AuraVPN Privacy Policy

Last Updated: August 23, 2025

AuraVPN Ltd. ("AuraVPN," "we," "our," or "us") operates the website auravpn.net ("the Site"), the AuraVPN software ("the Software"), and associated services, features, and applications ("the Services"). We are committed to protecting your privacy and ensuring transparency regarding how we handle your information. By using our Services, you agree to the terms of this Privacy Policy. If you do not agree with this Privacy Policy, please discontinue the use of our Services and uninstall the Software where applicable.

What Types of Information Do We Collect?

Our app is a privacy-focused VPN using the WireGuard protocol, collecting minimal user data overall. This policy reflects the current data practices for both our iOS and Android apps.

1. VPN-Related Data

No browsing activity, DNS queries, bandwidth usage, or traffic content is logged or collected. Sessions are handled on-device and ephemerally, with no persistent storage or transmission beyond real-time functionality.

2. Non-VPN Data (Separate from VPN Functionality)

Internally (No Third Parties): Account ID (app user ID for purchase linking) and purchase status (e.g., active/inactive subscription).
RevenueCat (Purchases): Device type/OS, last-seen timestamp, purchase receipts/tokens (e.g., from Apple or Google), app user ID (for integration).
Firebase Analytics (Basic, Opt-In): Device model/OS/app version, session duration, anonymized IP (coarse country), installation ID, crashes, performance metrics.
Google AdMob (Ads): IP address (coarse location), device ID (e.g., IDFA on iOS if enabled via ATT prompt, or Advertising ID on Android if consented), advertising data (ads viewed), user interactions (e.g., app events, video views for ad optimization).

No emails, names, precise locations, or personal identifiers are collected.

3. Website and General Log Data

For the Site, we collect log data such as your IP address, device type, browser type, pages visited, and access times through aggregated analytics.

How Do We Use Your Information?

Internal: Manage subscriptions (link account ID to purchase status for entitlement checks).
RevenueCat: Subscription validation/entitlements (e.g., unlock features via receipts), fraud prevention. Tied to platform billing (Apple or Google); no marketing.
Firebase: App improvement (e.g., optimize UI/performance via sessions/metrics), debugging (crashes/responses), aggregate insights (e.g., regional engagement). Aggregated only; no profiling.
AdMob: Display ads (e.g., serve relevant banners/interstitials based on interactions/IP), improve ad performance (e.g., measure views/clicks). No use beyond monetization.

We use your information to provide and improve our Services, authenticate user accounts, optimize performance, prevent fraud, process payments, and provide customer support. Analytics data are used in aggregate form to analyze traffic patterns and measure the effectiveness of our Site and marketing efforts.

Data Retention

Data use is consent-based (e.g., ATT for IDFA on iOS; opt-in for Advertising ID on Android; opt-in prompt for analytics/ads; revocable in settings) and retained in accordance with the respective service providers' policies (e.g., Firebase Analytics event-level data is typically retained for 2 months by default or up to 14 months depending on configuration, with user-level data up to 26 months for Google signals but respecting shorter periods; aggregated data may be kept longer; RevenueCat data is retained as necessary for legal obligations, typically up to 6 years or until deletion request; AdMob user activity data is retained for up to 90 days, while ads activity data may be retained for up to 7 years). Note that Firebase, RevenueCat, and AdMob data is not automatically deleted when the app is uninstalled or upon other events like account logout—existing collected data persists on the providers' servers until the retention period expires or explicit deletion is requested, as no custom automatic deletion mechanisms (e.g., TTL policies or scheduled purges) have been configured beyond the providers' defaults. Data can be deleted upon user request via support (e.g., we can process deletions for RevenueCat via dashboard/API; for Firebase/AdMob, we facilitate requests to Google where possible, though some anonymized/aggregated data may remain).

Payments and Subscriptions

Payments for AuraVPN subscriptions are processed through the Apple App Store (In-App Purchases) on iOS and Google Play on Android. We do not collect or store your full payment details.

Information Sharing

We do not sell, rent, or trade your personal information. No selling or disclosure beyond what's necessary, in compliance with platform guidelines (e.g., Apple Guideline 5.4 and Google Play Data Safety). Shared only with processors:

RevenueCat: For purchase validation; stored in US (AWS, encrypted, per DPA).
Google (Firebase/AdMob): For analytics/ad serving; stored in US (encrypted, per Data Processing Terms). AdMob shares with advertisers for bidding/targeting.

No other sharing (e.g., brokers). Legal requests are minimized, and we notify users where possible.

Potential Future Changes

Automatic Software Updates and Upgrades

The AuraVPN Software may be updated automatically at our discretion without requiring any action from you.

Automatic Uploading, Routing, and Caching

In the future, AuraVPN may introduce optimizations that involve network routing between users under a peer-to-peer model.

Data Processing and Storage

Your information may be processed within the European Union (EU) or transferred outside the EU with appropriate safeguards.

Security and Confidentiality

We employ industry-standard security measures including encryption, access controls, and continuous monitoring.

Your Choices and Rights

You have the right to access, update, or request deletion of your data. You can also opt out of marketing emails.

Cookies and Tracking Technologies

AuraVPN uses cookies for website functionality and analytics.

Changes to This Privacy Policy

We may update this Privacy Policy periodically. Continued use of our Services indicates acceptance of any changes.

Contact Us

If you have any privacy-related questions or concerns, contact us at:

Email: contact@auravpn.net

Website: auravpn.net