy Policy aims to specify how we collect, use and disclose your personal data to provide you with the best level of our service. By using our services, you understand and agree our privacy policy. This means we use your content, preferences and personal information you make available through the Service, consistent with the terms and conditions of this privacy policy and our terms and conditions applies to all users, and others who access to our services.


Last Update: August 5, 2020



1. Personal Data We Collect

We collect and process your personal data such as:


• Identity information including your name, username, date of birth, nationality;

• Contact information including your phone number, e-mail address;

• Geolocation information including mobile device location;

• Online identifiers including Identifier for Vendors (IDFV), Identifier for Advertisers (IDFA) and IP address;

• Visual information including your photos and videos;

• Characteristic information including age, gender identity, sexual orientation, zodiac sign, national origin, personal expectation from Aura, preference of age range, distance preference, height, weight, body type, hobbies, whether you have a pet, whether you want a child, usage of alcohol or cigarettes, marriage information;

• Professional or employment-related information, including education and job;

• Commercial information including profile ID, your purchase history, payment details, subscription ID, transaction ID, subscription start and end date, receipt of subscription, version of AURA that you use;

• Marketing information including your push notification device token, information about campaign (advertisement, Instagram phenomenon etc.) that you reach the Aura app, the ads you see in the Aura app;

• Internet or network activity information including language preference, how much time you have spent and your last active time in the AURA, your likes and dislikes, accounts that you check, page transitions, content you viewed, buttons you clicked, your popularity score;

• Photos from your social media accounts through which you connect to your account;

• Photo that facial recognition programs used in the app can read which is considered as a biometric data;

• Other sensitive personal data that you add into your account such as religious belief and political opinion.


We highly recommend you to be careful about posting sensitive details about yourself on your profile. Where you do upload and choose to tell us sensitive personal data about yourself, you are explicitly consenting to our processing of your information and making this public to other users.



2. Collection Methods of Your Personal Data

We collect your personal data in several ways, including:


• directly from you via e-mail, telephone, mobile application or website;

• from social media logins that allows user to share some information from his/her social media account;

• from our own records of how you use AURA services;

• from other partners since Aura ads published on our partners’ websites and other platforms (in order to obtain details to evaluate campaign’s success);

• from other users as they may run contests, special offers or other events or activities on the service and data may be collected in this regard;

• from the third party analyses tools we use to information sent by your device or our service, including the web pages you visit, add-ons, and other information that assists us in improving the service.



3. Use of Your Personal Data

We may use your personal data to:


• provide you with a better and more personalized level of service;

• review your requests, suggestions and complaints regarding our service;

• fulfil contractual obligations to you and anyone involved in the process;

• confirm whether you are verified user;

• track and analyse mobile app usage;

• show you ads that are more tailored to your interests;

• identify and resolve errors, problems or bugs in our products and services;

• comply with our legal and regulatory requirements, respond to requests from public and government authorities, including authorities outside your country of residence and to meet national security or law enforcement requirements;

• detect prevent and fight fraud and other illegal, criminal activities;

• resolve disputes between you and other users;

• create analytical reports on the number of text and media messaging between users;

• send you marketing communications and promotional offers (including push notifications).



4. Marketing

We may also occasionally communicate news, updates, promotions and information relating to our products and services. We may also administer a contest, promotion, survey or another site feature as further explained on the Application. We shall only do this where you have given us your consent or otherwise where we are permitted to do so under the data protection laws in pursuit of our legitimate interests (that is, promoting our Services).


We may share personal data with third parties to help us with our marketing and promotional projects or sending marketing communications.


If you want to opt out of receiving promotional and marketing emails, text messages, posts and other forms of communication from us (or our promotional partners), which you might receive in accordance with this section, you can choose one of the following ways:


• Click “unsubscribe” at the bottom of an email we sent you; or

• Contact us at support@auraapp.com and request to opt out.


If you do opt out of receiving promotional and marketing messages, we can still contact you regarding our business relationship with you, such as account status and activity updates, survey requests in respect of products and services we have provided to you after you have opted out, reservation confirmations or respond to your inquiries or complaints, and similar communications.



5. Legal Basis for Processing of Your Personal Data

We collect and process your personal data on the following bases which are stated in Article 6(1) of the GDPR:


• You have given consent to the processing of your personal data for one or more specific purposes,

• Processing is necessary for the performance of our contract,

• Processing is necessary for compliance with a legal obligation to which we are subject,

• Processing is necessary for the purposes of our legitimate interests pursued by the controller or by a third party, provided always that such interests are not overridden by your interests or fundamental rights and freedoms which require protection of personal data.


We collect and process your special categories of personal data on the following bases which are stated in Article 9(2) of the GDPR:


• You have explicitly given us your consent to process your personal data,

• Processing relates to personal data which are manifestly made public by you,

• Processing is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity.



6. Disclosure of Your Personal Data

We disclose your personal data with:


• Our employees, other Aura users, company executives, representatives, suppliers, service providers, business partners and solution partners for the purposes specified in Section 3;

• Government and regulatory authorities and other organizations to comply with our legal and regulatory requirements, or to protect or defend our rights or property in accordance with applicable laws.

• Our advertising partners in order to make targeted advertising.


In case of merger-acquisition and/or any change of ownership, we may be required to disclose your personal data during this process. We may also disclose your data with anonymously for statistical purposes and industry analysis


For the compliance with the GDPR, we ensure that our suppliers and business or solution partners whether they are located outside the EEA or not, takes appropriate technical and organizational security measures in accordance with applicable data protection laws and use it solely for the purposes specified by us.



7. Your Rights

If you are from the European Economic Area or in certain countries, you are also entitled (with some exceptions and restrictions) to:


• Access:You have the right to request information about how we process your personal data and to obtain a copy of that personal data.

• Rectification:You have the right to request the rectification of inaccurate personal data about you and for any incomplete personal information about you to be completed.

• Objection:You have the right to object to the processing of your personal information, which is based on our legitimate interests (as described above).

• Deletion:You can delete your account by using the corresponding functionality directly on the service.

• Automated decision-making:You have the right to object a decision made about you that is based solely on automated processing if that decision produces legal or similarly significant effects concerning you.

• Restriction:You have the right to ask us to restrict our processing of your personal data, so that we no longer process that personal data until the restriction is lifted.

• Portability:You have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format and to have that personal data transmitted to another organization in certain circumstances.

• Complaint:You have a right to lodge a complaint with the authorized data protection authority if you have concerns about how we process your personal data. The data protection authority you can lodge a complaint with notably may be that of your habitual residence, where you work or where we are established.


You may, at any time, exercise any of the above rights, by contacting us via support@auraapp.com together with a proof of your identity, i.e. a copy of your ID card, or passport, or any other valid identifying document.


In some cases, we may not be able to give you access to your personal data that we hold, if making such a disclosure would breach our legal obligations to our other customers or if prevented by any applicable law or regulation.



8. Residents of the State of California (USA)

Pursuant to the California Consumer Privacy Act of 2018 (“CCPA”), California residents have certain rights in relation to their personal information, subject to limited exceptions. For personal information collected by us during the preceding 12 months that is not otherwise subject to an exception, California residents have the right to access and delete their personal information.


We will not discriminate against any customer that asserts their rights under the CCPA. We will not: (1) deny you goods or services; (2) charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties; (3) provide you a different level of qualify of goods or services; or (4) suggest that you may receive a different price or rate for goods or services or a different level of quality of goods or services.


If you are a California resident, you have the right to request certain information from us regarding our information-sharing practices with third parties for direct marketing purposes. To the extent that we share your personal information for direct marketing purposes, you may receive the following information: (1) the categories of information and sources of information that we disclosed to third parties for direct marketing purposes during the preceding year; and (2) the names and address information of third parties that received such information, or if the nature of their business cannot be determined from the name, the examples of the products or services marketed.


To the extent that we sell your personal information to third parties, you also have the right to request that we disclose to you: (i) the categories of your personal information that we sold, and (ii) the categories of third parties to whom your personal information was sold. You also have the right to direct us not to sell your personal information.


California residents may also designate an authorized agent to make a request to access or delete on your behalf. Your authorized agent must submit proof that you have provided them with power of attorney pursuant to Probate Code sections 4000 through 4465. We may deny a request from a purported authorized agent who does not provide proof of authorization to act on your behalf.



9. Right to withdraw consent

If you have provided your consent to the collection, processing and transfer of your personal data, you have the right to fully or partly withdraw your consent. To withdraw your consent please follow the opt-out links on any marketing message sent to you or contact us via support@auraapp.com.


Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) to which you originally consented unless there are compelling legitimate grounds for further processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. When the legal basis is legitimate interests, you may object to use of your data.



10. Collection of Children’s Personal Data

Aura mobile application can be used only by users at or above the age of 18. Therefore, we strive to not collect personal data of any children under the age of 18. We do not collect any personal data of anyone under the age 18. If you have any concerns about your child’s privacy with respect to our services, or if you believe that your child may have provided his/her personal data to us, please contact us using the details provided below. We ensure to delete such personal data from our records immediately.



11. Security of Your Personal Data

We take appropriate and reasonable technical and organizational measures to protect your personal data from loss, misuse, unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in the processing and the nature of the personal data. Such technical and organizational measures include:


• Protecting our data servers with state-of-the-art anti-virus programs and similar software.

• Limiting and recording physical access to our premises and facilities.

• Limiting and recording access to our data servers.

• Preparing and organizing corporate policies on access, information security, usage, retention and disposal.



12. Retention of Your Personal Data

We will only retain your personal data for as long as necessary to fulfil our collection purposes, including for the purposes of satisfying any legal, accounting, or reporting requirements, and where required for our company to provide services, until the end of the relevant retention period. Additionally, we must keep personal data as an evidence both to prove our compliance to law and to use in a legal dispute. Furthermore, we will retain personal data in order to prevent banned users that violates our terms of use not to create a new account.


To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Upon expiry of the applicable retention period, we will securely delete, destroy or anonymize your personal data in accordance with applicable laws and regulations.



13. Links to Third Party Sites

Our mobile application includes links to other websites or apps whose privacy practices may differ from those of our companies. If you submit personal information to any of those sites, your information is governed by their Privacy Policies. We encourage you to carefully read the Privacy Policy of any website or app you visit.



14. Changes to our Privacy Policy

We reserve the right to update and change this Policy from time to time in order to reflect any changes to the way in which we process your personal data or changing legal requirements. Any changes we may make to our Policy in the future will be posted on this page and, where appropriate, notified to you by e-mail or push notification. Please check back frequently to see any updates or changes to our Policy.



15. Contact us

If you have any questions or concerns about our privacy practices or would like to exercise any of the rights mentioned in this Privacy Policy, please contact us via support@auraapp.com.